[bschlinker]

I'm not sure I see what the big issue is with VPN access.

The author complains that VPN connections choke the user's bandwidth, but I am not sure I know many examples of this. Typically through a VPN connection I will see higher latency to external internet point if the company does not allow split-tunnel routing. However, decreases in the user's bandwidth only occur if the company does not have the appropriate bandwidth available for the number of VPN users logged in. Perhaps I am just lucky, but I've never had this problem.

Regarding the pain of logging in, Cisco's new Cisco AnyConnect VPN automatically re-authenticates you to the VPN session so you don't need to keep signing in as you shift locations. Microsoft's DirectAccess allows you to have a VPN session automatically established with no additional authentication necessary whenever it finds a network connection available.

The author proposes cloud services? Those don't work too well for large companies in my opinion. In fact, I don't think they work well for small companies yet either. Google Docs just doesn't have the functionality required and STILL lacks the idea of having centralized repositories of information. If you want to share a document with your entire Google Apps organization, you can "share it" but the people in your organization must know to search for it in order to discover it. There is no way to browse "All Documents in My Company" which creates a huge pain.

Most companies and their employees, especially Fortune 100 companies, utilize "Network Volumes". Go into one of these company's and talk to the employees. "Oh, that is on my U drive, and the other documents, those are in the company wide public share on my P drive". They browse to these files seamlessly over the VPN, edit them, and they are updated on the remote server.

VPNs also HELP ensure compliance (though they definitely don't guarantee it). You no longer need to worry whether every single cloud service you are using has the proper security configuration. There may be some wiggle room here, but I know that with Active Directory Group Policies, I can really lock things down on users through one centralized management interface. If I have 10 cloud services, I have 10 different things I need to worry about locking down.

[barrkel]

The problems I've had with VPNs are probably down to misconfiguration, but the primary one was limited bandwidth over the VPN, not limited bandwidth to the internet. Living in Europe, but connecting to a VPN server in California, reduced a 4Mbit connection to something closer to 64kbit - I hypothesized that whatever corresponds to the TCP window on the VPN was configured with too low a size, and the latency was killing stream throughput.

[joshwa]

Same problem, same numbers. (China -> Atlanta). Is your VPN Juniper IVE by any chance?

[barrkel]

The only non-generic client is Nortel, I'm not sure what's at the other end (but I'd guess Nortel).

[ROFISH]

I thought I was slowly going insane trying to find the "All Documents in My Company" feature of Google Docs. Glad to know I'm not the only one desperately missing it.