The ability to remotely access an internal network has been around for decades, but whether through terminal services or third-party applications, people have increasingly been working at home. It reduces traffic and congestion in cities, gives people a little more time to spend with their families and, most studies show, it often increases worker productivity.
However, from the tech perspective, telecommuting is a little more complicated. Over the years, options have begun to arise for accessing internal networks, specifically virtual private networks (VPNs). However, a new form of virtualization has opened up the market: virtual desktop infrastructures (VDIs). What that means for businesses is that they often must consider which type of network to use. Here's some background on how to make that decision. (For background reading, check out Virtual Networking: What's All the Hype?)
What is a virtual desktop infrastructure (VDI)?A virtual desktop infrastructure (VDI) is a method of virtualization that allows a virtual desktop to run on top of a data center. It uses a server computing model to serve out virtual desktops through the use of a hypervisor. VDIs allow for applications to be stored on a central server instead of on a client’s physical machine. This means that you can access the same virtual desktop from any physical machine, and the installed applications will still populate the image regardless of local storage.
What is a virtual private network (VPN)?A virtual private network (VPN) also allows users to remotely access a network. This is done by authenticating through a VPN server, which assigns an IP address to the machine attempting to remote into the network. This allows the user to access network resources and a company intranet through what is referred to as a tunnel, which links an external machine to the network.
When to Use a VDIWhile the use of a VPN and VDI are both beneficial, they also both have drawbacks. As mentioned before, the main benefit to a VDI is the ability to have access to the same virtual desktop image all the time. Instead of installing applications on each separate machine, these applications can be assigned to different departments, each of which has access to a certain image, thus removing the downtime associated with setting up a workstation for a new employee.
This centralized approach to desktop images is not limited to applications. It can also be used to update the security on an environment. For example, instead of pushing out an update through System Center Configuration Manager (SCCM) or Group Policy, all you need to do is update it on the one image.
However, while having a centralized image can be beneficial, it can also prove to be a problem. If you have an issue with one image, it generally affects multiple users instead of one. Also, if you have one user who needs a specific application that others do not, the time-saving benefit of having one image is erased.
When to Use a VPNVPNs, along with VDIs, provide great cost savings. One way in which VPNs can help improve costs is in scalability; they allow companies to add an almost infinite amount of capacity without using a ton of infrastructure by accessing infrastructure within an ISP.
In addition, if one VPN client gets interrupted, it will not necessarily take down all VPN connections as VDIs tend to do with images. This allows for a more decentralized approach to remote access, which can provide a user with more security.
That said, VPNs do not allow for remote access of applications. VPNs only assign an IP address within an LAN or WAN. This means users still need to install the applications they need on their remote machines. And while VPNs allow for greater security connection wise, they can sometimes take away from security; the more open tunnels there are to a work environment, the more paths are opened to access it, increasing the chances of unwelcome intruders. (For background reading on VPN, check out Virtual Private Network: The Branch Office Solution.)
VDI or VPN?While VDIs allow for the quick access of company applications, they can run into issues that affect multiple users instead of one. On the other hand, wile VPNs allow remote access with a more decentralized approach, they can open up unnecessary avenues into a work environment.
As with all things in tech, there is no perfect solution for providing employees with remote access to work environments (although more innovations are surely in the works here). That means it's up to companies and their network administrators to find a solution that provides the best possible fit.