Virtual Private Networks (VPNs) have been in use for many years. Businesses commonly deploy them to provide secure remote access to on-premises resources for their mobile workforce. However, times are changing, and many organizations are rapidly adopting the cloud. Today, many companies have migrated applications and even infrastructure to public cloud providers. So, what does this mean for VPN? Are they even necessary anymore?
VPN and the Cloud
VPN still has a place in todays modern, cloud-based landscape. Why? Because regardless where data, applications, and infrastructure reside, secure remote access to those resources will always be required in some form. Remote users will still need secure, private, and authenticated access to applications and data, and administrators will need a secure channel with which to connect to infrastructure services for the purposes of maintenance ad support.
DirectAccess and the Cloud
For those organizations moving their traditional on-premises Windows server infrastructure to the cloud, DirectAccess can also be hosted on cloud-based virtual infrastructure, albeit with a few critical caveats. First, DirectAccess is not formally supported in Microsoft’s Azure public cloud, and support for it in Amazon Web Services (AWS) or other cloud providers is a gray area. In addition, some configuration options are not supported in the cloud, such as creating load-balanced DirectAccess server clusters. For more information about hosting DirectAccess in the cloud, click here.
Always On VPN and the Cloud
Windows 10 Always On VPN is the replacement for Microsoft’s venerable remote access solution. Always On VPN provides the same seamless, transparent, and always on remote access DirectAccess provides, with better security and performance. Always On VPN is infrastructure independent, allowing administrators to use third-party VPN servers such as Cisco, Checkpoint, Palo Alto, SonicWALL, Fortinet, PulseSecure, and others that are available as virtual appliances in the cloud. As of this writing, using Windows Server Routing and Remote Access Service (RRAS) is not supported in Azure.
Hybrid, Public and Private Cloud VPN Options
There are numerous VPN options to choose from when deploying a VPN in a hybrid, public, or private cloud. For public cloud-hosted infrastructure, many third-party VPN devices are available as virtual appliances in Microsoft Azure and AWS. In hybrid cloud scenarios, virtual appliances can be deployed in the public cloud while physical or virtual appliances or Windows RRAS can be deployed on-premises. For dedicated private clouds, the choice to use physical or virtual appliances, or use Windows RRAS are available.
Additional Information
I am an Enterprise Mobility expert and I specialize in helping companies securely mobilize their workforce. If you’d like to learn more about your remote access options, fill out the form below and I’ll get in touch with you.