Over the last few years VPN usage has come full circle; from IPSEC-VPN to SSL-VPN and now, back to IPSEC-VPN again. The reason for this is simple: connectivity needs have expanded rapidly, and for a while, scale and convenience were key priorities.
IPSEC-VPN was originally seen as the best option for organisations that wanted to connect disparate systems and networks via strongly encrypted communications.
Even when flexible working fuelled demand for remote access to company resources, its client-server abilities were still considered superior — with some development to support more devices.
But the rise of Wi-Fi adoption brought big changes. While IPSECVPN was modified for better Wi-Fi compatibility, it was soon side-lined by technology that was easier to install, functioned at the pplication layer, and integrated with most web browsers: SSLVPN.
And as mobile usage exploded, SSL-VPN became the standard technology deployed in most apps and environments to provide what was broadly viewed as secure access.
Security vulnerabilities
Yet there were always security vulnerabilities with SSL-VPN — highlighted by Man-in-the-Middle attacks (MiTM) — and recent focus has returned to the risk these flaws pose. As organisations explore new opportunities for mobile, they need more robust connection technologies that offer network-level security, meaning IPSEC-VPN is back in the frame.
Now that the initial craze around mobile adoption has subsided, organisations are increasingly turning their attention to security. For most safety-conscious organisations, it’s clear that SSL-VPN does not offer sufficient protection — especially as they look to leverage the Internet of Things (IoT) and cloud capability.
As a result, the concept of creating a secure route to company networks and implementing tools that can detect threats before they jeopardise cloud-based systems has growing appeal, and IPSEC-VPN is the ideal technology to deliver this across the mobile space.
The future is set to bring a renaissance of classic computing methods — such as client-server — but with a modern twist. In place of PCs and fixed networks, mobile and IoT devices will be used for the majority of computing activity, and connections will be managed through the cloud.
Yet security will return to technologies that can offer data leakage prevention, protection at the network layer, stringent threat detection and in-depth risk monitoring, such as IPSEC-VPN.
- Eric Green is a Security Strategist at Cyber adAPT
