Title aside, I realise that secure tunnels still have a place in today’s networks. The point of this post is to look at our users experience and the fact that using VPN’s to get to corporate resources is in my mind a chore.
I recently completed a VDI proof of concept which we had to tear down. I can honestly say that I am already sick of getting into the office using our SSL VPN. First I have to connect to the VPN, then I can log on to a terminal server or desktop pc. It may only be two steps but at each one I have to wait and authenticate, where as with View I had one single sign and I was in my desktop. Simple!
I just want to flick the iPad on, open my view client and connect to my desktop in a few clicks. I suspect that most if not all my user base would gladly chop their VPN in for a few simple clicks. Besides they don’t really understand why they have it when they have experienced Go To My PC for example.
I have had this type of conversation with more switched on users, I just have to tow the line and say that is our company policy for remote access today. That grates a bit but what can I do!
Our POC was successful and I have ordered VMware Horizon suite, so I can embark on a mission to relieve our user community of the VPN burden to access our company resources.
Clearly a large number of applications are web-based and you may be lucky to have them all securely facing the Internet, however I still believe that a good number of organisations are still lagging behind, my own included. Thus VPN connections are still rife. I am not saying that they are the root of all evil but at the heart of any good EUC strategy you should have the user experience and VPN in my mind does not go hand in hand with user experience.
You may also say well you can get the VPN to auto start or you can use Windows 7 direct access which is a cool technology, but they all add a layer of complexity. I would also debate that with DA, it’s there to support a traditional PC form factor and help ease some of its management burdens.
So I say forget post pc era and aim for giving your users a simple, secure experience to services behind the firewall without a traditional VPN.