VPN cards? Or an alternative to locking a PC onto a VPN

Mark R

Diamond Member
Oct 9, 1999
8,513
16
81
I'm planning a business idea, where employees would install a corporate workstation at their home.

The workstation needs to connect to the corporate LAN over VPN, and obviously the workstation will be suitable locked down with group policies, yada, yada.

However, I'm wondering what the practicalities are, particularly as I want the workstations protected against the potentially hostile environment of the home LAN. So I'd prefer that the OS has absolutely no visibility of the home LAN, just the VPN (in order that threats known and unknown can be mitigated).

Is there something like a VPN card - which you just plug into a regular ethernet with internet connectivity?

Alternatively, would a hardware VPN router be a better idea? And if so, how do I prevent the workstation from being able to "see" the home LAN if the employee decides to play switcheroo (and similarly, how can I prevent the VPN router for providing VPN connectivity to the employee's personal machines). Presumably, a decent VPN router would provide IPsec, which would provide the necessary security.

However, I'm really not to sure what sort of stuff is on the market for the SME segment.

Any ideas on the feasibility of this project?
 

mammador

Platinum Member
Dec 9, 2010
2,120
1
76
As I understand it, there are specific TCP/IP or Internet Protocol Suite protocols for VPNs. Many utilise tunnelling, so it sits on top of or piggybacks existing Layer 1 links.

The firm's IT Dept. would sort out security issues, to make sure nobody would tap into the tunnel, or on the host end.
 

imagoon

Diamond Member
Feb 19, 2003
5,199
0
0
I am pretty sure Microsoft DirectAccess does this already. Depending on how you set the workstation policy of course.