Computer Main Board

Different VPN Services

Looking for the best VPN service for your business? Let’s consider different VPNs and where they fit.

Client-based VPNs

A client-based VPN is a virtual private network created between a single user and a remote network.

In most scenarios, the user manually starts the VPN client, and authenticates with a username and password. The client creates an encrypted tunnel between the user’s computer and the remote network. The user then has access to the remote network via the encrypted tunnel.

Windows, Mac, and mobile operating systems often have standards-based VPN client options built-in.

Note that while IPsec was the client VPN protocol of choice for many years, SSL is more often used these days.

Client-based VPN apps make it easy for your users to connect their laptops or mobile devices to your private resources from anywhere.

Network-based VPNs

Network-based VPNs are virtual private networks that securely connect two networks together across an untrusted network. One common example is an IPsec-based WAN, where all the offices of a business connect to each other across the Internet using IPsec tunnels.

There are several kinds of network VPNs. We’ll look at three of the most common:

  • IPsec tunnels, both route-based and policy-based
  • Dynamic multipoint VPNs
  • MPLS-based L3VPNs

IPsec Tunnels

The simplest kind of network VPN is the standards-based IPsec tunnel, and most network routers and firewalls are capable of building one.

In principle, the tunnel on a network-based VPN is no different from a client-based IPsec tunnel. Both network and client implementations create a secure tunnel through which encrypted traffic flows between networks. While the client-based IPsec tunnel is designed to encapsulate traffic for a single device, the network-based IPsec tunnel carries traffic for entire networks of devices, allowing them to communicate.

IPsec tunnels that use some flavour of crypto access lists to define the traffic that can flow through them are generically termed policy-based VPNs.

The catch with policy-based VPNs is that the crypto access lists require maintenance to keep up with the demands of the business. If a new IP network comes online that needs to access a network on the other side of the tunnel, the crypto access list must be updated on the devices on either side of the tunnel.

Use policy-based IPsec tunnels when you need to build a single tunnel between two sites to provide carefully controlled access to resources.

In contrast to policy-based IPsec tunnels, route-based IPsec tunnels are more like a virtual link, allowing any traffic to flow through them.

Dynamic Multipoint VPN (DMVPN)

The current version of DMVPN expands the idea of IPsec point-to-point tunnels into a cloud of connected networks. With DMVPN, any network can talk to any other network directly across the DMVPN cloud.

Implementing DMVPN requires devices that can terminate a DMVPN tunnel.

DMVPN is a complex technology, requiring the use of GRE tunnels, IPsec, NHRP (Next Hop Resolution Protocol), and a routing protocol, all interdependent components that allow full mesh communication.

Use DMVPN to connect remote sites to a larger corporate network across the public Internet using a standard router configuration that’s hands-off once completed.

DMVPNs eliminate the need to know remote IP addresses, allowing for dynamically assigned IPs to connect to the infrastructure securely, registering their IP address with the DMVPN NHRP hub router. This allows the solution to scale as high as thousands of participating sites. The end result feels like a traditional WAN connection.

MPLS-based L3VPN

As a bonus, I thought I’d briefly mention L3VPNs, the most commonly deployed application over multiprotocol label switched (MPLS) networks.

MPLS is most often found in service provider networks. MPLS allows service providers to virtualize their networks so customers can share the physical network but still be kept logically separate.

If your company obtains WAN service from a service provider, the service provider is most likely offering L3VPN services over their MPLS network to your company. In this scenario, each office in your company connects to the service provider through what the service provider sees as a customer router — the one that connects the WAN circuit from the service provider to the rest of your network.

Internet bandwidth is remarkably cheap when compared to private WAN bandwidth running over a carrier’s L3VPN service.

Conclusion

There’s so much more information about the best VPN service and how it suits your specific needs. I’d love to have a chat with you if you are considering what might work best for you.

computer repairs in Brisbane

Looking for computer repairs in Brisbane? You’ve come to the right place!

At Brisbane IT Guru, we make your IT and computer services as simple and as easy as possible with exceptional service and reasonable pricing to suit all budgets. My service is prided on being punctual, reliable and friendly, with quality technical knowledge that goes the extra mile to ensure customer satisfaction.

If you’re looking for computer repairs in Brisbane, the Redlands, or Logan, we can help. We assist with setup, computer repair, data recovery, and all types of IT support. We ccomputer repairs in Brisbanean look after your home computers and laptops, as well as providing computer solutions for small to medium sized businesses.

With extensive experience covering over two decades of work in the IT industry, we’ve pretty much seen it all; this means we can troubleshoot your problem quickly and efficiently and allow you to get back to work, back to study or simply back online now. We understand how much failing systems, slow or broken computers, or other IT problems can impact on your personal life or business. We just want to get you up and running as quickly as possible so you or your staff can get back to work.

Because we work in and around Brisbane, the Redlands, and Logan, there are no travel fees or charges, just one fair and affordable flat. So, if you are looking for computer repairs in Brisbane, or perhaps ongoing support or maintenance, you have come to the right place, we are here to help.

All work is completed by Andrew, the owner of Brisbane IT Guru. Andrew doesn’t hire technical support, he is technical support. This means that he can provide exceptional customer service, high-quality knowledge of computer systems, and a real personal touch with every single customer. This is his business, so he wants to ensure that every customer is happy with their support.

Ransomware

Protecting Your Business Against Ransomware

Ransomware. The term itself has an eerie ring to it. It is one of the newer threats, a serious one, plaguing businesses and individuals alike.

Gone are the days when malicious files would simply cause headaches and inconveniences such as duplicating folders and spamming you with ads; they could be removed with a couple of simple scans using an antivirus. However, ransomware is a much greater threat to anyone who has digital information worth safeguarding.

What is ransomware?

Before we begin solving a problem, understanding it is paramount. Ransomware is defined as software that run with the intent of locking you out of your files, or at least claiming that your files have been infected, while requesting payment or ransom to unlock them. It is the digital equivalent of kidnapping, instead of people, your data is held hostage.

There are several grades of ransomware spread out on the internet:

  • Low-Grade – Also termed as ‘scareware’, they are aimed at simply scaring the user into believing that their files are infected and will continually spam links pointing to fake antivirus tools that promise to remove them for a fee. This type of ransomware is usually simple to remove on your own with the assistance of a quality antivirus.
  • Mid-Grade – These types of ransomware are relatively more problematic; they lock your screen and/or browser and show official-looking pages that claim to belong to the Government, ‘notifying’ you of illegal activity detected on your computer. Moreover, they generally provide a link to pay a ‘fine’ to unlock your PC or browser. It is not easy to remove as they tend to lock you out of your PC and you should consider getting the assistance of services providing IT support in Brisbane.
  • High-Grade – One of the most dangerous types of malware out on the internet, it actually locks you out of your files by encrypting them. In addition to this, they demand payment within a set deadline, failing which, they threaten to destroy your files. Businesses with sensitive information on their PCs should be aware of these threats and should take steps to safeguard themselves. One of the ways to make sure you stay protected is getting professional safety consultations from Brisbane IT Guru.

How to safeguard against ransomware?

Although there is no sure-fire way of protecting yourself from ransomware, there are methods you can use to give yourself a fighting chance against them.

  • Install ALL security updates and patches – A majority of people tend to ignore the pending update notifications, and this is one of the main reasons that ransomware is so successful. Security patches, especially ones that patch your browsers and operating systems, are aimed at shutting down security loopholes that these software exploit. Hence, maintaining a fully-updated system will stop a good portion of attacks being successful.
  • Employee Training and Education – A lack of awareness about this problem and how it permeates to your systems is what creates an environment conducive to exploitation by malware such as ransomware.
  • Intermittent Cloud Backup – The cloud. This is probably the most crucial weapon in your arsenal to tackle ransomware. Ensure that all your data is backed up securely in the cloud, protected with several layers of encryption. Consequently, even if someone hijacks your data, you can stay tension-free and simply wipe your system clean and restore all sensitive information from the cloud as needed.

Steps to take if infected with ransomware?

Suppose you take all the necessary steps and still fall prey to a ransomware attack, here’s what you should do next:

  • If your PC is connected to a network with other computers on it, immediately unplug yourself from the internet by pulling out the cord or switching off your Wi-Fi.
  • Perform scans on all your cloud backup data to ensure that your data is safe.
  • If your data is clean, format your machine and install a fresh copy of Windows on it. Now restore all the required data from the cloud.

In case you got infected before you were aware of the safety measures listed above, here’s what you do:

  • Unplug your PC from the network immediately, this step is crucial in any scenario as you do not want the ransomware trying to launch attacks on other systems in your workplace.
  • Check for a system restore point, Windows automatically creates one at regular intervals, and go back to a date where you are confident your system was clean.
  • If the above step doesn’t work, try booting into Safe Mode and run a full antivirus scan.

However, if all the above steps fail, your next best option would be to get help from our services that offer comprehensive data recovery or computer help in Brisbane. The famous saying, prevention is better than the cure, rings true in the case of ransomware too. Hence, make sure that you take all necessary precautions to prevent an attack on your precious data.