Learn more about what Hexnode has to offer!
Technology is rapidly evolving around us, so is Hexnode! Check out the latest features offered by Hexnode.
Get fresh insights, pro tips, and thought starters–only the best of posts for you.
Jun 7, 2021
7 min read
If you asked anyone a couple of years ago regarding remote work, many would’ve considered it an alien concept. Now globally, 74% of professionals expect work from home to be the new norm. While setting up a remote workplace at your house seems pretty simple, it is not. Remote work poses challenges to the company, which may be oblivious to the workers. Securing the connection between the employee device and the enterprise network is a priority, and VPN is the answer to that problem.
Issuing corporate devices to employees is a common practice. Apple devices are considered a popular choice as corporate or personal devices. These devices find their way into most enterprises since they are optimized for professional use. A suitable VPN service must be configured in these Apple devices to establish a secure connection with the enterprise network.
VPN protocols determine how the data is routed between the device and the VPN server and Apple supports some of the commonly used ones. Apple used to support PPTP (Point-to-Point Tunneling Protocol), but it was discontinued in 2016. While PPTP boasts greater speed than other protocols, it does so by sacrificing security. PPTP can still be used by relying on third-party VPN providers, but Apple encourages its users to rely on other supported more secure protocols.
IPSec (Cisco) is also supported in Apple devices. IPSec is a suite of cryptographic protocols used to secure a connection. Most of the supported protocols also rely on IPSec for encryption. Cisco IPSec supports various protocols such as certificates, shared secret, two factor token and machine authentication.
Internet Key Exchange version 2 was developed by Microsoft and Cisco and is built over IPSec. IKEv2 works by generating a symmetric key for the client and the VPN server. The data which moves between these entities are encrypted and decrypted using this key.
IPv6 is slowly replacing IPv4, and it’s expected to take a while. Some countries have adopted IPv6 faster than others, but fret not! IKEv2 offers support for both IPv4 and IPv6. Shared secret, certificates, MSCHAPv2, Machine authentication, MOBIK and EAP TLS are also supported by IKEv2.
Layer-2 Tunneling Protocol was born of combining the two older tunneling protocols, Microsoft’s PPTP and Cisco’s Layer 2 Forwarding Protocol (L2F). L2TP exhibits all of PPTP’s features while covering its security vulnerabilities by utilizing IPSec for encryption. L2TP also supports both IPv4, IPv6, certificates, shared secret, two factor token, MSCHAPv2 and machine authentication.
While most of the other protocols rely on IPSec for encryption, SSL VPNs do not. The main drawback of relying on IPSec is the additional software and hardware required to implement it. Now, this is a hassle. Who wants to set up hardware and software to get a little privacy? This is where SSL VPN comes in. Its software? Well, we all have browsers installed on our devices, and that’s all that it needs.
SSL and TLS protocols are used to encrypt the data routing between the browser and the SSL VPN device. The VPN automatically chooses the latest cryptographic protocol available for the browser, so its pretty easy to set up. SSL VPN can use certificates and two factor tokens for authentication.
Why do people use third-party VPNs? For starters, its simple interface and ease in setting up the connection make it an attractive choice. Using a third-party VPN also gives access to different features based on the vendor. You can get them from the App Store. These VPN connections require a plugin to be installed on the browser prior to use. Here are a few examples;
The main drawback of using a third-party VPN is, well, the involvement of said third party. When using a VPN, all your data moves through the VPN server. Almost every VPN vendor claims that they are trustworthy, but it’s pretty hard to convince yourself to expose your data just like that entirely. Even if they are tight-lipped, their respective governments could use laws and policies to crack open the data on their server. So, it would be best to do some research before choosing a vendor, and there are tons of vendors to choose from.
Setting up a VPN for Apple devices may sound very complex, but it’s a breeze for a device managed by a modern UEM solution like Hexnode. With a UEM solution, it’s possible to configure the entire VPN setup and push it onto the managed devices in your enterprise. This eliminates any need for the employee to spend additional time and effort. This is also an excellent method to prevent the employee from removing the configurations set up on the device. With Apple devices already natively supporting a chunk of VPN appliances, relying on a third party VPN isn’t exactly necessary.
When it comes to tools to secure your connection, VPN is definitely the first option that comes to your mind. A consumer or an enterprise can employ one to protect one’s privacy or to secure their data. Each VPN protocol has its own pros and cons, but IKEv2 seems to be the popular choice. Statistics show that more than 26% of internet users employ a VPN solution. While alternatives for VPN are available in the market, it’ll take a very long time for VPN to go entirely out of the picture. But right now, if you want a secure connection, VPN is the way to go.