Is a VPN the correct solution to my problem.

Posted on 2012-12-27
Last Modified: 2012-12-27
I have been asked to look into a VPN solution for our SMB. It would have up to 5 users accessing at a time but usually only 1 or 2. My question is this.....Is a VPN the right solution for us as the work required is mostly database driven?  We have a decent ISP but the speeds in this area are terrible (DSL 20mb D / 2mb U).  Obviously our upload speed is not the greatest and my understanding is that both upload/download speeds are crucial. We are currently using remote desktop but my concern is that we are leaving ourselves open for attack.

Suggestions and/or comments are welcome. Thanks in advance.
Question by:gbinthehizzyhouse
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 175 total points
ID: 38725366
Probably not.  VPN's are not a good option for accessing databases, i.e. the application at the remote site and the data at the corporate site, due to the slow network performance.  The limiting factor is the upload speed at the corporate site.  Most database apps want >50mbps, and VPN's cannot achieve that.  As a result data corruption can often occur.

The better option is to set up a terminal server or a few PC that users can access over the Internet using Remote Desktop (RDP).  This will works very well even with very low bandwidth connections.
LVL 11

Accepted Solution

epichero22 earned 175 total points
ID: 38725370
VPN is secure, so no worries there.  What I would instead by concerned with is, as you said, the connected speeds, but namely the upload rate.

A business I manage is of similar size to yours, and two of the employees wanted to work from home on their SQL-driven database that resides at the office.  So I installed LogMeIn Hamachi as a VPN solution.  Once the connection was established, I installed the client-side software they use, but the results were terrible: just to load the program required 15 minutes of data connectivity.

A better solution was to have them remote into the server via Remote Desktop and over the VPN.  While it's not instantly responsive, it has worked adequately.  So I would say to try it out and measure the results based on your experimentation.
LVL 68

Assisted Solution

Qlemo earned 150 total points
ID: 38725389
With DB driven applications the best approach is to use Terminal Services. Exceptions are if only small amount of data is exchanged.

The main issue with a server-driven database engine are the request-response-roundtrip times, not the bandwidth. Since the Internet connection introduces significantly greater delays, and VPN adds to that, small packets for which the receiver has to wait to continue need a lot of time, and the performance is disastrous. SQL DBs and applications tend to have small queries, retrieving a subset of data, and ask for other data based on the results.

If your DB does not use a centrally running engine, but is client based, like Access, it is even worse, as the file operations will get slowed down to almost a halt. File seeks are not very efficient over VPN (or any other public WAN connection).

In opposition, having Terminal Server is effective, as only graphical commands will get transferred. Unless the graphic engine renders stuff different all the time, that is. Watching graphs that way isn't effective, for example.

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now