The Duncan Download Blog: Business Aviation Advice & Observations

HSD Security Part 2: The Good, The Bad, & The Not-So Ugly of VPNs

Posted by Duncan Download Blog on Fri, May 21, 2010 @ 01:11 PM

Companies in the last 40 years have decentralized many operations, creating armies of satellite employees. Today there are engineers who do their best work in their bath robes from home. To accommodate this, company networks have been extended to remote locations using what is called VPN (Virtual Private Network) software. This is a program that recreates the network operations of being hardwired into your company network while you are away.

The Good

Nothing is truly secure on the internet, but there is something as secure enough. VPN software often has encryption features for traffic communicated between the company network and users that are offsite. The VPN's security features greatly increase the privacy of data sent across the web. Without getting too technical, a VPN uses a series of security protocols to scramble data between a user's computer and some other network.  It also provides security measures that make it difficult to intercept the encrypted data along the way. 

The Bad

PC-based VPNs require everyone using the service to have the software installed on their computers or phones. This may not be possible or desirable for many clients. When VPN software is installed on a customer's laptop it can have some detrimental effects on the satcom system connection and the device itself. Computer-based VPNs will cut the speed of accelerated SwiftBroadband connections (800+ Kbps typical) back to un-accelerated rates (300-400 Kbps). It is also worth noting that VPN software uses computer resources as well.

The Not-So Ugly

You can mitigate this by using a router that incorporates its own VPN accelerator. One example is the CNX-200 router manufactured by EMS. This unit can be tied to Satcom Direct's Aero-X data acceleration service or can be integrated directly into your home network. This will provide an accelerated encrypted data tunnel directly to your home network or Satcom Direct's ground based router. It is also worth noting that since the encryption and decryption takes place in the CNX-200, the VPN does not place additional stress on computer resources. This is currently the preferred method for SwiftBroadband customers.

As an organization, it is important to assess the level of data security that your clients require, and not be afraid to push to raise the bar to that standard. The end result will be a High Speed Data (HSD) system that matches utility with security.

Additional information on cabin network security is available in part 1 of this series, "Six steps to tighten Wi-Fi security during ground operations."

Tags: Network Security, In-Flight Internet, Aircraft Communications


Subscribe by Email