A small organization will have no problem maintaining information on clients, keys, and other configuration details in a spreadsheet via cut-and-paste or simply saving the data in the VPN server's configuration utility.
But that's only viable for small groups of VPNs.
Organizations that have more than 20 or so VPN clients will need tools such as the NCP Secure Entry Client for Win32/64, which automates initial configuration and deployment and even has tools to help troubleshoot them in the field.
The security afforded by VPN solutions is good, even using just the basic settings. Sure, if the NSA wants your data, then they can probably get it no matter which solution or degree of encryption you're using. But lesser hackers and digital ne'er-do-wells will likely be stymied by a VPN and move on for easier prey if there's an unpatched vulnerability on either side of the connection they can exploit. Many of the recent ransomware and other widespread malware infestations would not have been possible if OSes and applications had been kept patched.
A good VPN solution should have the option to download and install patches automatically, or after patches have been cleared by IT, for both the client and server portions.
All of the clients have the ability to install silently and from a pre-configuration file so users don't need to understand or enter data to get the client up and running. Even the Microsoft client can do this, although the process for the administrator to get everything set up is manual and will require some testing to ensure a smooth installation. Once that's done, the admin can email the user an installation executable file (or send them a CD or USB drive), including the configuration file and the certificate or pre-shared key file (in a separate message for security). The user simply double-clicks the installer and, after a short period, the VPN connection is available to them.
Contribute, add your point to this blog or see more about our Private VPN Services here
Comments