The Remote Access Choice: VPN or APN?

Your rating: None (5 votes)

(This article originally appeared in the blog iOS4Business, by Mathieu Bernier.)

When you’re working on an iPhone/iPad deployment project you will always come to the point where your customer or yourself asks, "How can I secure remote access to my company?"

The first answer that comes to mind is "Configure a VPN tunnel." But an underestimated way to secure the access to your internal assets is through the use of Access Point Names, or APNs.

What is an APN?

APNs are gateways typically hosted by your mobile phone carrier, allowing your mobile to browse Internet using the mobile network. In general, APNs are shared between users and you don’t even know that your phone uses this gateway to access Internet. But if you’re a big company and you prefer to have your own private APN hosted by your carrier, you can rent one for all your devices.

Advantages?

The big advantage is that when you use a private APN, the VPN tunnel is configured between the APN gateway and your VPN gateway. That takes away the battery problem you can encounter with traditionnal VPN deployments.

That’s the basic configuration offered by your provider. Usualy you can deploy more secured and scalable architecture, with redundancy, MPLS links if you have one etc… These APNs are usualy RADIUS compatible so you can, on your side, restrict access to your network only to devices registered in your fleet.

Disadvantages?

There are three main disadvantages using APN :

  1. First, the price. The rent is starting around 900 euros/month in France for a no-failover, simple configuration.
  2. You need to rent an APN in each country where you want to deploy your fleet.
  3. All your 3G data traffic is going to be redirected on your own network, in and out, so you need to make sure that your infrastructure can support this traffic growth.

Configuration

APNs can be set using the iPhone Configuration Utility or using most Mobile Device Management software.

Backlinks

Recent Activity