Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 261
  • Last Modified:

Is a VPN the correct solution to my problem.

I have been asked to look into a VPN solution for our SMB. It would have up to 5 users accessing at a time but usually only 1 or 2. My question is this.....Is a VPN the right solution for us as the work required is mostly database driven?  We have a decent ISP but the speeds in this area are terrible (DSL 20mb D / 2mb U).  Obviously our upload speed is not the greatest and my understanding is that both upload/download speeds are crucial. We are currently using remote desktop but my concern is that we are leaving ourselves open for attack.

Suggestions and/or comments are welcome. Thanks in advance.
0
gbinthehizzyhouse
Asked:
gbinthehizzyhouse
3 Solutions
 
Rob WilliamsCommented:
Probably not.  VPN's are not a good option for accessing databases, i.e. the application at the remote site and the data at the corporate site, due to the slow network performance.  The limiting factor is the upload speed at the corporate site.  Most database apps want >50mbps, and VPN's cannot achieve that.  As a result data corruption can often occur.

The better option is to set up a terminal server or a few PC that users can access over the Internet using Remote Desktop (RDP).  This will works very well even with very low bandwidth connections.
0
 
epichero22Commented:
VPN is secure, so no worries there.  What I would instead by concerned with is, as you said, the connected speeds, but namely the upload rate.

A business I manage is of similar size to yours, and two of the employees wanted to work from home on their SQL-driven database that resides at the office.  So I installed LogMeIn Hamachi as a VPN solution.  Once the connection was established, I installed the client-side software they use, but the results were terrible: just to load the program required 15 minutes of data connectivity.

A better solution was to have them remote into the server via Remote Desktop and over the VPN.  While it's not instantly responsive, it has worked adequately.  So I would say to try it out and measure the results based on your experimentation.
0
 
QlemoC++ DeveloperCommented:
With DB driven applications the best approach is to use Terminal Services. Exceptions are if only small amount of data is exchanged.

The main issue with a server-driven database engine are the request-response-roundtrip times, not the bandwidth. Since the Internet connection introduces significantly greater delays, and VPN adds to that, small packets for which the receiver has to wait to continue need a lot of time, and the performance is disastrous. SQL DBs and applications tend to have small queries, retrieving a subset of data, and ask for other data based on the results.

If your DB does not use a centrally running engine, but is client based, like Access, it is even worse, as the file operations will get slowed down to almost a halt. File seeks are not very efficient over VPN (or any other public WAN connection).

In opposition, having Terminal Server is effective, as only graphical commands will get transferred. Unless the graphic engine renders stuff different all the time, that is. Watching graphs that way isn't effective, for example.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now