Why Cloud Is Changing the VPN


By: R. Scott Raynovich

Cloud connectivity is likely to have a wide-ranging affect on how professionals use virtual private networks (VPNs), speeding a migration to more transparent cloud-native approaches to securing networks.

A survey and months of research by Futuriom conducted on the behalf of NetFoundry reveals that IT managers are tiring of the performance and security drawbacks of legacy VPNs, which require the connection to remote servers hosted over the Internet. VPNs also carry network overhead and reduce the performance applications. Futuriom research shows that end users are open to more modern, cloud native approaches, including an emerging software-focused solutions called Applications Specific Networking (ASN).

The Futuriom ASN Survey revealed that 75% of IT managers surveyed are seeking better solutions for secure networking in the cloud, 63.5% of users surveyed cited issues with VPN performance, and 47.5% cited issues with security when uses VPNs to connect to cloud applications.

Furthermore, legacy network services such as MPLS are not seen as a solution either. Of those surveyed, 45.5% of the respondents agreed that carrier-delivered MPLS wasn’t the right solution for cloud-based networking, while 46% disagreed with that statement. This indicates that conviction is lacking in MPLS and that many IT managers believe additional technology is needed for networking cloud applications.

While some respondents believe that MPLS and newer approaches such as software-defined wide-area networking (SD-WAN) can be used to network cloud applications, it’s clear that there is the desire for additional layers of security and virtualization. Users also don’t see private lines or MPLS as fully secure networking solutions for cloud applications. Most respondents today use an additional security overlay. They also indicated that they don't see SD-WAN as a solution for Industrial Internet of Things (IoT) networks.

So what exactly are users looking for? My interviews with specific security managers and a scan of the most popular complaints on IT forums indicates they are looking for transparent security, built into the cloud applications themselves. For example, they would like built-in security features such as hardware root-of-trust and zero-trust architectures.

ASNs can be used to create logical networks across the Internet and WAN to connect, built into the application itself, rather than tied to a networking hardware device. With this cloud-native approach, networking and security, including high-powered encryption, can be coded directly into a cloud application. This software-based approach means that networks can be built, changed, or torn down on the fly, based on application needs and characteristics.

The Futuriom survey was based on the feedback of 200 IT professionals with roles in networking, applications development, DevOps, and security. You can download a document with the full results of the survey here.