- Insider threat looms large in San Francisco
- Woman fired over death threat
- IT admin pleads not guilty
- Tape storage gets more dense
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Charles Duffy needed a no-cost way of constructing a VPN to link his company's remote quality-assurance and IT staff to the corporate headquarters at Catalis Health in Austin, Texas.
The answer was OpenVPN, the open source SSL-based VPN software available as a download from the Internet. The only investment Catalis made in the project was time, about 80 hours that was spent testing OpenVPN and writing custom wizards to help users install client software, says Duffy, who is a senior deployment engineer at Catalis. "We were budget-impacted so commercial solutions weren't on the table," he says.
While he tapped into free VPN software, it is possible to find serviceable low-cost alternatives to the deluxe VPN gear put out by top network vendors such as Cisco, Juniper, Nortel and Check Point. "Offices not sending real-time information and using an inexpensive [DSL or cable modem] connection rather than a T-1 are ideally suited for a low-end VPN," says Zeus Kerravala, vice president of enterprise infrastructure at The Yankee Group.
Vendors such as SonicWall and WatchGuard cut their teeth making this type of inexpensive gear, although both also now offer higher-end equipment. Linksys, which is owned by Cisco, and SofaWare, which is owned by Check Point, and others also offer no-frills VPN equipment.
Such gear will grow significantly in popularity over the next few years, from 460,000 individual units sold this year to 1.2 million projected in 2008, according to Keith Nissen, a senior analyst with In-Stat/MDR. "A lot of firewall/VPN gateways are actually being purchased by larger corporations and being deployed in branch offices or departments," he says.
Companies that need to deploy a VPN to hundreds of sites or have to set multiple complex security policies for different classes should not consider these options, Kerravala says. "But if you are looking for very, very basic, solid security - say, allow three types of traffic only and deny everything else - then these are fine," he says.
In the case of network management provider Techno Specialties in Lubbock, Texas, about 25 $300 Linksys RVO82 VPN routers support its customers, says the company's director, Tony Dodd. The boxes at each of its customer sites let Techno Specialties remotely administer their networks, and in some cases the appliances also connect multiple offices run by a single customer, he says.
"These things configure themselves and have great remote administration features," and are half the price of Cisco 831 or 1700 routers, Dodd says. Each Linksys device also includes an eight-port switch that he says he uses to create customer LANs, and dual WAN ports to support more than one Internet connection.
That's not to say the devices are without limitations. For instance, they don't come with remote-access software. They support third-party VPN software, but that is so expensive the cost would override the savings for the hardware. "It kind of takes the cost-effectiveness out of the equation," he says.
The Linksys boxes also have no management platform, so he has to log on to each one individually to change settings. If he had any more of the devices to administer, he would be overloaded. "It's not like the big-dollar stuff. They don't have a management utility, and at this price I doubt they ever will," Dodd says. "I don't imagine there would be too many businesses that would deploy these in greater numbers than I have."
The boxes are also temperamental about the quality of the DSL lines to which they are connected. VPN tunnels drop if the service spikes. "We have to power down the routers and power up again. [The tunnels] don't come back up very nicely," he says.
Rss FeedRss Feed
TMOBILES' ADVERTISING IS VERY MISLEADING...THEY LEFT OUT THE ADDITIONAL CHARGES AND CONTRACTS...IF THE...- Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comments (1)
RE: Building VPNs on the cheapBy Ed Ackerman on October 23, 2007, 6:48 amMore like an add instead of an article on actually doing something, like say using OpenVPN to build the VPN.
Reply | Read entire comment
View all comments