Let’s look at migrating to VPNaaS (VPN as a Service) and examine the benefits and considerations for migration. Watch Ashur Kanoon below as he demonstrates the key factors you should be keeping in mind (plus considerations other vendors might hide).
[transcript] So what is VPNaaS? It’s basically VPN as-a-service: something that’s hosted without having to deploy traditional VPN appliances. So what are some of the advantages? One: scalability. VPN as-a-service allows organizations to quickly and easily scale up and down without having to buy, rack, then stack hardware. It’s also cost-effective. You don’t need to buy the hardware, the licenses, you don’t have to buy, then rack, stack… It’s all in the cloud for you. You just have to basically configure and typically support is bundled in.
Access Anywhere Anytime
It’s easily accessible because usually these are cloud-based, so they’re deployed everywhere. You can access them from anywhere you want. And there’s also typically POPs in China for organizations that have offices there and need to get past the Great Firewall. There’s also easy management; so with VPN as a service, there’s typically a central place to administer the whole infrastructure, and this just frees up IT resources to do other tasks. From a security perspective, with VPNaaS, there are usually more robust security measures. Think about what you have to do today for the VPN appliance…from a firewall perspective, all of that stuff is taken care of for you, and when deploying updated ciphers, all that stuff can be done without having to upgrade or install any FIPS modules or anything like that.
Ultimate Flexibility in Deployment
VPNaaS is also very flexible, meaning there’s a wide range of options and configurations. It really allows you to deploy this as you wish in many different places. In terms of deployment: rapid deployment is also another huge benefit to VPNaaS. Typically you can get VPN as-a-service system up and running in minutes. These can be deployed using like virtual appliances in marketplaces or just a few sets of commands that run on your standard Linux boxes. Now let’s take a look at some considerations when migrating. So the first one is the network architecture. You can basically deploy a VPN as-a-service in many different ways. A lot of times, most of the components are cloud-based, and then there might be a connector that you have to deploy…and these connectors can run anywhere: on-prem, or in your cloud service provider.
Be Mindful of Bandwidth
You should also think about bandwidth requirements. Some VPNaaS have limitations. Depending on what you want to do, you have to make sure that those bandwidth requirements can be met using something in the cloud, and you’re not going to be charged extra for bandwidth consumption. The next consideration: can the VPN as a service integrate with your existing systems? You probably have things for authentication, maybe MDM and EDR. So you want to make sure what you’re migrating to can also support that because you don’t want to have to take a step back.
Compliance Considerations
Don’t forget data privacy and regulations: if you are in an industry that requires some compliance, you want to make sure that data is stored where you think is best, and you also want to make sure that your corporate data isn’t being decrypted, analyzed and then re-encrypted. This is often happening with organizations that are SWG-led, meaning they initially had a SWG (and they decrypt all the traffic). You also want to make sure that the VPN as a service has a client or agent on the platforms that you are using today. Sometimes you’ll see that the new offering is desktop only or it’s missing [for example] a Linux application or agent. You want to also make sure that the new VPN as a service has some training. Typically, these should be very easy to deploy, but in some cases they’re not. You need to train your IT team so that they can deploy rather quickly, and in the scenarios where something happens, you also want to check on support. Some organizations have requirements for in-region support.
Banyan Security is here to make migrating to VPNaaS easy to deploy in your organization – schedule a custom demo today to see how quickly we deploy.
