[PLUG] When is a VPN advantageous?

Louis Kowolowski louisk at cryptomonkeys.org
Thu Nov 21 16:31:50 UTC 2019


Depending on your circumstances:
* A VPN can reduce the threat to your (remote) LAN by allowing fewer services to be externally accessible - example: you don’t have to expose IMAP, HTTP(S), etc. Probably still need to expose 25 for inbound mail, but you don’t typically auth on 25.
* A VPN can provide an additional layer of encryption for traffic that may or may not be encrypted, whether its the data channel or meta-data
* A VPN can obscure meta-data aspects of the services you are connecting to (whether they are on the remote LAN or not)
* A VPN can provide access to services that somebody wants restricted (for example, some networks only allow certain ports outbound, a VPN can bypass these restrictions)

A VPN is not an end-to-end solution. Its just a way to securely bind 2 networks together. You’re still responsible for ensuring that non-VPN traffic is appropriately authenticated/encrypted/checksum’d/etc.

From my perspective, the physical distance isn’t important. A VPN is just as useful when connecting 2 networks whether they are 100’ away, or 10000mi. And I don’t see a difference between connecting 2 LANs or a mobile user (laptop/phone/tablet) to a LAN. It all works the same way.

VPNs can take different forms. Some people like using SSH as a VPN of sorts. Some people like SSL VPNs (OpenVPN is an example). Some people like IPSec. Sometimes you use different types for different use-cases. 


> On Nov 18, 2019, at 1:50 PM, Rich Shepard <rshepard at appl-ecosys.com> wrote:
> 
> I'm not traveling out-of-state as much as I used to and I'm curious when a
> VPN would be advantageous for a sole practitioner professional services
> provider who would access the office LAN for mail and files when not sitting
> at the desk there. All thoughts welcome.
> 
> Rich
> _______________________________________________
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug

--
Louis Kowolowski                                louisk at cryptomonkeys.org <mailto:louisk at cryptomonkeys.org>
Cryptomonkeys:                                   http://www.cryptomonkeys.com/ <http://www.cryptomonkeys.com/>

Making life more interesting for people since 1977




More information about the PLUG mailing list