The virtual private network (VPN) has been a powerful tool in the network security administrator’s toolbox for decades, because it has provided a means for remote computers to communicate securely across an untrusted network such as the internet.
Whether for branch offices communicating with headquarters (site-to-site), or an employee working from home (remote access), the VPN provided a secure point-to-point tunnel back to resources on protected networks.
VPNs were an effective tool for Public Sector network security when the majority of network traffic was on premises. When VPNs were introduced in the late ‘90s, proprietary applications were in the data center. Cloud hosting of apps didn’t exist. Users going off-premises was the exception rather than the rule.
But times—and the ways we work—have changed.
According to a recent survey, the majority of public sector employees expect to continue teleworking post. Respondents said that before COVID-19, they telecommuted an average of two days per week.
During the lockdown, that jumped to nearly the entire work week. It’s clear that for these employees, remote and hybrid work is the new normal, with those survey respondents not expecting to go back to the office full time, citing that they are likely to work remotely at least three and a half days per week.
One challenge with VPN in these new circumstances is that VPN connectivity comes with a performance tradeoff: Routing traffic through narrow, dedicated, persistent point-to-point tunnels via indirect security gateways—secure as it may be—adds considerable latency as compared to direct on-the-network data travel.
And the full-tunnel VPN approach to protecting outbound traffic—carrying it inbound first, for inspection by an on-premises security stack—only exacerbates the problem.
When those inconveniences affected only that small minority of remote-work network traffic, the pros may have outweighed the cons. While the federal government had been slowly expanding remote work, the pandemic response radically sped the process, bringing the drawbacks of VPN into the spotlight: the more remote users, the more constrained the bandwidth. Not to mention, the worse the user experience
