Mobile virtual private network
A mobile virtual private network (mobile VPN or mVPN) is a VPN which is capable of persisting during sessions across changes in physical connectivity, point of network attachment, and IP address.[1] The "mobile" in the name refers to the fact that the VPN can change points of network attachment, not necessarily that the mVPN client is a mobile phone or that it is running on a wireless network.[2]
Mobile VPNs are used in environments where workers need to keep application sessions open at all times, throughout the working day, as they connect via various wireless networks, encounter gaps in coverage, or suspend-and-resume their devices to preserve
Comparison with other VPN types
A
Makers of mobile VPNs draw a distinction between remote access and mobile environments. A remote-access user typically establishes a connection from a fixed endpoint, launches applications that connect to corporate resources as needed, and then logs off. In a mobile environment, the endpoint changes constantly (for instance, as users roam between different cellular networks or Wi-Fi access points). A mobile VPN maintains a virtual connection to the application at all times as the endpoint changes, handling the necessary network logins in a manner transparent to the user.[6]
Functions
The following are functions common to mobile VPNs.[7][8][9]
Function | Description |
---|---|
Persistence | Open applications remain active, open and available when the wireless connection changes or is interrupted, a handheld user suspends and resumes the device
|
Roaming | Underlying virtual connection remains intact when the device switches to a different network; the mobile VPN handles the logins automatically |
Application compatibility | Software applications that run in an "always-connected" wired LAN environment run over the mobile VPN without modification
|
Security | Enforces authentication of the user, the device, or both; as well as encryption of the data traffic in compliance with security standards such as FIPS 140-2 |
Acceleration | Link optimization and data compression improve performance over wireless networks, especially on cellular networks where bandwidth may be constrained. |
Strong authentication | Enforces CJIS systems in law enforcement
|
Management
Some mobile VPNs offer additional "mobile-aware" management and security functions, giving information technology departments visibility and control over devices that may not be on the corporate premises or that connect through networks outside IT's direct control.[10]
Function | Description |
---|---|
Management console | Displays status of devices and users, and offers the ability to quarantine a device if there is possibility that it may have been lost or stolen |
Policy Management | Enforces access policies based on the network in use, TCP and UDP port, etc.), time of day, and in some VPNs, the ability to control access by individual application software
|
Quality of service | Specifies the priority that different applications or services should receive when contending for available wireless bandwidth; this is useful for ensuring delivery of the essential "mission-critical" applications (such as voice-over-IP
|
Network Access Control (NAC) | Evaluates the patch status, anti-spyware protection status, and other aspects of the "health" of the device before allowing a connection; and optionally may integrate with policies to remediate the device automatically
|
Mobile Analytics | Gives administrators a view into how wireless networks and devices are used |
Notifications | Alerts administrators of security concerns or connection problems that impact users, delivered via SMTP, SNMP or syslog |
Industries and applications
Mobile VPNs have found uses in a variety of industries, where they give mobile workers access to software applications.[11]
Industry | Workers | Applications |
---|---|---|
Public Safety
|
first responders
|
CJIS), dashcam software, departmental intranet
|
Home Care
|
Visiting workers | electronic medical records , scheduling and billing applications
|
Clinics
|
nurses and other staff
|
Picture archiving and communications systems, Computerized physician order entry , pharmacy, patient registration, scheduling, housekeeping, billing, accounting
|
Field Service | Field-service engineers, repair technicians | Field Service Management which can include customer relationship management, work order management, Computer-aided dispatch, and historical customer service data as well as databases of customer-premises equipment, access requirements, and parts inventory; asset tracking , parts ordering, documentation access
|
Field Sales | Sales representatives
|
Customer relationship management, inventory, order fulfillment |
Utilities
|
Linemen , installation and repair technicians, field-service engineers
|
geographic information systems , maintenance tracking, parts ordering, customer-service, testing and training applications
|
Insurance | Claims adjusters
|
Claims systems, estimating applications |
In telecommunications
In
In 2001, Huawei launched a product named "MVPN". In this case "MVPN" had a different meaning from the way that later industry sources would use the term.[12] The Huawei product was focused on delivering a seamless corporate phone system to users whether they were on desktop phones or mobile devices. Although the web page is no longer available, the company advertised that their MVPN had the following advantages over a standard phone system:
- Direct connectivity – the corporate network becomes part of mobile operator's network through direct connection
- Private numbering plan – the communication is tailored to company organization
- Corporate Business Group – all offices and employees are part of one common group, that includes all mobile and desk phones
- Short dialing – a short number to access each employee, no meter on his mobile or desk phone
- Smart Divert – easy divert within company group
- Groups and subgroups – Several sub-groups could be defined within the group with different changing as well as with separate numbering plan
- Calls control – certain destinations could be allowed or barred both on mobile and desk phones.
Vendors
- Bittium
- Columbitech
- Connectify
- Ericsson
- NeoAccel
- NetMotion Wireless
- Radio IP Software
- Smith Micro Software
- Tmharay
References
- ^ a b Phifer, Lisa. "Mobile VPN: Closing the Gap", SearchMobileComputing.com, July 16, 2006. Accessed July 25, 2009
- ^ a b Introduction to MVPN
- ^ a b Cheng, Roger. "Lost Connections", The Wall Street Journal, December 11, 2007. Accessed July 25, 2009
- ^ "Industry Case Studies of NetMotion Wireless Software". NetMotion. Retrieved 2017-06-07.
- ^ "Software Define Mobility". NetMotion. 2017-06-07. Retrieved 2017-06-07.
- ^ Phifer, Lisa. "Mobile VPN: Closing the gap". Searchmobilecomputing.techtarget.com. Retrieved 2014-06-12.
- ^ "Home". columbitech.com.
- ^ "NetMotion - Uncompromised secure access. SDP, ZTNA, VPN & DEM". NetMotion Software.
- ^ "Mobile Virtual Private Network Solutions (MVPN)". Radio IP.
- ^ "NetMotion Software". NetMotion. 2017-06-07. Retrieved 2017-06-07.
- ^ "NetMotion Wireless Customer Case Studies". NetMotion. 2017-06-07. Retrieved 2017-06-07.
- ^ "Huawei Publications". huawei. Archived from the original on May 25, 2006.
External links
- VPN Consortium
- "An Introduction to IPsec VPNs on Mobile Phones" by Ramon Arja, MSDN Magazine, September 2009
- The Different VPN Networks And Their Funcationality
- Search Mobile Computing: mobile VPN
- "Face-off: Mobile VPN is a better choice than an SSL VPN" by Tom Johnaton, Network World(24 November 2006)