Virtual Private Networks (VPNs), a staple in enterprise settings, are starting to gather momentum as a way to connect remote users and branch offices securely to the networks of small and medium-sized businesses (SMBs). Smaller companies are finding VPNs cheaper to operate than more costly dedicated T1 phone lines.
SMB players have been slow to move from more traditional Web site access and cumbersome security hardware and software combinations to fully adopt VPN connectivity. However, that trend is clearly trickling down to smaller office use, and third-party suppliers expect to see more VPN adoptions on the SMB level in the upcoming year.
Part 1 of our two-part series on VPN use by SMB firms discusses the factors driving the VPN movement. Here, we look at VPN services and products and whether viable alternatives exist.
“A small business looking for a VPN solution can do it completely themselves, use a small managed solution like an AVTS/ANIRA, or use a larger solution like MPLS (multiprotocol label switching VPNs) or frame relay, or any of several other options,” Joe Faranetta, director of product marketing for AT&T Enterprise Networking, told TechNewsWorld.
What Is It?
A virtual private network is a dedicated communications network that only certain users can access. A VPN creates a tunnel through another network. This, in effect, controls traffic to and from the network rendering it a private rather than a public access.
There are two types of VPN configurations. One type is site-to-site. This is used to connect two networks and involves an exchange of public keys for authentication and encryption. It is run by software over the Internet, according to James Mabie, territory manager for SMB at Check Point.
The second type of VPN is for remote access. Client software runs on laptops of employees and others authorized to access a company’s VPN. Software creates the VPN tunnel with a key exchange. This is a very common configuration in SMB, said Mabie.
While some network experts do not consider VPN architecture a security measure, many SMBs will use them for the same reasons big businesses do — to safeguard sensitive company data. The risk is that data could be intercepted by the hotspot provider or a hacker between the hotspot and the destination server.
“WiFi hotspots at cafes, pubs, train stations and airports have become a popular way for employees on the move to connect their computers to the corporate network via the Internet,” Aston Fallon, CEO of network security firm Steganos, told TechNewsWorld.
If an SMB decides to use a VPN, however, the firm’s technical staff has only a few options. VPNs are tricky to configure and require some technical maintenance. If in-house IT support is lacking, the only viable option is to purchase third-party provider services.
“Only a few products are designed for SMB users. More products are available for enterprise VPN, but these are not suitable for SMBs,” Dirk Morris, CTO of network security firm Untangle, told TechNewsWorld.
If an SMB decides to use a VPN, a good starting point is to match a VPN product to the existing network, suggested Lance Geeck, manager of IT for financial technology company Kettley. For example, the best approach is to get a VPN solution that works with a company’s existing firewall hardware and is supported by the firewall’s manufacturer.
Kettley purchased a VPN add-on for its firewall. In this case, the cost is about US$50 per user per year, Geeck explained. The product his company uses allows Kettley to connect up to 10 users at any one time. The firewall is about $2,300 plus the cost of installation, said Geeck.
Another option for an SMB thinking of adopting VPN is to contract a VPN service that specializes in small businesses.
“There are several VPN services for small businesses, but the most common is broadband VPN, which gives remote users the same speed experience they would have in the office,” noted Faranetta.
Some of the recommended VPN services and products that target the SMB client include SonicWall, Cisco, 3Com and Microsoft.
Steganos offers four different VPN products for SMBs. These are Steganos Secure VPN, Steganos Secure VPN Premium, Steganos Secure Traveler and Steganos Secure Traveler Premium.
Check Point provides SMB users with an appliance-based VPN appliance. Two models are available. The basic model includes a firewall and the VPN appliance. A second model provides for an unlimited number of users, according to Mabie.
Untangle offers two products for the SMB user. Open VPN requires less in-house technical knowledge. It uses a configuration wizard. Open VPN is free forever regardless of the number of users, added Morris. Adding other options incurs a monthly cost. Untangle also offers Remote Access Portal, a product for remote access through a Web page.
Remote control software will take control of a remote computer on a network. This computer will display on the laptop or desktop that is located out of the office.
“These have a downside in that they require the computer inside the corporate network to be fully available to the remote user. They are also sometimes problematic with making connections inside the firewall,” warned Geeck.