When most business grows it mostly will expand in to different branches in different geographical locations. It may be expanding its sales to different areas even to different countries. It creates new situations to apply appropriate networking technology solutions which help for company operations. The branch offices will need to be part of the cooperate network to access company data and continue on operations. There can be sales peoples who conducts demonstrations from remote locations which also need to access cooperate network time to time. Since “virtual office” concept is growing there can be employees who works remotely which also need to be part of the cooperate network.

The old and traditional way of doing this setup is to use “Leased Lines”. In this solution each branch office, sales peoples, remote workers will connect to the cooperate network via dedicated communication links. The connection is almost will be physical connections using cable media and the link will be fully dedicated for communication between those selected points (ex- Cooperate office to Branch office). The connection will be secure and runs with high bandwidth.

vpn1

Even though it’s reliable, high bandwidth secure lines there are some issue involves applying this solution for most of the modern day requirements. Let’s examine few of the issues in details.

Issue

Description

Cost

 

 

 

 


The main particle issue on using these is cost. To create dedicated line between two locations it need more man power, resources. There for the cost for getting such connection is very high. When the distance between locations and required bandwidth increase, the line cost also increases. If it’s between countries it will involves with many different ISP (internet Service providers) which increases implementation and operational cost.

 

No Mobility Sometime sales representatives, management staff can be traveling in to different locations for business presentations, training etc. stay on those locations can be temporally for few hours or days. If they need to get access to cooperate network with leased line it’s impossible. You can’t bring lease line to any place you go. Leased line will be permanent physical connection to particular location and will not support for mobile use.  

Implementation Complexity and Time

The implantation of leased lines can be more complex. Some time you may need to work with few different ISP in different geographical areas. Some time it can take months to perform a lease connection between two locations. It will defiantly effect on company operations. Also let’s say there is manager who is in business trip for certain product presentations. He wants to connect cooperate network to get some data. It is obviously not practical to get leased line for it. Even it’s possible it will not be instant, can take days, weeks to do it.

 

Service Provider Dependency

Once leased line in place between branch offices and cooperate network, let’s assume it get connection issues. To get it fixed you have to get the service provider who provided the link. Even though it’s too critical for operations you have to wait till they fix it. You can’t simply connect through different service provider. Even you switch service providers it can take days, weeks to get them to lay new leased line.

 

Is there any other solution than lease line which can use without these types of issues? Yes it is we called it as VPN (Virtual Private Network). Its simply creates “virtual” private network similar to leased line over public network. So there is no physical leased line, but it creates secure tunnel between two locations over Internet. This we can also call as virtual leased line. Most of ISP, provides VPN solutions which will suite your requirement but you also can create your own VPN solutions based on VPN appliance or based on software such as windows routing and remote access.

vpn2

Even Though its make connection over the internet it is secure tunnel which transfer only encrypted data. There are many security protocols that VPN can configure with.

•    IPSec ( IP Security )
•    L2TP ( Layer 2 tunneling Protocol )
•    PPTP ( Point to Point tunneling Protocol )
•    SSL/TLS ( Secure Socket Layer/Transport Layer Security)

First 3 methods are works on OSI network layer. When use this most of the time it will need a VPN client install on the host to connect to the VPN server or appliance.

The SSL/TSL is works on OSI Transport layer. So it will be working on industry standard SSL port 443 and no need to use custom ports for VPN connections. The connection setup from client end is easy as it can be perform via web browser.

One of the main advantage of VPN is the low implantation and operation cost. If you have public ip with proper internet connection you can simply setup your on VPN server and allow the clients to dial in to it. You do not need to spend money on additional hardware, services, and resources for it. The operation cost also will be very low or null. For ex Microsoft Remote Access solution is comes with the windows server operating system in built. To set it up all you need to do is add the role and configure it. It will not involve any license cost, monthly fees, maintains fees or services charges like we do have with leased connections. 

The other beauty of VPN is that it support for mobility. As we discussed it do not have any physical connection between the locations. If you have internet connection you can use VPN to connect to cooperate network from anywhere in the world. It can be via your mobile, smart phone, pad, laptop etc. This is very best solution for mobile sales peoples, management staff which travels on business matters. All they need is working internet connection. It doesn’t matter if you in hotel, road, airport, bus stop if you connected to VPN you will be part of corporate network.

One of another advantage of using VPN is it will not have dependency on service providers. There are certain situations such as cooperate site-to-site VPN solutions which may use via service provider but majority of the VPN connection solutions are not depend on the service provider. In leased line if you got connection from particular ISP you always have to depend on that service provider to get connected. If line has issues you have to wait till they fix it. But in VPN solutions all you need is working internet connection. It doesn’t matter which ISP you connects from. For ex- In home office let’s assume you using VPN connection to connect to office network. While you working, the DSL connection you using as primary internet connection starts to drop. But you have mobile internet connection from another service provider. You can simply plug in the dongle and connect to VPN via and continue your work. You will not need to change any VPN connection settings to do it.

If you take a leased line solution some time it may be a combination of different ISP, different technologies. There for to maintain/troubleshoot it will take time and complex routine. But on a VPN it’s easier to maintain and troubleshoot. Mostly it will be due to failure of internet connections. Other than that very rarely it involves any complex troubleshooting routine specially because no physical connection.

Considering all these facts it’s obviously VPN is the best solution to use for remote access.

There are different solutions such as Remote desktop Services, Terminal services, Citrix Solutions which can use for the remote access. All those have different pros and cons but here I only compare the leased line solution and the VPN solution.

Related posts
Cyber SecurityMicrosoft Entra IDMicrosoft Technologies

Microsoft Entra lifecycle workflows Part 02 - How to synchronize value for employeeHireDate attribute from on-premises Active Directory ?

In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by…
Read more
Azure servicesMicrosoft Entra IDMicrosoft Technologies

Step-by-Step Guide : Automate JML(Joiners/Movers/Leavers) process with Microsoft Entra lifecycle workflows

JML (Joiners/Movers/Leavers) process of an organization has a major impact on its security and…
Read more
Cyber SecurityMicrosoft DefenderMicrosoft Technologies

Microsoft Defender for Identity Part 02 – Create Directory Service Account

In Part 01 of Microsoft Defender for Identity blog series, I have explained about Microsoft Defender…
Read more
Newsletter
Become a Trendsetter

Sign up and get the best of RebelAdmin, tailored for you.

Leave a Reply

Your email address will not be published. Required fields are marked *