Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Get started with a VPN

Steven Vaughan-Nichols, PC World | March 25, 2011
Do you want to be secure -- I mean really secure -- when you're on the Internet? If so, then you want a virtual private network.

I've often seen small businesses flummoxed by slow VPN connections. That usually happens because neither the users nor the in-house IT staffers (often one and the same) realize that the math of Internet connections means that the slowest link along the VPN route will determine the VPN's top speed. If you want a really fast VPN, you'll need to bite the bullet and get a high-end Internet connection from your ISP.

VPN Fundamentals for the IT Department

If you're running a serious corporate VPN, you already know that neither end-user VPN services nor software-based VPN services can do the job. Sure, you could throw a few dozen OpenVPN or Windows Server 2008 R2 boxes at the problem, but besides not being fast enough, they'd be a nightmare to manage. When your company needs anything from a few hundred to 10,000-plus active VPN tunnels at once, you must turn to either top-of-the-line VPN hardware or a national-level VPN service. Traditionally that has meant Cisco, F5 Networks, Juniper Networks, and a handful of other top networking companies.

At this point, too, you might be concerned about the second kind of VPN, circumstances in which you use VPNs to connect different offices and branches securely over the Internet. Here you use technologies such as MPLS (Multi-Protocol Label Switching), VPLS (Virtual Private LAN Services), and L2VPN (Layer 2 Virtual Private Networks) to bring together data centers and central and branch offices into one virtual whole.

If you need to start thinking about that kind of VPN, you shouldn’t be listening to me. You need to find top network engineers--or better still, a qualified network architect--to set up your virtual WAN (Wide Area Network) correctly. A mistake here can cost your company hundreds of thousands of dollars, or foul up your WAN when you least want it to go down. Do you want to explain to the CEO why the companywide videocast went to the great bit-bucket in the sky? I thought not.

Corporate remote-access VPNs, even on the larger stage, use the same technologies as their smaller siblings. The difference is entirely in scale.

If you want to manage your own enterprisewide VPN, you'll need to build it around expensive (start at five figures and work your way up from there) VPN appliances and servers from Cisco or Juniper. Or do you?

Conventional wisdom says that you have to use brand-name VPN concentrators with their high price tags, but other vendors--Vyatta, in particular--argue otherwise. Vyatta, starting with the Vyatta 3500 Series Router and Firewall (introduced in late 2009), is offering 10-gbps routing at a fraction of the price of similar Cisco offerings.


Previous Page  1  2  3  4  5  Next Page 

Sign up for Computerworld eNewsletters.