Select Page

Dec 11, 2020

How Hillstone Can Help Maintain Security When Employees Work Remotely



Hillstone Networks is listed as a Representative Vendor in Gartner2020 Market Guide for Virtual Private Networks


Recently Gartner released its 2020 Market Guide for Virtual Private Networks (Gartner Subscription Required)*. In this guide Gartner pointed out that, “the abrupt surge in remote working has made remote access and VPN a top priority of security and risk management leaders”.

In past years, both enterprises and security vendors thought VPN had become an established technology, and what had already been deployed could fulfill users’ demands. But the global pandemic forced many enterprises to quickly set up secure remote working environments for employees.

IPsec VPN is still the default choice to establish secure connections from remote worksites to the company HQ. But with more personal devices being used when employees work from home, and increased adoption of cloud services by enterprises, IT managers are looking for more flexible solutions to secure remote workforces.

In the report, “The VPN market includes categories that describe the ways in which communications are secured, and the use cases that support those categories. Gartner identify four market categories that serve the majority of reasons to implement secure remote working communications: Site-to-Site Secure Gateways , Device-Level Secure Access, Per-App VPN, Cloud-Based Secure Communications Service Providers”.

Perimeter firewalls or VPN gateways are the termination point for site-to-site IPsec VPNs or device-to-site SSL VPN connections. With almost 100% of employees working from home in many enterprises, the demand increases on both the number of concurrent connections and the bandwidth on the VPN gateway. Enterprises thus need to ensure that the VPN gateway does not become the bottleneck for remote-to-campus communication. This requirement can be easily accomplished by upgrading to a VPN gateway with higher specifications.

While working from home, employees may have a more flexible schedule, a versatile workspace, and take on extra responsibilities compared with working in the office. To maintain the same productivity, employees tend to get part of the work done on personal devices like a smartphones or tablets.

Thus, enterprises need to secure personal devices in much the same way as corporate assets (PCs and servers). A mobile application that can check the health of mobile devices and establish secure connections to the campus using IPsec VPN or SSL VPN can help accomplish this goal. On the campus side, additional security measures need to be configured for mobile device connections since they are generally less secure.

The third type of secure connection is from the application to the application server. Some specific applications may set up a direct secure tunnel to the server. A browser-to-SSL VPN gateway is a typical example of this type of communication. This approach greatly simplifies the VPN setup on the client side. Similar to the first category, remote working greatly increases the demand on the VPN side.

With increasing adoption of Infrastructure as a Service (IaaS) and services running in public cloud (SaaS), enterprises may have part or even all of their IT infrastructure and services running in the cloud. The services in the cloud demand the same protection as on-premises services, and secure connections are required to link multiple sites in a hybrid cloud deployment.
As a result, customers are looking for remote security solutions that offer hybrid cloud secure connectivity, a single pane of glass for management and monitoring, and the same protection both on-premises and in the cloud. Remote workers should be able to connect to secure cloud services in a similar way as to the corporate network. Customers need vendors who can provide a complete solution for a hybrid cloud environment.

Zero Touch Network Access (ZTNA) integrates tight user identity controls directly to the access to network or corporate assets. Access is granted only to the targeted resources with minimum privileges after the user passes multi-factor authentication. Compared with traditional device-to-site VPNs, ZTNA is more secure by applying dedicated control between the user and the asset. To achieve this, vendors need to deliver ZTNA as an integrated solution, and enterprises need to pay more attention to asset classification and detailed security policy configuration.

Hillstone Networks was selected as one of the representative vendors in the Gartner Market Guide for Virtual Private Networks. Site-to-site IPsec VPN and device-to-site SSL/TLS VPN have been supported on all firewall appliances from Hillstone for many years. Virtual firewalls with VPN support were also released several years ago, which enables Hillstone customers to establish secure remote working connections in a hybrid cloud environment.

The latest Hillstone SD-WAN solution includes Zero Touch Provisioning for VPN, which eases the pain of large VPN deployments for branch-to-HQ setup. Hillstone continues to add new solutions to its product portfolio and offers a complete solution to support distributed enterprises and secure work-from-home use cases.

*Gartner, “Market Guide for Virtual Private Networks”, Rob Smith, Jeremy D’Hoinne, 3 November 2020.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.