IT Home Workers & VPN
Traditionally organisations were required to invest in dedicated remote access servers in order to manage access for staff working away from the office. However dedicated dial-up or fixed-line connections made this an expensive and inflexible solution. A virtual private network (VPN) is a more flexible, and often cheaper, alternative.
A Virtual Private Network uses the public telecommunications network, such as the Internet, rather than leased lines to transport encrypted traffic. VPNs are also recommended to secure 802.11b wireless LANs. The data being sent is encrypted and cannot be intercepted, read or otherwise interfered with. As VPNs use an existing shared wide area network (WAN) infrastructure, costs are lower and deployment is faster than traditional private networks.
A remote-access VPN provides a connection for employees from various remote locations. Remote workers can then dial-in and use the VPN client software to access the network.
A site-to-site VPN provides connection to and from multiple sites. This can be Intranet- or Extranet- based. An Intranet-based VPN is used to connect LANs within the organisation, whereas an Extranet-based VPN connects to other organisations providing a shared environment.
IP Sec (Internet Protocol Security Protocol) has two modes of encryption:
- Tunnel – encrypts the header and the payload.
- Transport – encrypts only the payload.
AAA Servers (authentication, authorisation and accounting servers) are used to increase security in a remote-access environment and will carry out the following checks:
- Who the user is.
- What the user is permitted to do.
- What the user is actually doing.
- Cost savings. The initial hardware investment may be slightly higher than that of a traditional wired network however, the overall installation and operating costs are significantly lower. So in the long term the cost benefits outweigh the initial investment. Organisations can also save money by using home workers and contractors therefore reducing training, infrastructure and hardware maintenance costs.
- Improved communications and productivity. Remote staff, field workers, clients and suppliers can be given access to networked information providing a more effective flow of information between employees and related organisations.
- Improved scalability. Internal and external users can be added to the network quickly and cost-effectively as can new offices and temporary office or exhibition locations. Therefore the organisation is able to extend it’s geographical networking opportunities and connectivity.
- Enhanced security. Advanced encryption and authentication protocols provide a high level of security against unauthorised access.
Where a VPN can give benefits:
- Remote / Temporary locations. More cost effective and flexible than a traditional fixed line whilst still offering a high level of security.
- Home-workers. Employees and directors can have the same secure access rights to the network from their home as they would in the office.
- Field- workers. Employees such as sales reps and project managers can access the network whilst off-site via a dial-up connection using their laptop, PDA or even mobile phone.
- IT department. Users and locations can be easily managed and administered. Security is enhanced through administration of user access levels, traffic encryption and by applying user authentication.
- Support contracts. Internal support personnel or an external support partner can remotely manage the infrastructure and fix support queries often reducing the time and costs associated with on-site fault resolution.
- Finance department. Secure integration with clients and suppliers provides flexibility and speed of invoice and payment processes.
- Sales & marketing departments. Clients can benefit from having access to the latest product information and also by having editing rights to such data as account contact details. Sales and marketing departments are able to offer more flexible working processes to the customer and have the peace of mind that the data held is up-to-date and accurate.
- Clients & suppliers. Secure limited network access can provide external customers with the means to view and edit information and make secure transactions.