More users are finding DSL a bargain for VPNs

By Michael Martin, Network World |  Networking

One drawback of DSL is that its static, always-on connection lacks security. Firewalls only protect access to an endstation, not transmissions over public networks. As a result, users have been turning to DSL VPNs for added peace of mind.

There are several ways companies and remote teleworkers can set up VPNs with DSL: with the same VPN software and hardware used for dial-up security; with native network-based VPNs offered by network services companies; or by setting up a private, point-to-point network, similar to a frame relay VPN.

Kathy Hackler, an analyst with San Jose consultancy Dataquest, says most companies using VPNs over DSL lines are doing so for teleworkers.

"I think you could go with just a firewall for security," she says, "but if your teleworkers are dealing with something like sensitive database information, you probably want a VPN."

Tony Aiuto, who heads the server team for Cambridge, Mass., start-up Popupnotes. com, is one such teleworker manipulating sensitive data over a DSL line. From his home in New York, Aiuto accesses a server in Cambridge so he can work on code for the company's service, which will let people make annotations on Web pages.

Aiuto says he isn't too concerned about the security of his DSL connection because he has a firewall. But he says he doesn't like sending clear text across any network, so he uses Open BSD's Open SSH Secure Shell, free open source software for Unix boxes, to encrypt any data traveling between his home and the Cambridge office. All Aiuto has to do is log onto the Cambridge office through Open BSD, and he has full run of the network.

"I'm happy with it," he says. "The performance is good. I know we're not sending anything in clear text, and it beats having to fly to Cambridge every week."

So far Aiuto hasn't had any reason to move to a hardware-based VPN. No one needs to access his site, and he doesn't need direct access to file servers, he says. However, this could change in the near future when launches.'s servers will be housed at a collocation facility, and the company will set up a hardware-based VPN between its Cambridge office and the facility where the servers are housed. Aiuto would probably also be given a VPN box so he could access the collocation site remotely.

While a software encryption tool is fine for what he's working on now, Aiuto believes a hardware-based VPN will offer better security.

"We feel some of the router-based stuff is probably less prone to being attacked," he says. "Someone could post a secure shell exploit tomorrow and make every system vulnerable."

The most secure DSL VPNs are truly private point-to-point connections, according to Eric Moyer, director of product marketing for Covad Communications. A point-to-point VPN is ideal for companies with remote offices, Moyer says.

Join us:






Spotlight on ...
Online Training

    Upgrade your skills and earn higher pay

    Readers to share their best tips for maximizing training dollars and getting the most out self-directed learning. Here’s what they said.


    Learn more

NetworkingWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question