As the events of 2020 shook the world, organizations everywhere had to widely scale remote working technology stacks in an unprecedented timeframe. From difficulties in accessing critical hardware to network performance issues with thousands of simultaneous users, I&O leaders have discovered that legacy VPNs present a litany of challenges to modern remote access. In March 2020, to address these mounting concerns, Gartner published, “Solving the Challenges of Modern Remote Access,” authored by Rob Smith, Steve Riley, Nathan Hill and Jeremy D’Hoinne.
The document is designed to offer guidance, including a decision tree, for security and risk management leaders to solve the challenges of quickly scaling large-scale modern remote access. It addresses the topic directly, crediting the global pandemic for shifting networking technologies and remote working solutions to the top of the priority list.
Remote access VPN was thought of as a dying technology until COVID-19 changed the way people work.
Gartner, “Solving the Challenges of Modern Remote Access,” 25 March 2020, Rob Smith, Steve Riley, Nathan Hill and Jeremy D’Hoinne.
Common Challenges
The research outlines some of the most frequent challenges that I&O leaders face. Firstly, many only have capacity to handle a small subset of users and are “not prepared to enable all employees for remote work”. Furthermore, using a VPN to tunnel traffic on an always-on basis when a growing volume of resources are located in the cloud is increasingly unnecessary. Bandwidth issues are also identified, posing a problem when supporting all users working remotely simultaneously.
Recommendations
In response to these challenges, this Gartner report is clear that security and risk management leaders tasked with infrastructure security and enabling remote access must:
- Determine user remote access requirements such as on-premises or cloud applications before choosing or deploying any product.”
- “Test products for scale to support critical unplanned events such as COVID-19.”
- “Develop a usable remote work policy that has been agreed with all key stakeholders. If this is not possible due to time constraints, still consult counsel to verify it passes all local laws.”
To summarize in our own words, IT leaders must focus in two key areas. Only after gathering requirements for the types of users, devices, locations and applications that might need to be considered in a remote access solution can the vendor selection process begin. Secondly, organizations are encouraged to stress-test any remote access solution they are considering, rigorously checking for potential load balancing, network degradation and scaling issues.
Selecting a modern remote access solution
With so many different options available on the market, from ZTNA and VPN to CASB and SDP, it can be confusing in determining which solution is right for your organization. Once organizations have familiarized themselves with their own user, device, location and application requirements, the research provides exhaustive decision trees and commentary to help narrow the selection process.
This framework is divided into sections, running through connection requirements, determining your use cases and selecting the right remote access product, knowing your user and security requirements, and virtualization.
Our own commentary on these sections is to shine more light on the most pertinent parts of these sections and draw attention to advice on choosing between the primary remote access options. The Gartner guidance is extensive, but our view is that a common thread can be applied to these principles.
- If your organization accesses data through SaaS applications, consider implementing a CASB solution
- If your organization uses a combination of both cloud and SaaS, consider a ZTNA (otherwise known as SDP) solution
- If your organization employs a blend of cloud/SaaS and on-premise resources, consider using both a VPN and a ZTNA (SDP) solution
On-premises and IaaS-hosted applications might require a combination of on-premises VPN and ZTNA or cloud-hosted VPN gateway.
Gartner, “Solving the Challenges of Modern Remote Access,” 25 March 2020, Rob Smith, Steve Riley, Nathan Hill and Jeremy D’Hoinne.
On-premise servers were still in place at 98% of organizations in 2019. The overwhelming majority will therefore need some combination of both VPN and ZTNA – a strategy that we believe, Gartner outlines as potentially problematic, creating “policy duplication” or “technology overlaps.”
NetMotion is the only major vendor on the market to provide the 98% of organizations that have a blend of on-premise and cloud application with a ZTNA and a VPN solution as part of the same platform. With just one client, one console and one policy engine to manage, it is well positioned for many security and risk leaders to start embracing the principles of zero trust while still offering the opportunity to use a VPN when use-cases require it.
Our view is that NetMotion stands alone in meeting Gartner’s optimum criteria for most organizations in a single platform, offering the best of both remote access technologies as businesses and public sector bodies slowly migrate to the cloud.
Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.