This guide originally appeared on SearchSMB.com. For more IT articles and tips specific to small and midsized businesses, visit SearchSMB.com.
Determining the right VPN solution can be a daunting task for a small or midsize company. For the SMB, VPNs usually serve as remote-access tool rather than a wide area network (WAN) that connects multiple remote facilities. WAN VPNs tend to be used for large scale projects.
Here are five questions to ask before you go procure and implement a VPN for your small or midsize business:
- Do you really need a VPN? This seems like a pretty simple question, but you would be amazed at how many companies do not ask this up front. VPNs provide remote access so that employees can access corporate network assets from remote locations. You will need a VPN if you have a centralized computing environment (such as a sales database) that cannot be adequately stored, updated and modified on host PC or laptop from remote locations. However, in many cases, the remote access is rationalized by non-business reasons such as the desire to work from a home office. This is not a true business requirement and should be considered when evaluating the total cost of ownership for each option.
- How many remote resources require VPN access? You need to have an understanding of the number of resources requiring remote access as the products and services available in the market generally scale to the number of supported users. Be sure to add growth factors so that you do not outgrow the VPN eventually chosen. A good rule of thumb is to assume 10%-15% annual growth over a 4-year period. I recommend you refresh after four years. Product life cycles are shrinking dramatically, and the VPN you choose may be end-of-life (EOL) in three to four years anyway.
- How will the remote users access the VPN? Will the users utilize their personal computers? Will the company provide laptops? These are questions that must be answered and taken into consideration when evaluating total costs. Some things to consider: If you allow the end users to use their personal computers from home, there is an undeniable risk that viruses and worms can be introduced into your environment. Home computers are notorious for picking up viruses, because they are used by people who may or may not understand the risk of opening or downloading infected data. If you allow users to use their home computers, consider some form of virus or worm protection that can be loaded. If your employees are using company-supplied laptops, ensure they have virus and worm protection as well. If you are moving toward a remote computing environment, the end client security is very critical, as a worm can destroy a network.
- Is sensitive data being passed over the VPN? This is another very critical question that must be answered before moving forward. If the information is critical as well as sensitive, then you will require a VPN solution that encrypts the traffic. Most VPN offerings have some form of tunneling, but the real question is, how robust are the authentication and encryption capabilities for the out-of-the box tools? How much time and resources are required to support a do-it-yourself VPN solution that requires encryption? Always remember that no matter what the vendor is touting, these are not plug and forget solutions.
- What are the available alternatives? Without going into a tremendous amount of detail, there are two main categories that you will want to look at. The first is a hosted VPN solution and the second is a do it yourself VPN. The questions above will help you define the initial requirements that can be used to evaluate the alternatives in each of the solution buckets. If you do not have a staff to design, install and maintain a product-based solution, look at the hosted VPN solutions. Be sure to map function vs. function, and when comparing monthly or annual costs, be sure to include the resources required to manage your own.
Robert Harrell is the National Director, Advanced Infrastructure Practice, SBC Premier Serv Consulting Services provided by Callisma, Inc.