Laurent - stock.adobe.com
Traditional client VPNs are growing long in the tooth. They are cumbersome to set up and manage and often create data flow inefficiencies. Because of this, many believe client VPNs will soon be a thing of the past. But, despite obvious flaws, client VPN technologies remain highly relevant. That's why client VPNs will more likely evolve rather than disappear.
The purpose of a VPN is to pipe data through an encrypted tunnel that connects trusted devices across one or more untrusted networks. The tunnel prevents the data from being read or tampered with.
Despite the shift from fat client VPN applications to Secure Sockets Layer (SSL) thin clients, administrators and end users must perform multiple manual steps for proper operation. This includes software installs, configurations and operating the software to bring the tunnel up and down as needed.
Additionally, the overall VPN architecture hasn't changed to meet the emerging trends of public cloud use and mobile workforces. Instead, most client VPNs still terminate at the corporate internet edge, despite the distinct possibility that a large chunk of data and apps now reside in the public cloud. Thus, having to backhaul all data to a corporate office only to hairpin and go back out to the internet to access public cloud resources can produce added network latency and traffic bottlenecks.
For these reasons, many technology pundits are pronouncing the eventual end of client VPN technologies. Yet, client VPN is still necessary for legitimate reasons, and a few architectural changes could eliminate most of the problems found in traditional architectures.
Still relevant, but innovation needed
Client VPN technologies are still important because most businesses have taken a hybrid cloud approach. While more data and apps are moving into a public cloud, many critical services remain on premises. Additionally, many legacy apps still require a fat client as opposed to a web-based interface.
The concept of using application-based SSL certificates cannot be used in all situations. Thus, the need for a client-based VPN architecture still remains today -- and will likely remain well into the future.
That logically brings us to what must happen with today's client VPN products to make them more user-friendly and flexible from a hybrid cloud architecture perspective. For one, as automation and AI creep into business apps and services, the same will happen with client VPN technologies.
The VPN software will be able to monitor what apps and services the user is accessing. If a remote resource is needed that requires a client VPN tunnel to be established, the AI automatically builds it in the background -- completely transparent from an end-user perspective.
Consider new advancements and architectures
Legacy client VPNs will also likely be rearchitected in the future to better handle data flows within hybrid cloud environments. This means that VPN head-ends will be dispersed across both private and public clouds.
Again, AI will likely play a role in determining the optimal path to a specific file, application or service. Based on this intelligence, the tunnel will automatically be built between the client and VPN head-end that will deliver the service to the client with the lowest latency possible.
While client VPNs haven't exactly kept up with major shifts in enterprise technologies, I wouldn't fully count them out. The likely reason the technology has fallen behind is today's client VPNs technically function. So, many IT organizations continue using them despite their obvious flaws.
That said, there will come a time when the poor end-user experience, management headaches and data flow inefficiencies will become too much to handle. At that point, new advancements and architectures will be considered.