Virtual private networks (VPNs) are the technologies most widely used by organisations today in the provision of remote access to their networks for employees, business partners and suppliers. Of the VPNs available, IPSec (Internet Protocol Security) VPNs provide the most complete remote access solution, although they have traditionally been seen as costly and difficult to deploy. A new generation of IPSec VPNs, which can enable organisations to gain a centrally managed and high security remote access solution without the administrative burdens and overheads generally associated with IPSec VPN deployments, is now emerging.
Remote access is now a fact of life, but is not always easy to administer or manage.
Although VPN technologies have evolved as the solutions of choice for achieving remote access needs, SSL VPNs can be limited in their capabilities for achieving full remote access and IPSec VPNs have traditionally had large management and administrative overheads associated with them as they relied on the manual installation of software agents on each device under management.
Next-generation IPSec VPNs streamline the management headaches associated with deployments in large complex environments.
By providing centralised management capabilities, next-generation IPSec VPNs automate the processes
associated with the administration, management and maintenance of VPNs through provision of one single point of administration.
IPSec VPN implementations can help organisations to improve their security procedures and achieve regulatory compliance objectives, such as data protection.
Market-leading IPSec VPNs are supplied with powerful personal firewalls that handle security settings, preventing users from tampering with the security controls that have been set. They also enable checks to be made on the security levels applied to each endpoint under management and can enforce that the correct security tools are deployed on each machine, according to set security policies.
Security is only as good as the weakest point.
As the number of technology systems in use in an organisation proliferates, including databases, enterprise directories, operating systems and devices that allow mobile networking, the ideal IPSec VPN solution should provide coverage for a wide range of systems and devices in use today—as well as extending coverage to new forms of technology as they emerge and come into everyday use.
Full logging and reporting capabilities help organisations to tie all actions to the identity of the user performing those actions to prevent data leakage.
By automating those processes involved in deploying, managing and maintaining IPSec VPNs, all events can be logged and suitable reports can be communicated to management and used for security audits—especially where strong authentication is used to tie the user of a device to their identity.
CONCLUSION: VPNs have emerged as the leading technology for achieving remote access, with IPSec as the leading choice for providing access to the full range of applications in use by organisations today. However, implementing IPSec VPNs in a large, complex environment has been viewed as an expensive management headache. The next generation of IPSec VPN technologies move towards solving this through centralised management, high levels of security and automation of all the processes involved. This makes them easier to manage and reduces the overall cost of ownership of such technology implementations