This is it (and it isn’t a Michael Jackson that I am referring too!). After pushing my Part 1 and Part 2 of this series I had to wrap this up before it becomes overly boring. Henceforth, here is the last and final part of VPN Nirvana!
Golden Tip: Please understand that at the end of the day it will be you who will know which VPN is best for you. Features, availability and functionality of a VPN service depends on your geographical location. A VPN service that does well in China might not do good for your if you move to Indonesia. Henceforth, it is suggested that you (please) go through this series and start your own research. Results will be fruitful if you stay intact throughout!
- Check Part 1 for explanation on SSL & MPLS.
- Check Part 2 for explanation on IPSec & Hybrids.
In our wrap up article I will like to focus on Remote Offices and Remote Users as these happen to be an important reason why VPN services are highly in demand especially in the corporate world. Time for some really worthwhile suggestions!
Remote Users
If you are part of that genre of users who travel a lot and need access to Internet from Hotels and Coffee Shops then MPLS is surely not the service you should be looking for. Ignore without giving second thoughts! IPSec is good for such users only if you have control over those systems that you will use as you might have to download VPN clients with regular updates popping up!
IPSec seems to be the only possible option for the IT support staff or any other person who plans to access multiple applications over a VPN. IPSec is good when it comes to scaling and and it is easy to manage.
Another suggested option is SSL which comes into play when users are accessing corporate network from non corporate systems like public places or homes etc. This is possible in case of SSL VPN as there is no client software required to run SSL VPN services. It is easy to use and quiet cheap when compared to its counterparts. If you have internet connection then you will easily have access to your data though it might not support all the applications that are part of your organization’s list!
Remote Offices
Now, the discussion moves from remote users to remote offices where the question is multiple users working simultaneously from one place itself! In such cases SSL is not the best option.
In such cases, it is suggested that you have one secure link between your current location and your central office. If you are targeting an environment where all the remote sites will access your central site then IPSec will be the best suggested option for you. Also, your users won’t have to worry about any client software as that will be taken care of on the network level.
But, if you plan to interconnect every possible branch with other branch then it might end up being really a pain in your bum. This will elevate when you have to setup GRE in case of non-IP traffic or multicast traffic. One should remember that this deployment will be done over the Internet henceforth no possible QoS guarantees might be available to satisfy client’s requirements.
In case of huge offices which have complex requirements for connectivity, MPLS VPN is best suggested format which should be used. One must make sure that the ISP supports MPLS and supports multicast traffic. Do your research!
Conclusion
We have done a lot of discussion about all possible (in use) formats of VPN services. As I have said already, it is you who will make the last decision. Hit it!
