Why VPNs are becoming obsolete?

25 / 03 / 2022 Why VPNs are becoming obsolete? Prachi Jagtap

Introduction

Why VPNs are becoming obsolete? Are VPNs a thing of the past? Hope this article helps you get an answer.

The Virtual Private Network (VPN) has been a vital enabler of remote work for decades enusring secure connections. VPNs have become an integral part of every company’s standard operating procedures. VPNs effectively mask your identity during online activities; nonetheless, there are quite a few downsides to using VPN these days. Before going to the downsides of VPN, let's understand why we needed them in the first place and also dive into the history of VPN.

Why do we need VPN?

VPN stands for Virtual Private Network. A Virtual Private Network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet. VPNs essentially extends a private network across a public network which allows a user to securely send and receive data across the internet.

A quick history of VPN

For as long as the internet has existed, there has been a need for protocols to keep data private and secure. The history of VPN dates back to 1996 when a Microsoft employee developed the peer-to-peer tunneling protocol or PPTP. Effectively the precursor to modern VPNs, PPTP creates a more secure and private connection between a computer and the internet.

As the internet took off, demand for more sophisticated security systems arose. Anti-virus and related software could be effective at preventing damage at the end-user level. But what was needed was to improve the security of the connection itself. That’s where VPNs came in.

A VPN is a private connection over the internet. What they all have in common is the ability to connect remotely to a private network over a public connection. Initially, VPNs were used almost exclusively in a business. However, the rush of high-profile security breaches occurring in the early 2000s was a key moment in the history of VPN technology. With this, everyday internet users became aware of the true risks of working online and began to look for more secure ways of doing so.

What’s the catch here?

In organizations with remote employees, productivity depends on secure, reliable access to applications, services, and data over the internet from any device at any location or time. Yet, the internet can expose IP addresses and create security risks due to implicit trust and a wealth of vulnerabilities.

  • For example, organizations with large numbers of remote users such as employees, customers, or suppliers — must manage access through the VPN for each of them, which means high maintenance costs. The scenario becomes even more complicated when relatively new devices, such as mobile or IoT, must be brought into the network. That is the point when the VPN stops being a solution and begins to become a serious problem. That is why VPNs are becoming obsolete.
  • VPNs are becoming more obsolete, largely due to web applications being internet-accessible as powerful as their thick client predecessors that required VPNs. Plus, they are already encrypted with robust cryptographic protocols like TLS. In recent years, TLS has evolved more dynamically and stayed more secure than its VPN counterpart. With the rollout of IPv6, drivers that required NAT and VPN will be going away once IPv4 is fully deprecated.

What’s Replacing the VPN?

  • Zero Trust Network Access(ZTNA)
  • Secure Access Service Edge (SASE)
  • Software-defined perimeter
  • Software-defined wide area networks
  • And few others.

ZTNA: Zero trust network access (ZTNA) hides the network location -- IP address -- and uses identity-based authentication to establish trust and provide access. It appropriately adapts access to specific applications or data at a given time, location, or device. ZTNA provides IT and security teams with centralized control and improved flexibility to secure highly distributed IT environments and hence is beign adopted widely by such organizations. ZTNA is a concept or capability rather than a specific product. A number of IT, networking, and security suppliers implement ZTNA in different ways. Over time, these suppliers will implement ZTNA to replace aging VPN infrastructure.

SASE: As data and applications shift to the cloud and remote work becomes the norm, enterprises are rethinking how to deliver secure network access. Routing traffic to a data center adds too much latency, and legacy networks lack bandwidth. o Secure access service edge, or SASE (pronounced “sassy”), allows any endpoint to access any application over any network in a protected manner. SASE is gaining traction specially due to COVID as it is a convergence of multiple capabilities such as SD-WAN, SWG, CASB, Next-generation firewall & ZTNA.

VPNs Won't Disappear Overnight!

There are still some cases where VPNs are needed. Many environments that depend on them will not change overnight or possibly ever. Organizations with extensive private networks will not go through a re-IP. Larger businesses are unlikely to re-architect, but newer and smaller businesses are opting for the latest technologies.

Conclusion

VPNs have solved enterprise security problems for decades, but the way companies work, and employees connect to enterprise network is rapidly changing. There are more remote teams than ever, working from different corners of the globe, which means legacy VPNs present a range of noticeable issues in coming years. These changes to the way businesses and teams work are here to stay, which is why new enterprise security solutions fill in the gaps left by traditional VPN services.