Getting Started With VPNs

VPN
Share

Corporate networks have a lot of needs. Whether you run a small office or an enterprise, your users rely on you for convenient, secure ways to access and share information and electronic tools. A Virtual Private Network (VPN) is an almost inevitable upgrade for any corporate network. It can vastly expand both security and utility for your network, and it can give your company entire dimensions of new options for performing tasks and enabling employees to function at their peak.

What Is a VPN

A VPN performs two primary functions. First, it can boost network security by adding a layer of encryption and authentication. This is important when data security is a major concern such as protecting pre-patent information, financial records or private client details. The second function is the more common reason to use a VPN; it gives secure, remote access to a company network. This makes it easy to do remote file and application sharing in a manner that doesn’t put information or devices at significant risk from cyber threats. With VPN access, users around the world can have identical access to devices and network tools as anyone physically working in the office.

VPNs provide secure and remote access through a simple concept. Endpoint devices, known as gateways, encrypt all transmitted data. They also perform authentication checks before decrypting received packets. In this way the gateways prevent unauthorized requests from accessing information.

Types of VPNs

VPNs can be deployed in a number of ways. Originally, they simply encrypted point-to-point file sharing using Point-to-Point Tunneling Protocol (PPTP). This method of encryption has become outdated and is too slow and vulnerable for modern applications. The most common types of VPN today are IPSec and SSL.

Secure socket layer (SSL) encryption is popular and recognizable. Most websites utilize this process. It is convenient because it does not require a management client, and it is easy for remote users to access files and applications. In a corporate setting, an SSL VPN would host anything that is to be shared on a dedicated server that could be reached through a specific IP address or URL. The simple method works well for many applications, but deeper levels of remote access are difficult and cost ineffective.

The other common VPN application is through Internet Protocol Security (IPSec).  IPSec uses a VPN client to access information, applications and devices on the private network. Through the client, any user can log into the private network by using a username and password combination. When the second layer of authentication is cleared, users have access to anything on the network. This is the most common protocol for Open or Active Directory networks, and it tends to be popular for enterprise-level remote access. It adds an element of oversight from IT management, but the users have more access and convenience.

OpenVPN and L2TP are two other, less common ways to utilize network encryption. OpenVPN acts as a management client for SSL connections. It expands the utility of SSL VPNs. Layer Two Tunneling Protocol (L2TP) is basically a modernized PPTP connection. It overcomes the primary security flaws of the older protocol, but it is still best used for point-to-point connections.  It has limited applications in an enterprise setting.

Choosing Equipment

Antaira APR-3100N with VPN Router
Antaira APR-3100N with VPN

VPN equipment is as diverse as any networking tools. They come designed for every kind of VPN connection and an almost endless number of niche functions. Generally speaking, the best VPN endpoints are adaptable. This means they are built for multiple VPN applications and can be used in variable parts of a network. The Antaira Technologies’ APR-3100N is a good example. It can serve as an access point, router, bridge or repeater and is pre-configured for IPSec, OpenVPN, L2TP and PPTP. It also includes management software that makes it easier to setup and maintain the VPN. As a network grows and expands, simpler devices can fill roles, but adaptable technology like this will inevitably prevent expensive redesigns and hardware upgrades down the road.

Getting Started With Network Design

While there are a large number of ways to design your VPN, there are two options that simplify the process. You can create an SSL server or set up an IPSec client. An SSL server is the way to go if you only have a few specific things that require remote access. In some cases, you may not even need to host the server. You can simply set up a webpage with the necessary files or applications and call it a day.

More likely, you need a VPN client. In most cases, you will pare this with your Open or Active Directory server. The management software can be hosted and maintained through the server, and users can be assigned security credentials when needed. Most encryption endpoints are already designed to work with Open and Active Directory which saves considerable time. The beauty of pairing the VPN manager in this way is the private network will grow organically with the client base.

Tips to Remember

VPNs add a layer of complication to your network, and there will be hiccups. A couple of common problems are easy to avoid. First, if you have remote users, your VPN server needs to have a static IP address. If not, remote users will have trouble every time the server’s IP changes. It’s also important to remember that international users may have additional, geographic restrictions. These can be overcome with another VPN client on the user’s end.  But, it adds another layer of complication.

For telecommuters who handle any amount of private data (such as client contact information), then a proper VPN is required. Making this expansion is relatively easy, and the benefits typically outweigh the costs.

Industrial Networks

Power utilities, public transportation systems, water treatment facilities and other heavy industries rely on VPNs.  Secure communications is essential for remote maintenance technicians who need to keep these systems running around the clock.  Automated monitoring, command and control placed on distributed networks also require the security and peace of mind offered by a VPN.  Antaira offers a broad line of industrial VPN networking solutions built specifically for these critical applications.

To learn more, contact your Westward Sales specialist today.  You can have a scalable, secure connection option up and running in surprisingly short order. Get out there and get started with your VPN!

Written by

Kelvin Aist is Founder and Sales Manager at Westward Sales. He has designed and sold networking and communication solutions his entire career. He frequently blogs for Westward Sales.