Problem solve Get help with specific problems with your technologies, process and projects.

Preparing for a disaster: When remote employees overload your VPN

What happens if your VPN is overloaded with remote employees? Use this tip on preparing for a disaster to keep your workers connected to your network.

Companies that support a work-from-home policy may be figuring on a nominal number of employees taking advantage of that option (perhaps 10 to 20% of the employee population). Their wide area network's (WAN) remote access resources are usually configured to provide sufficient bandwidth and network licenses to support such a situation.

Preparing for a disaster

Back in 2009 when the swine flu outbreak posed a threat to employee health, IT and network managers suddenly found themselves facing the potential threat of a dramatic increase in employees wanting to work from home. Given that their remote network infrastructures were designed to support a specific number of users, network managers had to sharpen their pencils and devise ways to handle a sudden burst of remote employee access requests.

Recognizing this concern, in 2009 Cisco conducted a survey, "Securing the Mobile Workforce," to learn how many businesses could permit all their employees to work remotely in the event of a natural disaster, pandemic or weather-related cause. They discovered that three out of four firms could not handle a sudden expansion of remote access to all employees. This is surprising, considering 71% of the survey respondents cited improved employee productivity and better work/life balance as the primary reasons for employee remote access. Further, 62% said that their current remote access solutions had resulted in increased employee productivity; 57% saw an increase in employee satisfaction; and 42% realized a reduction in overhead costs.

What happens when VPN demand is too much

While remote access is certainly an important business continuity (BC) strategy, the technical implications of a surge in remote access usage can be significant. While the technology to support remote access, usually virtual private networks (VPNs), is well established, several factors must be evaluated in an out-of-normal situation. The first is the availability of bandwidth to support the simultaneous usage of network resources by dozens and maybe hundreds of users. The second is the availability of licenses and network ports to handle the additional users. Both will take time to deploy, and in an emergency there may not be enough time. The results? Now-remote employees waiting for access may experience declines in productivity; this could spell disaster for the company.

How to support a surge of remote workers during a disaster

What options are available to address this situation? First, ask your network service providers what options they have available to handle surges of network access requests. Next, ask your network equipment suppliers what options they have available to provide an emergency supply of network licenses and ports. Also, ask the same vendors what options they have for you to quickly acquire (e.g., within 24 hours) the additional hardware and software to handle a surge. Incorporate the responses from your carriers and equipment vendors into your existing service-level agreements (SLAs) as part of your disaster recovery (DR) activities. Investigate similar offerings from other carriers and equipment vendors. It may be appropriate to contract with a second carrier, as well as alternate equipment sources. Contact major DR service firms, such as SunGard Availability Services and IBM Business Continuity and Resilience Services, to investigate their offerings.

More on preparing for a disaster

IPsec vs. SSL in planning for failover VPN continuity

Practice makes perfect in disaster planning

Podcast: Steps for your disaster recovery plan

Another option to consider is managed network service firms that provide remote access resources. Users with an emergency surge can connect to their corporate networks via secure VPNs the third party manages. One such example is PositivePRO, from ANXeBusiness Corp., a managed service for secure remote access by remote and mobile employees.Users download PositivePRO Connector software onto any server or PC/laptop. This accesses a VPN tunnel that connects to an ANX point-of-presence (POP), which then securely connects to the company's network infrastructure. This is an example of yet another way cloud technology can provide disaster recovery and business continuity support.

Meeting VPN demands

If you're concerned about the possibility of a surge in demand for remote network access, especially from DR and BC continuity perspectives, the time to start planning is now. Several options are available, as we have discussed. Examine the alternatives, compare pricing and availability, evaluate what changes your existing WAN infrastructure may need, and perhaps consider a hybrid arrangement (e.g., added infrastructure plus a cloud-based backup for heavy surges). Be sure to update your DR and BC plans accordingly, and include remote access in your DR test programs.

This was last published in January 2013

Dig Deeper on Network Infrastructure

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.