Remote access for mobile devices: managed and cloud VPN services

Whether it is trying to download project files at the client’s office or to access business applications at the airport during flight delays, it doesn’t matter - more and more working people need the ability to use enterprise resources wherever they have to work and whatever device they are used - a laptop, tablet or smartphone. The days when users were content only with access to e-mail, while on the move, were long gone.

Mobile platforms are developing steadily and are reaching the level at which they can provide improved capabilities and flexibility that would allow working with many devices. Thereby encouraging companies to develop or license mobile applications that allow you to take advantage of these features. As a result, company employees often try to gain access to corporate resources using public Wi-Fi hotspots or other networks that are not included in the company's secure zone.
')
Because of this development, staffing and virtual staff, virtual private networks ( VPNs ) continue to be an important element of the overall security of an enterprise. A stable, easy-to-use VPN-network is an indispensable tool in the ongoing work on maintaining the security of communications so that they can remain a powerful driving force in the field of business innovation. It provides secure access to systems and programs that are not located in the demilitarized zone ( DMZ ), for example, which usually cannot be accessed from outside the corporate network.

VPNs also increase security for users who use insecure , public Wi-Fi access points or password-protected wireless networks whose real security is unknown, such as corporate Wi-Fi access points in client companies.

Due to the rapid growth in the number of mobile device users and the increasing number of VPN use cases, computer network specialists will have to ensure that their strategy for working with VPN networks meets the following requirements:

• It should be as easy for network users to connect to it through as many different platforms as possible.
• The infrastructure through which employees connect to the corporate network must always be available.
• The infrastructure of the VPN network needs to be scalable so that you can manage the “spikes” of network traffic that occur due to the introduction of new mobile applications and an increase in the number of users.
• The license should provide short-term “bursts” of activity in the use of a VPN, associated with unforeseen circumstances in the event of natural disasters or a threat to human health.
• Network technical support should work around the clock all week.

Cloud or managed VPN services: which one is right for you?

However, IT organizations that lack staff and funding may have difficulty trying to meet these requirements. The outsourcing of a VPN network to a third-party company will help ease the task of maintaining round-the-clock availability of the network, active customer support and ensuring constant updates for an ever-increasing number of mobile platforms. There are two approaches to outsourcing the maintenance of a VPN network. VPN hardware can be located directly in your company's office and managed by a service provider. You can also use hosting or cloud VPN services, in this case the infrastructure is located in the data center of the provider.

In the first approach, all important elements of the infrastructure are under the control of the IT department, which ultimately allows it to exercise full control over the VPN. As for firewalls and other elements of infrastructure security, IT professionals are usually reluctant to transfer VPN management to third parties. However, a stable technical environment with a high level of access will cost the company very expensive and may complicate the possibility of scaling. But, shifting the cost of daily monitoring and network management to the service provider, computer network specialists can practically eliminate the administrative burden of servicing the VPN network. This can significantly reduce the number of calls to technical support for network diagnostics and recovery, which otherwise could reach senior staff. And this, in turn, allows the already small IT departments to focus their attention on helping users of corporate applications instead of endlessly working on connectivity problems.

The same operational benefits are achieved in cloud-based VPNs. In addition, these services change the cost structure: after the creation and updating of the infrastructure becomes the task of the provider, instead of capital and operating costs for VPN, only operational services remain. This can help to provide fast and transparent access to new functionality for companies, since updating can be included in the terms of a maintenance contract. And this will not require the modernization or replacement of local equipment. Cloud-based VPN networks can also make it easier for enterprises to modify or replace an installation that no longer meets their needs, because in this case there is no infrastructure that would change the hardware or hold on to it until the last while completely will not become worthless. Moreover, any scaling issues are transferred to the responsibility of the cloud provider.

None of the approaches guarantees the easing of the solution to the licensing problem, which will inevitably arise during temporary traffic jumps. The information technology department will have to negotiate terms with its service providers, whose flexibility will depend on the infrastructure of the network used. Providers that use private platforms are at the mercy of their vendors and it is not known what deal can be concluded with them. And those who create a service on open source platforms can simultaneously apply different policies and assign whatever prices they want.

Here are some guidelines for choosing between cloud-based VPN services and managed local VPN networks:

• If your risk management team feels comfortable without having full control over the VPN infrastructure, which is located outside the company's data center, then choose cloud technologies.
• If your security team is willing to accept the loss of direct control over the VPN infrastructure, then both cloud and local managed VPN services may be suitable for you.
• If the number of your mobile users, platforms, and the number of VPN use cases are changing rapidly, then cloud VPN networks may be the best solution.
• If you already have a reliable outsourcing agreement with a provider who will manage the rest of the local security, including firewalls, then adding VPN networks may work.
• If you are starting to deploy networks from scratch, without existing outdated versions of VPNs, then first look at cloud services.
• If you want to reduce capital costs to operational, then pay attention to cloud services. But also discuss the so-called models of operational or joint risk, in which the infrastructure is deployed locally, but is owned and managed by the remote service provider.

IT departments should always make any decision about outsourcing, clearly representing the tasks - functional, operational and financial. You will also need a formal decision-making tool, for example, a decision tree or well-thought-out lists of all strengths and weaknesses — to calculate and select among all the options the means most appropriate for the tasks that are put before it. Thanks to all this, the idea of ​​outsourcing VPN networks is attracting an increasing number of companies that decide to shift more and more of the critical tasks of their technology areas to cloud services or managed service providers.