We're witnessing a transition toward software-based networking across almost every aspect of IT. Without repeating any holy grail marketing statements about software-defined WAN, we do have to discuss the future of VPN services and how software is driving change both now and in the future.
IT teams are challenged to deliver flexible mobile access in a constantly secure way via VPN technology, and they demand less complexity versus the last 10 years. So, what will the average VPN look like in 10 or 20 years?
The power of devices is growing exponentially. Phones, for example, are essentially capable PCs. With on-demand performance, users can connect to almost any resource as if they're at their office desk. Applications are becoming more granular and diverse with their ability to source an incredible amount of data on a global basis. The nature of today's flexible cloud dictates the need for equally flexible VPN technology.
The average VPN has been supercharged with software-defined WAN (SD-WAN) features -- the software security field offers sophisticated network intelligence with granular reporting, for example. In networking, we need to provide fast access to public-based resources, while also ensuring inherent security. The key is to balance user needs with security.
The use of public and private hybrid clouds continues to act as the mainstay of network design. Many SD-WAN providers talk about the demise of MPLS, but the majority of enterprises recognize the need to use private-based WAN capabilities as the core of any design. Any access to the corporate network is a balance between security and accessing the services required for employee productivity.
Developments driving the future of VPN
While it's a challenge to predict the future of VPN connectivity, it's not too difficult to guess some changes. The software stack will become more sophisticated behind the scenes, while GUIs will help simplify and enable businesses to drag and drop services -- making it easier to use cellular connectivity or to ramp up fixed bandwidth by ordering Ethernet VPN connectivity from service providers, for example.
Connectivity, as it is now, will become more of a commodity, as IT becomes less concerned with routing and command-line setup in favor of virtualized networking as a service -- using the previously mentioned GUIs. The VPN will become an expected option, with IT teams simply selecting the required level of security.
The challenge will be to keep everything secure. While SD-WAN services will -- and do -- offer out-of-the-box security, enterprises will still need to deliver services to users securely. It's important to consider every threat and vulnerability, which means suppliers need to add the issue of IT expertise into the usability conversation. Perhaps the best analogy is a drag-and-drop toolbox where almost any tool can be used when needed. The simple fact remains that an engineer is still required to ensure the correct tool is being used for the job at hand.
This out-of-the-box security with SD-WAN across the internet will suffice for SMBs that don't have complex user applications. But enterprises with larger, more complex requirements will still need private VPN options. SD-WAN is creating new capabilities for the public cloud world, but software technology is also applicable to private networking, like MPLS. This means VPN architecture can use both public and private VPNs, which results in a hybrid design. In current technology product portfolios, cellular and broadband are available as products that connect into a private infrastructure, not just the internet.
The future of VPN services will likely follow the SD-WAN path we see now -- but perhaps with even more virtualization. If we consider the promise of software networking, the architectural intent is to deploy simple edge devices that pull their intelligence from the cloud. As such, we need to focus more on security and cloud as the keys to unlocking user freedom, instead of focusing on networking as the lead product. While connectivity will become more commoditized, the need remains to ensure VPN traffic is routed end to end with the best possible latency and bandwidth -- but it might be less of a concern.
A final prediction about the future of VPNs
One personal prediction regarding the future of VPNs is the likelihood that VPN capabilities will be decoupled from hardware -- a trend we see throughout the networking world today. As end users become more mobile and as applications run on public cloud infrastructures, networking and security services will be delivered via software that isn't fixed to a particular networking device. This is more of a move to an application- and software-driven world, and we're seeing that shift occur with software-based networking.
The original promise of software networking is intelligence essentially within the cloud, as a management server. One school of thought predicts hardware routing, switching and other pass-through devices will disappear completely. Rather than a device connecting through VPN hardware or a virtualized instance, the software on the device will connect directly to the internet.
This is happening today in some cases. People often don't need to ask for Wi-Fi passwords, for example, because cellular connectivity performs adequately. With wireless reaching every area of networking, it isn't difficult to imagine a world where the hardware router simply doesn't exist, because physical connections to a network aren't required.
One of the unknowns is how using wireless across every area of networking will affect security. With the world producing more sophisticated cyberattacks and the growth of internet-enabled everything, it's certainly difficult to predict whether we can maintain the balance of security versus risk.
See how SD-WAN and VPN technologies compare
Learn how to decide between SD-WAN, IPsec tunnels and DMVPNs
Explore how quality of service differs with SD-WAN and MPLS