Home > Resources > Technical > Black Box Explains > Security > VPN considerations
Navigation
 
VPN considerations

Things to consider about VPN connections

Who’s setting it up? You can buy and set up VPN equipment by yourself. But some service providers have introduced VPN solutions that guarantee certain levels of service. They boast 99% uptime and offer credit reimbursements for outages, for example, so this means that the VPN link can be relied upon—just as any other leased-line application.

Is it secure enough?
Data that travels over the VPN is usually encrypted, and encryption can be altered depending on the level of security you require. If your links are global, make sure international encryption standards are in place. Also, establish and enforce corporate security procedures (such as password protection) to keep your information safe.

But data encryption isn’t enough. The company network still has to be secured behind a firewall. You are, after all, connecting a local network to a public network. Therefore, the firewall should be set up to scan transmitted data, including the content of the information itself, before letting it enter your local network. The identity of users and servers should be verified and the firewall should keep a record of message sources and arrival times.

Is the equipment compatible? Each company’s network is unique. Yours may include various pieces of hardware and software from different vendors who use different protocols. It’s important to ensure that the remote networks linked via the VPN are using the same protocols (such as TCP/IP) so they can communicate with each other.

Any latency issues? When data moves across a network, it takes a certain amount of time to get from one point to another. Usually, this isn’t a consideration on a LAN. Data doesn’t have to travel through a lot of equipment, so latency is quite short. However, when a VPN is used across a public network, the time between initiating a request for data and the beginning of the actual data transfer increases. This doesn’t affect most applications; they can deal with latencies that are quite large. But some may require a quick return on the transmitted data or risk “timing out.”

It’s best to check beforehand if your ISP can handle your latency demands. Latency can change from second to second because of many factors. Your service provider, for example, may have a lot of subscribers who contend with one another for a link at certain peak time periods. Can your company weather network congestion and get the service it demands?

Quality of Service? The link’s response for users retrieving and sending data is important, too. A user may wait a few additional seconds for a file to transfer, but he or she may have less tolerance for similar delays while trying to access a database or run voice over an IP data network.

You can counterbalance the effect of delay through a Quality of Service (QoS) feature that may be available on your router. QoS specifies that certain levels of performance are met on a consistent basis. It can be used, for example, to classify data packets that travel the VPN tunnel and ensure that critical packets are given the highest priority. Less important data is either dropped or buffered for later transfer.