The coronavirus pandemic has created an unprecedented work from home culture which has in turn dramatically increased the reliance on VPN gateways. In fact, they have become essential lifelines for businesses without which employees would not be able to access the key business applications that enable them to do their jobs. But the high user demand on VPNs makes them vulnerable to performance and security issues. So how can businesses improve the performance and security of VPNs? Previously, creating a VPN support strategy to address performance and access issues might simply involve adding VPN capacity and Internet link bandwidth. However, in today's climate where VPNs are no longer an add-on, but critically important, this approach simply isn't enough. IT teams now need greater access to enable rapid problem resolution so that Internet access is reliable, secure, and clear. Therefore, the VPN support strategy should allow IT teams to prioritize essential services, quickly analyze resource consumption, and quickly resolve performance issues. Here are some tips to improve VPN performance issues: Implement realistic bandwidth quotas Remote access must be managed to ensure that sessions do not use excessive bandwidth and throughput. To protect against this, IT must implement reasonable quotas for bandwidth and performance per session. For this to be effective, they will also need to ensure that termination capacity, bandwidth and throughput can evolve with demand. Define acceptable usage parameters Although VPNs are essential for many aspects of remote work, they are not universal and certainly should not be used for entertainment. This is especially true if you are not using split tunneling. Prohibiting the use of VPNs for non-commercial purposes, such as video streaming platforms and online gaming, is an obvious starting point. However, for professional use, it may be less clear to employees which professional applications do and do not require VPN access. Therefore, it is important that this is clearly defined by IT and that acceptable use policies are communicated and enforced so that employees do not inadvertently increase the load on VPNs. Consider using split tunnel VPN These can direct all Internet traffic not specifically in the corporate domain through the local ISP, which helps alleviate some of the pressure caused by VPN use. Use the correct access controls Not all VPN concentrators have the same network policies, and using the wrong access controls can cause performance issues. For example, a generic SSL/TLS based VPN concentrator will have different network policies than an IPSEC based remote access VPN concentrator. Fortunately this is easy to fix, IT staff simply need to verify that the correct access controls are in place and fix the error if not. Making the Most of Geographically Dispersed Employee Pockets With most employees now working from home, a centralized remote access network infrastructure may no longer be the most effective policy. Instead, companies with geographically dispersed groups of employees should consider regionalizing their remote access infrastructure. This can help distribute Internet access and intranet network loads instead of placing the entire request in a single source. It will also add an extra layer of security by increasing resistance to attacks and other potential service interruptions that may affect local pockets rather than the entire network. Use analysis tools Network traffic can be analyzed at the packet level using network visibility tools. These products can provide data at a universal and granular level to give teams insight into the infrastructure of the public network. This allows for accurate diagnosis of problems, better allocation of bandwidth, and can draw attention to where specific services should be created to alleviate certain problems. Improving VPN performance must go hand in hand with improving VPN security, otherwise this crucial business lifeline will always be at risk of cyberattack. In fact, a recent joint statement from the US Department of Homeland Security and the UK National Center for Cyber Security revealed that even the smallest distributed denial-of-service (DDoS) attack is now a significant threat to gateways. saturated in bandwidth.