*By Vinicius Melo
The VPN reset
Pre-pandemic corporate VPN was a luxury offered to remote workers, traveling employees, and executives who made up only a small percentage of the workforce. Now it has become an essential service on which an entire organization depends.
There are different ways in which organizations are scaling their VPN capabilities, from integrating native user VPN solutions to deploying application VPN solutions, companies are looking to deploy physical devices or cloud devices. Some organizations are using a hybrid approach, where cloud devices are added to their existing infrastructure.
Types of VPN
Enterprise VPN solutions can be broadly divided into user VPN solutions or application VPN solutions, both solutions have distinct advantages.
User VPN solutions focus on providing secure remote access to users who need access to various resources. User VPN solutions are limited by customer specifications. firewalls. However, the firewalls have a great deal of control over the data that passes through them, security policies and different threat protection policies that ensure that the devices connected to the corporate VPN are regulated and meet the defined requirements. To reduce non-corporate traffic, split tunneling can be enabled, which only sends corporate traffic through the VPN tunnel. The exposure of different users and groups can be minimized by creating policies that allow access to selected resources.
The app VPN solution, on the other hand, only allows access to one app or resource. Application VPN solutions are deployed on the internal network, where they act as a gateway for user connections. Remote users authenticate to the VPN's cloud platform, which redirects requests to the gateway of the VPN.
O gateway application VPN, communicates with internal resources, and creates sessions for remote users. Therefore, a single application can be made available to many users without compromising any other resources on the network. The solution is perfect for organizations with many users requiring access to fewer applications.
Corporate security teams deploy application VPN solutions when the firewall virtual or physical seem too high. Application VPN solutions do not offer the same security features as an firewall traditional.
These solutions have visibility only in browsers, operating system and some other systems. Therefore, administrators must also rely on the firewall to inspect traffic from the solution's cloud platform to the gateway VPN.
Application VPN solutions are independent of the native system and rely only on a browser. A vulnerability in a browser can cause a security concern in some cases.
The world has shifted to remote working mode almost overnight, and the global demand for virtual private networks has increased. Although in recent months countries have become more flexible, approximately 80% of IT companies worldwide have migrated their employees to work from home during the pandemic. VPN and service providers Internet are exerting a large task force to deal with the increasing traffic of the quarantined population around the world, in parallel, corporate security leaders are also concerned with building a security infrastructure through a securely encrypted connection to the network over the Internet that is essential for data protection, using a VPN provides the ability to remotely access network resources and connect branch offices of companies around the world. This is extremely important for organizations that allow the majority of their users to work remotely indefinitely.
— Vinicius Melo is a Consultant at [SAFEWAY]
THE SAFEWAY is an Information Security company, recognized by its customers for offering high added value solutions, through Information Security projects that fully meet business needs. In these years of experience, we have accumulated, with great pride, several successful projects that have earned us credibility and prominence in our clients, which constitute in large part, the 100 largest companies in Brazil.
Safeway can help customers better understand their Information Security needs, as well as the tools needed to detect, respond and mitigate their risks involving threats and regulatory issues. In this way, our professionals and expert consultants can help eliminate small problems before they become big ones. Security, Vulnerabilities and Fraud Management actively analyzes your company's security through monitoring activities, mitigating risks and attacks in the IT environment.