Using a VPN or Virtual Private Network allows to create a secure and encrypted connection between two points. For instance, for connecting to the dashboard of our Private Cloud without it being accessible over the Internet. At the end of this post we will talk about which are the VPN solutions we recommend and use.
What’s a VPN and how does a VPN work?
A VPN is a virtual private network that allows to create a secure and encrypted connection to another network over the Internet. When a device is connected to a VPN, such device acts as if it was in the same network as the VPN; enabling, for instance, remote access to local network resources. This way, all the traffic — or a specific part of the traffic — is sent encrypted and securely through this new VPN communication tunnel.
It is to say, a Virtual Private Network (VPN) connects your computer or any other device to another computer — which acts a server— located anywhere on the Internet, so that you can browse the Internet using its Internet connection.
At Stackscale we recommend using VPNs for protecting the access to critical tools, such as the dashboard of VMware vSphere or OpenStack. It can even be used for protecting SSH accesses to servers, in addition to using access public keys. This way you don’t only guarantee that the traffic travels safely and away from prying eyes, but also that you have access to restricted resources nobody else will be able to access since they’re in a private network; to which you can only connect to via your VPN.
A VPN which additionally has Internet access once you are connected to it can also be useful when you connect to a public WiFi, since your communications will be secure because you will be browsing through your own network thanks to the VPN. You can also give access to your VPN to sales people or people from other departments that travel frequently, so that they browse the Internet securely at the same time they use a secure access to your internal servers.
Common uses for a VPN
- Access to restricted-access resources in your company. At Stackscale we use it both internally and for protecting all our customers.
- Access to your business network while you are away from the office. Many companies use it so that professionals can have a secure and encrypted access to the company’s resources while travelling or working remotely.
- Access to your home network while you are away from home. There are more and more users that use a VPN for accessing their devices and computers that are turned on at home and browsing as if they were on a LAN at home.
- Hide browsing data. When using a public WiFi, those that don’t have a password or whose password is shared with everyone else, everything you visit and that doesn’t have a HTTPS secure connection could be visible to anyone who knows how to sniff a network. By activating a Virtual Private Network, communications will be encrypted and the only thing they will see is that you have a VPN and you will be completely anonymous.
- Bypass censorship on the Internet. There are some governments that restrict the access to particular services or websites, such as China, and a VPN is a useful option to easily access to those censored services and contents.
Which VPN to choose?
In many of the Private Cloud deployments at Stackscale we deliver a management VPN by default and, when we don’t do so, we recommend the customer to do it as a security measure. We use and support both L2TP (Layer 2 Tunneling Protocol), IPsec (Internet Protocol Security) and OpenVPN.
Secure VPNs with L2TP/IPsec/OpenVPN
L2TP and IPsec are supported natively both by Windows and Mac OS. Linux also supports it, but it must be installed and configured in order to work. As for OpenVPN, it is a widespread open source Virtual Private Network solution which offers numerous security possibilities. Depending on the operating system, there are different OpenVPN clients you can use.
Apart from the recommendations above, there are many alternative open source VPNs; such as WireGuard, which is a modern and easy to use VPN solution that aims to improve performance.
At Stackscale, in order to guarantee the maximum security, we recommend to use Virtual Private Networks and that every user with permissions has its own access to the VPN. Our technical support team can help you improve security and privacy of your company’s infrastructure and virtual environments.