Who Uses Virtual Private Network (VPN) Software?
The two main constituencies of VPN software are businesses that want to protect sensitive company data by restricting access to their company data and individuals who want to mask their IP address while browsing the internet, whether for work or for personal reasons.
IT administrators: IT administrators generally manage VPN software. Companies that want to ensure their information is safeguarded and control who has access to their networks use VPN software. Companies primarily use VPN software to connect regional office networks to their headquarters and to authorize users, such as their remote employees or partners, with access to their corporate network.
Remote or mobile employees: With an increasingly mobile workforce, secure access to business applications is critical to accomplish work. Employees use VPN software when they are out of the office to get secure, seamless access to corporate networks and applications, such as corporate email, messaging, and file sharing.
Individuals: When not using VPN software to access corporate networks, individuals commonly use VPN software for secure personal internet browsing. This is typically to evade snooping from hackers while using unsecured Wi-Fi or to mask an IP address and location when visiting websites that track visitors. Individuals use VPNs to change their IP address’s country of origin to access geo-blocked websites. For example, if a person traveling for work in Singapore tries to access a website or service based in the United States, they might find that it is geo-restricted content per the Singaporean Media Development Authority. The traveler could utilize VPN software to use an IP address located in a different country, such as the United States, to bypass the Singaporean restrictions and view the content.
Software Related to Virtual Private Network (VPN) Software
VPN solutions provide access to networks, like corporate networks for credentialed users; VPNs do not validate the user’s identity or provide access management functions. To get user-specific session information, adding identity and access-related tools to VPN deployment can be helpful.
Identity and access management (IAM) software: IAM software helps companies protect their systems from unauthorized access or misuse by only allowing authenticated, authorized users (typically employees, based on job roles) to access specific, protected company systems and data.
Privileged access management (PAM) software: PAM software helps companies protect the keys to their IT domain by ensuring the credentials of their privileged accounts, such as admin accounts on critical company assets, are only accessed by those with proper permissions to do so. PAM software helps prevent external hacking or internal misuse of important company assets by employing the least privilege access policies, wherein users receive the absolute minimum access needed to perform their duties.
Software-defined perimeter (SDP) software: SDP products are a specific type of network security solution that focuses on network segmentation and user authentication. SDP itself is an architecture designed to allow access on a need-to-know basis, meaning every device and user must be verified before accessing either the network as a whole or specific systems and applications within a network.
Remote desktop software: For companies seeking a lighter weight software solution to view desktops remotely--often used for technical support use cases--remote desktop software may be an option. Remote desktop software allows a user to seamlessly connect to and interact with a computer in another location via an internal network or the internet. Remote desktop software enables the user to see and control a connected PC or laptop as though they were sitting directly in front of it.
Challenges with Virtual Private Network (VPN) Software
Legality: Some countries ban the use of VPN software. For example, in the United States, it is perfectly legal to use VPNs. In Russia, Venezuela, Turkey, and several other countries, it is illegal to use a VPN in some instances. This includes changing an IP address’s country of origin to access blocked websites.
List of countries where VPNs are illegal, as of May, 2019:
- Turkey
- Iraq
- Russia
- Belarus
- North Korea
- Turkmenistan
List of countries where only government-approved VPNs are legal, as of May, 2019:
- China
- United Arab Emirates
- Iran
- Oman
(Source: Comparitech)
Legality of no log or zero log policies: Depending on where the VPN provider’s servers are located, local legislation dictates what recordkeeping is required of VPN providers. Information VPN providers may be legally required to hand over to local authorities include user activity, IP address, connection timestamps, and devices used. This means that in some cases, no log or zero log policies may not be available.
Free VPNs may track and sell user data: Some free VPNs sell user data, which usually defeats the purpose of using a VPN in the first place. Hence, it is important to read the terms and conditions of the VPN provider carefully.
How to Buy Virtual Private Network (VPN) Software
Requirements Gathering (RFI/RFP) for Virtual Private Network (VPN) Software
VPN software can meet a variety of business needs depending on a business’s specific requirements. When developing the list of requirements and priorities for selecting a VPN software solution, companies should be mindful of the following:
End-user use cases: Companies should determine the use cases of the software by asking the following questions:
- Who are we trying to allow network access with the VPN solution, employees or contractors?
- Are we trying to create a private connection for an individual user?
- Do we just need a site-to-site VPN to connect remote offices to a company’s headquarters?
Strength of protocol: Businesses should determine which protocol they require based on the speed, encryption strength, stability, streaming, and downloading capabilities. A VPN protocol is the instruction a VPN uses to communicate with the VPN client and the VPN server. The protocol is comprised of transmission protocols and encryption standards.
There are several types of VPN protocols with differing speed, encryption, stability, streaming, and downloading abilities. The most secure and mobile-friendly VPN protocols are OpenVPN and IKEv2 protocols, while PPTP and L2TP/IPsec are less secure protocols.
- PPTP: Point-to-Point Tunneling Protocol
Pros: speed, stability, streaming, downloading
Cons: poor encryption
- L2TP/IP Sec: Layer Two Tunneling Protocol (L2TP) and Internet Protocol Security (IPsec)
Pros: speed, streaming, downloading
Cons: fair encryption, fair stability
Pros: encryption, stability
Cons: fair speed, poor streaming, poor downloading
- SSTP: Secure Socket Tunneling Protocol
Pros: encryption, downloading
Cons: fair speed, fair stability, fair streaming
- IKEv2: Internet Key Exchange version 2
Pros: speed, encryption, stability
Cons: fair streaming, fair downloading
Encryption standard: Companies must determine which encryption standard meets their security requirements. The most common encryption standards include:
-
Advanced Encryption Standard (AES-128 encryption): AES-128 encryption, is an industry-standard encryption cipher. AES-128 encryption is very secure and nominally faster than AES-256.
-
Advanced Encryption Standard (AES-256 encryption): AES-256 encryption, also known as military-grade encryption is the first publicly accessible cipher approved by the National Security Agency. It is nominally slower than AES-128.
Business segment or region-specific solution: When looking for software tailored to the small businesses segment versus mid-market or enterprise segments, companies should be clear in their RFP about this. Similarly, if there is a need for a tool that works well in a specific geographical region or language, that should be included in the RFP.
Integrations: Companies must ascertain which integrations are important.
Licenses needed: Companies should decide how many licenses they need for end users and if there are different license types based on user type.
Number of servers and geographic locations: The number of servers and their geographic location is important when selecting a VPN solution, in particular for individual VPN use cases.
Timeline: How quickly a company needs to implement a solution is also a factor in the buying process.
Level of support: Companies should know if they require high-quality support or if they are able to implement this in house?
Compare Virtual Private Network (VPN) Software Products
Create a long list
Upon finding some products through research on G2.com, selections can be saved in “My List”, so buyers can easily reference these software solutions. From meeting the business functionality needs to implementation, vendor evaluations are an essential part of the software buying process. For ease of comparison after all demos are complete, it helps to prepare a consistent list of questions regarding specific needs and concerns to ask each vendor.
Create a short list
To determine the best VPN solution from the long list of products, buyers should read through product user reviews, view ratings on the G2 Grid® report for the Virtual Private Network (VPN) software category, read usability ratings, and cull the long list of vendors in the G2 “My List” down to a handful.
Conduct demos
In the next step, buyers can contact the shortlisted vendors for demos using the G2 “Get a Quote” button. During the demo of each solution, buyers should ask the same questions, get clarifications on the same use cases to best evaluate like for like, and see how each vendor stacks up against the competition.
Selection of Virtual Private Network (VPN) Software
Choose a selection team
The software selection team should consist of members of the organization who have the right interest, skills, and time to participate in this process. A good starting point is to aim for three to five people who fill roles such as the main decision maker, project manager, process owner, system owner, or staffing subject matter expert, as well as a technical lead, IT administrator, or security administrator, in addition to an end user. It is important to include an end user on the selection team because after all, for VPN software to work, end-user adoption is critical.
Negotiation
Pricing often depends on the number of licenses bought and the length of time. The more licenses bought and for a longer term, usually helps in getting a discounted deal. Negotiates may be possible for free or reduced implementation services or ongoing support, as well.
Final decision
After this stage, and before going all in, it is recommended to roll out a test run or pilot program to test adoption with a small sample size of users. If the tool is well used and well received, the buyer can be confident that the selection was correct. If not, it might be time to go back to the drawing board.
