Once you’ve learned the basic facts about virtual private networks (VPN), the next questions you must ask yourself are whether a VPN solution is right for your enterprise, and how you should go about implementing one. Check our list of the best VPNs in the UK.
Increasingly, managed VPNs are becoming the long-distance networking solution of choice for the vast majority of businesses. There are, however, a few cases where other solutions should be evaluated. If, for instance, all of your offices are literally next door to each other, a frame relay or dedicated line might be more economically feasible – although this could limit your potential for expansion.
For everything else, VPNs will always be the cheapest solution, other than just using the Internet, which provides no security and little bandwidth.
Although in the past some VPNs were unable to meet the security, bandwidth, or performance requirements of mission-critical endeavours, modern managed VPNs are sophisticated enough to satisfy just about any organization.
Should you outsource your virtual private network? Unless you happen to own a corporation so huge that it can afford your own 24×7 staff to continually monitor and maintain the network, it rarely makes sense to set it up internally.
Even if you have an in-house IT department with the knowhow (and access to decent equipment), a good VPN requires graveyard shift-work to ensure its functionality. And the monthly cost of a managed VPN service is often less than the monthly IT labour expenditures, not to mention the hardware investment.
The idea of “buying” a prepackaged VPN service is fairly new, and the industry is evolving constantly. Because of this, buyers must be especially prudent in finding out as much as possible about a given provider’s service, and whether or not it can fulfill their needs, which will always vary.
For VPNs requiring primarily site-to-site connectivity, the key issues are performance, security, and manageability. Even if you’re unfamiliar with the technology, it’s always useful to know what’s “under the hood,” as a point of comparison.
Make a note of the hardware and type of firewall implementation (if any) being used, and research the industry further to gain a sense of the standard. Ask what kind of encryption and authentication the provider offers and whether this is sufficient for your project.
If you’re using the VPN solely for file-sharing, email, and reporting purposes, extremely strong encryption is not necessary. If credit card numbers are being sent through the tunnel, or if you’re at risk of corporate espionage and hackers, you might want to beef up your security.
Generally, the rule is to go with as much security as you can afford, both money and bandwidth wise.
If your VPN will be accessed by remote users, such as mobile or at-home workers, ease of use is of the highest priority for the consumer. Since most remote users use dial-up or cable connections and tend to deal with less data, performance is not nearly as important as having a system that is compatible across the board, easy to access, and requiring as little third-party support as possible.
After all, the idea behind all managed services is that the end-user requires almost no knowledge or skill in order to use it.
The VPN provider takes care of the implementation, testing, maintenance, configuration, upgrades, support, sparing, and round-the-clock monitoring, and it’s all done behind the scenes. Ideally, if there’s a problem with the network, the provider should let the customers know before they even realize there was one.
Service level agreements for VPNs can be tricky.
Some companies don’t have explicit SLAs for their VPN services, and the existing ones can be murky and confusing. However, there are some basic facts you should always acquire.
Service providers usually offer an SLA on power and connectivity, and the “five nines,” or 99.999 percent, is becoming more common.
A few firms, such as Toronto’s Q9 Networks, have upped the ante by guaranteeing 100 percent uptime, which is still quite rare in the industry. For companies making such claims, it is imperative to find out exactly how they are capable of making that offer.
In Q9’s case, its highly redundant network is attached to every major ISP in Canada and 13 regional providers, plus several in the United States.
“If we see that a certain path between two points is not the optimal path, then we will change our routing policy to shift it to a service provider who has a better reach“, says Osama Arafat, CEO of Q9.
However, many providers might use only two or three networks, and will not offer any performance guarantees once the packet crosses over to another ISP. Ask the service provider exactly how many minutes of downtime it experienced in the last year and why, as well as how much it paid out in SLA credits.
A good VPN provider will always be willing to give you a detailed track record and put you in touch with its customers for reference.
Another important factor is the company’s policy on maintenance and repair. While it is almost impossible to guarantee the integrity of the hardware or software itself, based on all the possible issues that could arise, companies should at least promise a minimum response time to an unresolved problem.
To an extent, you are entering a relationship with your VPN provider, and they should do more than simply setting up your network and forget about it.
“Proper design from the outset is important“, says Arafat. “But networks are not static on either side of the tunnel – they are always growing, and you need to be able to adapt to that growth.”