News Overview
Tech Briefs
   
 

As the fastest growing provider of IT services in the greater Boston area, Thrive is constantly looking for talented and motivated people to join our staff.

Interested in a career at Thrive?

 

Sign up below to receive Thrive's Tech Brief - a monthly white paper detailing small business technology issues.

Email Address:


 

 

 

 

 
 
   

January 2008

The increased number of users working on the road or from home offices has made the Virtual Private Network (VPN) a standard component of many organizations’ IT infrastructure. As the demand placed on VPNs has grown though, many companies have found their current solutions to be cumbersome and costly to manage. A new easy to use and manage VPN option, SSL VPN, has emerged and looks to be a promising alternative. In this month’s Tech Brief we’ll discuss what VPNs are, the different types available, and how SSL VPNs could change how you connect remotely to your network.

What is a VPN?

VPN is a private network that uses a public telecommunications infrastructure (usually the Internet) to provide remote users or offices with secure access to their organization’s network. In the past if a company wanted to allow remote access to their network they would have had to own or lease a dedicated line; which for many organizations was cost prohibitive. A VPN allowed companies to enjoy the same capabilities of a dedicated line, but at a much lower cost.

VPNs work by using protocols to encrypt data at the sending end and decrypt it at the receiving end. They in essence create a “tunnel” that cannot be accessed by outside data that is not properly encrypted.

What Are the Different Types of VPNs?

VPNs are typically split into two categories: site to site VPNs (such as those between two or more offices), and client to site VPNs (such as those between a desktop client and central office location). Each category of VPN can be further broken down by the protocols they use to govern the connection, communication, and transfer of data. The two most popular types of these protocols are IPSec and SSL.

IPSec VPN
The majority of VPNs in use now are based around Internet Protocol Security (IPSec) protocols.  IPSec VPNs work by creating a connection between a client software application installed on a workstation or server, and a VPN gateway at a central office.
In order for a remote user or office to access the VPN, they need to have the client software application installed. This creates both pros and cons.

The benefit is an additional layer of security. The remote machine must be running the correct VPN client software, and it must be properly configured. The negatives are that it can be a financial burden to maintain software licenses, and it creates a strain on technical support staff who must manually install, configure, and maintain the client software on all remote machines.

SSL VPN
The emerging trend in remote access has been Secure Socket Layer (SSL) VPNs. As opposed to an IPSec VPN which requires a unique client software application to be installed on the remote machine, SSL VPNs allow you to securely connect to the central network by using a standard web browser such as Internet Explorer or Firefox. You’re probably already familiar with SSL connections in web browsers. For instance, if you’re making an online purchase you may notice a key icon appear in your browser or the website URL change to begin with “https”. This means that you’re using SSL encryption to secure your transaction.

Like IPSec, there are pros and cons associated with SSL VPNs. The most obvious pro is that a user can connect to an SSL VPN from any computer that has a web browser with SSL capabilities built in (which all the most popular and current browsers do). This freedom from having to use machines with client software also creates cost savings in the form of reduced licensing fees and strain on IT staff. Other benefits of SSL VPNs include more granular access control for administrators, no Network Address Translation (NAT) issues, and less restrictive firewall rules which allows for greater user access.

A con of SSL VPNs though is that since you are accessing your organization’s network through a web browser you’ll only really have access to web-based applications. It is possible though to make non-web-based applications (such as email) web-enabled so that they can be accessed through an SSL VPNs, but doing so can add to the complexity of the solution and by doing so may eliminate some of the pros.

Is an SSL VPN Right for Your Organization?

For many small businesses, SSL VPNs make a lot of sense as a primary method of remote access thanks to a lower total cost of ownership and its ease of use and management. Businesses that have remote locations though may want to consider implementing a hybrid solution comprising of IPSec VPNs to establish connections between physical locations, and SSL VPNs for remote workstations.

As with any new technology investment, the more research you do up front the better prepared you’ll be to make the most appropriate decision for your organization. Thrive Networks has helped our clients evaluate and implement both IPSec and SSL VPN solutions, and we can assist you in determining the best solution to fit your needs. If you have any questions regarding VPN solutions or technology in general, feel free to contact us

 

  
   
    © 2007 Thrive Networks. All Rights Reserved.