Our company is doing research on implementing a VPN so employees can work remotely. Does the initial implementation...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
tend to be expensive, and what are some implementation pitfalls that we ought to avoid?
Fortunately, a VPN deployment is usually inexpensive. In fact, if you don't expect more than a few dozen VPN users, you probably already have the technology you need built into your firewall. Consult the manufacturer's documentation for details. If, however, you expect a high load of VPN activity, you'll probably want to purchase a dedicated VPN appliance that uses hardware encryption technology for efficient processing.
When I think about past VPN deployments, these are the two requirements that come to mind to ensure a successful implementation:
- Define your authentication requirements for the VPN up front. What type of authentication will you require? The username and password setup is easy and familiar to users, but may not be enough to provide the desired level of network security. Many organizations choose to use an additional technology, such as keyfob authenticators, to increase the degree of trust in VPN user identities.
- Create a written user access policy. What services will VPN users be able to access? Will they be granted the same access to resources as users physically located in the office, or will their access be curtailed in some way? Sit down and document these policies before deploying your VPN or you'll be sure to have problems down the road.
A little planning goes a long way toward a successful VPN deployment. Clear up the policy issues from the beginning and you'll have an easier time rolling your VPN into production.
Dig Deeper on SSL and TLS VPN Security
Related Q&A from Mike Chapple
Vulnerability scanning tools are necessary to be fully compliant with PCI DSS, but the tools need to come from a PCI DSS Approved Scanning Vendor. ...continue reading
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you...continue reading
The FFIEC Cybersecurity Assessment Tool has faced harsh criticism since its 2015 release. Expert Mike Chapple reviews the tool and how it can be ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.