Problem solve Get help with specific problems with your technologies, process and projects.

Virtual private network decisions

Robbie Harrell provides an overview of the VPN technology options in the market today.

The decision to move towards a virtual private network (VPN) can be dictated by many factors. However, in today's remote access environment and the quest for mobility, it only makes sense to understand the types of VPN offerings and products that are in the marketplace. There are many, many different VPN options available today. Determining which is right for your organization can be a daunting task at best.

This article is targeted at the small to medium business market segment and will provide an overview of the VPN technology options in the market today.

IPsec VPNs

IPsec VPNs have been around for quite some time. The basic premise of an IPsec VPN is that the user traffic is tunneled and encrypted from the client end (end user) to a VPN gateway or concentrator that is located at a hub computing site. IPsec VPNs provide security and privacy for transporting sensitive data. A key benefit of IPsec is that it is a "bring-your-own-Internet" solution. In other words, if the end user has Internet access and the VPN concentrator has been designed and deployed with an interface that is reachable from the Internet, the end user can set up a VPN session from anywhere that has Internet access.

The downfall of an IPsec VPN is that it creates the need for a fat client: It requires the installation of a VPN client on the end-user PC or laptop and the managing of security certificates or secure ID keys (rotating keys that are entered to authenticate). However, IPsec VPNs have proven robust and viable for a long time and there are many vendors that support them.

Secure Socket Layer (SSL) VPNs

SSL VPNs are gathering steam within the industry because they offer the next generation of VPN technology utilizing something everyone is familiar with: Web browsers. SSL client capabilities are built into most standard Web browsers. There are some pitfalls with SSL VPNs. Some applications do not work over SSL and the encryption and authentication is not as strong as IPsec.

More on this topic

Step-by-Step Guide: How to set up a VPN

Crash Course: VPNs

Crash Course: SSL VPNs

More VPN tips

Each of these solutions is proven in the market; however, an analysis of the application support, costs, client requirements and management and maintenance factors of the different solutions should be considered. In addition, companies such as Positive Networks offer hosted VPN services. A hosted VPN service may be the right answer for your organization as it removes all of the headaches associated with managing and maintaining a VPN.

Other vendors to consider are as follows: ActiveLane, Avaya, Check Point Software running on Nokia's hardware, Cisco, Cylink, Imperito Networks, NetScreen/Juniper Networks, Secure Computing, SonicWall and Symantec. Each of these vendors offers either SSL or IPsec solutions or both.

The type of VPN solution chosen should depend upon your actual requirements, but the main requirement should be ease of use and administration. For the SMB market, focus should be on driving revenue, not maintaining IT infrastructure.

This was last published in August 2005

Dig Deeper on WAN technologies and services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.