Technology makes it possible for many businesses to remain operational as much of the workforce settles in to working in a remote setting. For some organizations, this shift has not been without technical challenges. An increase in the number of employees working from home has strained VPN capacity. This has significantly impacted the ability to reliably and securely network remote staff. As a result, some individuals are combining personal technology with the professional tools to work around the issues caused by inadequate VPN capabilities. While this may enable work to continue in the short term, it also leaves companies more vulnerable than ever to cybercrime.
Even large-scale players are experiencing significant disruptions. In a report by CNN, they report that the Air Force’s virtual private networking software can only support 72,000 people at once. The Air Force employs more than 145,000 in-house civilian workers and 130,000 full-time contractors.
As more businesses plan to keep their employees working from home, some companies have been forced to handle VPN capacity issues in a reactive, panicked fashion.
If your business is experiencing problems with VPN capacity, scale and capabilities, here are some tips from Microsoft:
- Use split tunnel VPN to save load. Send networking traffic directly to the internet for “known good” and well-defined SaaS services like Teams and other Office 365 services. Sending all non-corporate traffic to the internet is ideal if your security rules allow.
- Collect user connection and traffic data in a central location for your VPN infrastructure. Use modern visualization services, like Power BI, to identify hot spots before they happen, and plan for growth.
- If possible, use a dynamic and scalable authentication mechanism, like Azure Active Directory, to avoid the trouble of certificates and improve security using multi-factor authentication (MFA) if your VPN client is Active Directory aware, like the Azure OpenVPN client.
- Geographically distribute your VPN sites to match major user populations. Use a geo-load balancing solution such as Azure Traffic Manager, to direct users to the closest VPN site and distribute traffic between your VPN sites.
- Know the limits of your VPN connection infrastructure and how to scale out in times of need. Things like total bandwidth possible, and maximum concurrent user connections per device will determine when you’ll need to add more VPN devices.
- If using physical hardware, having additional supply on-hand or a rapid supply chain source will be critical. For cloud solutions, knowing ahead of time how and when to scale will make the difference.
If you’re having issues with VPN capacity, and you want to employ some of the tips above but don’t know where to start, we can help. We can provide advisory assistance to guide you in the right direction, and help you evaluate and select the right software to meet your organization’s needs.