We currently use Norton as our AV solution. The licenses we hold (40) do not include the Norton VPN (Comes with 360). Management would now like to use a VPN for users that frequent public Wi-Fi sites in the course of their business day. It is amazingly difficult to find a way to migrate our current Norton suite to the 360 product. Sales support is non-existent. So I was thinking that we use Azure in our development area quite a bit and did not know if they offer a solution like the Norton one. The only things I see are things that would let you VPN into the Azure environment (VPN Gateway). But we want a VPN for masking purposes while on a public network.
Hopefully this all makes sense. While I am quite clear on the use of a VPN to connect to a corporate network, I am a bit muddy on using one that just protects you while connected to Joe’s Coffee Shop Wi-Fi and surfing
What’s your purpose for a VPN? File sharing? On-premise apps? Remote desktop? Do you want to route ALL traffic through the VPN into your corporate network? If you just want file sharing there are other options. Likewise for remote desktop.
Remember, even if you setup VPN Gateway and client-to-site connection, you’ll be surprise how much it really cost for ingress/egress network traffic. It’s not trivial.
You may already know, Windows 10 does come with a VPN client.
https://support.microsoft.com/en-us/windows/connect-to-a-vpn-in-windows-3d29aeb1-f497-f6b7-7633-115722c1009c#WindowsVersion=Windows_10
one that just protects you while connected to Joe’s Coffee Shop Wi-Fi and surfing
If you’re browsing any site that is up to snuff with today’s standards, you’ll be sending data over TLS 1.1, at the worst.
Literally, it would take a nation state to sniff such data.
Rather than focus on some redundant layer of security that offers nothing, train your end users to never, ever submit sensitive data if there isn’t that padlock we’ve come to recognize for the past decade next to the URL.
@InitializedVariable Yes, that is all I want. We have a VPN to get into the office. They want one to use when connecting from public sites to the internet. I have advised them as to what you stated and they still want me to look into it. All I was looking for here was an alternative to removing all the Norton installs, cancelling subscriptions, and reinstalling 360 which has the VPN capability. I guess I’ll try again to reach out to Norton and see if they have a better way to migrate between plans. They are VERY hard to open any discussions with.
Fair enough. Here’s what I would do: always-on VPN to headquarters, full-tunneled. Mission accomplished.
All about using Azure, but implementing this will be a considerable expense, especially if you go 100% Azure and use their PaaS firewall. Besides, last I checked, the P2S VPN doesn’t support full-tunneling.
If you want to go Azure, what I would do is configure devices to use an HTTP proxy (Squid, NGFW, whatever) hosted in Azure.