Ashley Walker's Blog

Demystifying VPNs: Their Relevance and Advantages in contemporary IT

, ,

You might often hear your tech team discussing the implementation of Virtual Private Networks (VPNs). These networks could be between your personal devices and the corporate network, or even between different sites. However, many users’ express concerns about the performance and setup process of VPN technologies. This is often coupled with a lack of understanding about the functionality and operation of VPNs.

There is also a misunderstanding that VPNs are no longer required (in 2024) because of advent of buzzwords “ZeroTrust Networking” and “Cloud Services”.

At its core, a VPN allows you to connect to a remote internal network as if you were physically present within the building housing the network cables and Wi-Fi. It achieves this by encapsulating all data from your computer, encrypting outbound traffic, and directing it to a known location (exit node).

A key feature of modern VPN solutions is the ability to perform Split Tunnelling. This means that only a portion of the traffic is sent via the VPN tunnel, while the rest is sent out to interact with the local network. The modes, configuration, and specific solution of a VPN strike a balance between several factors:

  • Access to the remote network resources.
  • Security protections from the network you are on (encrypting all the traffic to prevent snooping).
    • Type of encryption, and level of encryption.
  • Latency induced by the connection.
    • Single exit node vs many possible exit nodes at different geographic locations.
  • End user interactions (starting, authenticating etc.).
    • Authentication methods of Standalone vs SSO
  • Applications that can bypass the VPN.
  • Firewall rules and protections offered by the tunnel.

Despite the misconceptions, there are numerous reasons to use a VPN in 2024. Modern alternatives to traditional, clunky solutions exist, including vendors such as TailScale, OpenVPN, and CloudFlare Access (and many more). Each provides a VPN, but they also offer different value-adds or weights to the balances and considerations.

So, in what situations would I recommend that a client uses a VPN?

  • If they deal with sensitive information, and data that requires high levels of security and privacy. And they work intermittently from co-working, airports, hotels and other none corprate network-controlled locations.
  • If they are remote from the office and need to access resources on the local network that are not exposed to the internet, such as printers, network storage, internal web applications.
  • If they are traveling to another country and need to access services that are geo-locked. Using the exit point of your corprate network will make your traffic appear as though it is from your office location.