[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

Need Help with Vpn set up. Outsource or Inhouse

Long time reader first time poster.
I have a question.

Our contract is coming to an end with our current ISP and i am not renewing with them. The new ISP also offers VPN but i am wondering the cons and pros of having this outsourced. We currently have 4 sites with win2k servers all around. There are about 25 users per office and only need access to their onsite servers with the exception of their timesheets. I need to sign the contract by the end of this week. Thanks.

Thanks for any info.
0
ramshaggy
Asked:
ramshaggy
1 Solution
 
sciwriterCommented:
Welcome to EE as a questioner, ramshaggy.  I hope your experiences here are helpful and rewarding.

The biggest dichotomy with VPN today is whether to hassle with windows complicated setup, or leave this task to dedicated routers.  My experience is, the latter is so much simpler, more robust, and just works and works, and is minimal hassle for the IT staff.  If your new ISP can provide this, I would go for it.  What is the cost?  To get two identical LinkSys VPN Endpoint routers costs about $150 total -- you put them right behind the cable/dsl modem, before the network, and in 1 hour of setup, you are DONE!!  It is so simple, on wonders how much lost time and frustration with windows is worth a paultry $150.
0
 
sbortolussiCommented:
I am a bit confused by your question. if you have 4 sites with 25 users and all they need is access to a server on their local LAN most of the time, why bother with the overhead on managing VPN. If the only application they need to access remotley is a Timesheet program, set it up on a Terminal Service server and have them access it that way. This would save you a small fortune and reduce support headaches.
0
 
sciwriterCommented:
So, continuing on my thread -- 4 servers, four sites -- the Linksys solution costs you a total of $300 -- and these are the same high quality as Cisco routers now.  Tomorrow, call your ISP, and ask, "If we used our own VPN endpoint routers, would you charge us any extra than just the monthly ISP costs?".  Then ask " will we get a dedicated IP number at each server site?"  You have to have a dedicated IP number for long term reliable VPN traffic, hardware to hardware, at full bandwidth.  If not, ask them how much per month for the dedicated IP numbers -- versus how much for the complete VPN package.  Then you can compare costs.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
ramshaggyAuthor Commented:
sciwriter i was thinking the same thing, put linksys vpn router at each site and do it myself. The cost per site is 140 per month plus the internet connection cost. As for the dedicated IP address i am sure all sites come with at least 1.
What is the maintenance on a site to site, with the ISP company it was pretty minimal if nothing at all.



sbortolussi,
I also questioned the use of ISP hosted vpns from site to site, The consultant before me setup the accounts with a 3 year contract and VPN support. This is why i am asking the question, didnt really know if i should rock the boat or keep what works already. The terminal services is a good idea.

So far i get the impression that its better to setup linksys routers for site to site communication. Is there anyone with pros of using an ISP as the vpn provider. Just want to get a bit more information to present to the CEO  (He will probably be happy with the savings of using
0
 
sciwriterCommented:
As long as you are aware of the Linksys's value, and you choose endpoint-only routers like the BEFSVP41, I cannot imagine a scenario where the ISP could do better than this.  Surprisingly, there is essentially NO maintenance to these routers.  In the initial setup screens, you choose IPSec, pick the 4DES protocol for MAX security (but if to slow, go to the regular DES encryption), pick a shared key to put on all routers, and once the connection is made, it stays up for months at a time.  Now, if you want 4 concurrent VPN sessions, you might have to go to a higher level Cisco product or Linksys -- I think the BEFSVP41 only does two VPN sessions concurrently.  

So the total cost might be higher for a more advanced router to do 4 sessions, but goodness, nowhere near the $140 per month of the ISP.  That is a lot to swallow.  I think, knowing you know what you do, you would have no trouble setting these up, just make sure everyone site gets a dedicated IP number.

You are welcome to wait for other input, see if anyone can give pros of the ISP, vis-a-vis that rate....
0
 
rindiCommented:
Also, just to throw this in, using a TS for your Timesheet is a good idea, but you would still need a VPN solution to make this secure...

But I'd go along with sciwriter. Having your own VPN setup saves you the same headache if you again change ISP in the future. Also, if it were the ISP's solution the ISP could be in a possition to missuse your data, as he would be in charge.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now