|
Yes, a hardware VPN is better for reasons other than secure communications. For example, if you use a Microsoft OS with software VPN, then you will need to
patch the Microsoft OS everytime a patch is released. In the case of the
hardware VPN, most times the upgrade or patch is complete and done once a year.
As for encryption, both hardware and software do excellent jobs. You must
also consider totally hardening the OS in the Microsoft case, while on the
hardware solution you are guaranteed the OS is fully hardened without you
even lifting a finger to do so.
As for the laptop question, most VPN clients (that is what you are asking)
are software based. These clients will typically take over all services on
a device while the VPN session is established, then release them afterwards.
This is the case with all VPN clients simply because you want a secure
connection on a secure device -- not one that someone connects to your VPN,
then decides to use that same connection to, say, surf the Internet. Dual
communications where one is non-encrypted and one is encrypted is not a very
good security practice, thus most clients will take over and not allow any
other connection until the time the session is terminated.
If you have the money; YES there is a laptop hardware solution. This would
entail a secure NIC (network interface card) that can only be used for a VPN,
but these have huge issues. Since your communication is still a secure
TCP/IP packet wrapped with an unsecured TCP/IP packet (to route through the
Internet), it is kind of still the same concept as software. The only
difference is the hardware will do the encryption and take the CPU load off
the computer.
Good luck!
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Virtual private networks
The Information Architect: The reality of virutal private networks
Tech Tip: Save your bacon with a VPN
|
