Choosing the right VPN

There are many different software applications that implement virtual private networks, 3 popular VPN’s used are LogMeIn Hamachi, Windows Server Direct Access and OpenVPN. Things to consider when choosing the right VPN  is the speed, compatibility, security and setup. Depending on the infrastructure and network size the optimal VPN solution may vary. For small peer-to-peer networks the LogMeIn Hamchi solution would be preferred. For large enterprise networks with multiple domains, Microsoft Direct Access would be your best option. Although in a small business solution with one domain and a limited budget OpenVPN is a viable solution.

LogMeIn Hamachi

LogMeIn Hamachi is usually the most user friendly and easiest to setup by simply installing the Hamachi client on all devices you want to connect and add them into the VPN. The downside to LogMeIn Hamachi is that it’s limited to 10 VPN clients on its free service and that the VPN server is run by their servers and not yours which can lead to slower connections and  possible privacy breaches. This is why Hamachi is a popular solution in a peer-to-peer networks or workgroups  as it is quick and simple to setup and only requires client side software.

Windows Server Direct Access

With the introduction of Direct Access in Server 2008R2 it has allowed corporate networks to create a seamless VPN connections to the  corporate intranet. This is achieved by utilizing a bi-directional connection between the clients and the network, this means that Direct Access is always connected internally and externally, users never have to manage the connection. The other great thing about Direct Access is that administrators can manage the remote computers even when they are not connected to the VPN, the settings simply apply to the computer next time it connects.

Direct Access creates two IPsec tunnels to the Direct Access server. One tunnel is a IPsec Encapsulating Security Payload (ESP) with Transport Layer Security (TLS) encryption, this provides access to the Domain Controller and DNS server for pushing out Group Policy. The second tunnel is a IPsec ESP/TLS used for providing access to internal resources and application server.

Direct Access uses IPv6 for internal communication to resources but the IPv6 packets are encapsulated into IPv4 packets in order to communicate on the internet. This also means that the packets can be NATed which means in most cases no configuration is required for firewalls or proxies. Direct Access is compatible only on Windows 7 Ultimate and Enterprise, Windows 8 Enterprise and Server 2008R2 or Server 2012. In most cases the cost to set up a Direct Access service is fairly high which is why it is considered a Enterprise solution.

OpenVPN

OpenVPN is our preferred VPN server, It’s one of the most secure, fastest and compatible options out there. For OpenVPN’s authentication and encryption methods it uses the OpenSSL library, an open source implementation of the TLS and SSL protocols. OpenVPN has been designed and tested to run on unreliable networks and low powered devices, even the Raspberry Pi. Available as client and server versions it runs on Solaris, Linux, OpenBSD, FreeBSD, NetBSD, QNX, Mac OS X, Windows 2000/XP/Vista/7 and 8. User authentication can be done by using a pre-shared secret key,certificates and/or a username and password.

In comparison to other VPN protocols OpenVPN rates quite high for a free product. The comparison chart below take from a Giganews article we can see the difference between the protocols. No matter what network you have, your business can benefit from a VPN solution

VPN Comparison

Stay tuned for our guide on running your own OpenVPN server on Windows 8 or Server 2012!

Thank you for viewing and subscribing to our Blog it helps our community grow.