Business owners and their employees seem to have fallen in love with the work from home (WFH) model. With proper techniques, employees can perform their duties and stay in constant contact with others while they are physically separated. However, for most companies, the technologies used to connect remote workers today may not be ideal in the long run. Thus, IT engineers spend time searching for tools and platforms that provide additional performance and security benefits.
Through this research, many have found that two distinct architectural models—traditional hardware-based hardware that is deployed to each WFH employee or software-based tools installed directly on computers–offer the greatest benefit. While both offer similar benefits from an application performance and security perspective, there are distinct differences that may make one option preferable to the other. Let’s look at both options and how they differ:
1. Hardware based performance and security
For years, enterprise network manufacturers have been designing and selling SOHO routers to small branches and permanent WFH employees. These tools allowed administrators the ability to remotely manage and monitor connectivity while providing basic data encryption/protection services. Over time, the number of advanced features packed into these little SOHO boxes has expanded exponentially and is now largely focused on state-of-the-art security and performance functions that mimic the protections found within the corporate network. Examples of common features include:
- Layer 7 Firewalls
- Enterprise-grade secure Wi-Fi
- Create a dynamic site-to-site VPN tunnel
- Software Defined Networking (SDN)
- Traffic Shaping Aware App
- Ethernet port security
- Centralized management and troubleshooting
In many ways, hardware-based devices provide proven reliability and provide a distinct physical boundary between an employee’s “home” and “work” network while working remotely. This section tends to help protect against employees using company-owned computers for personal use.
2. Software-based performance and security applications
While device-based tools excel in situations where WFH users are expected to work from one location, the protections that device provides disappear when users choose to work elsewhere. As COVID-19 restrictions begin to ease, WFH employees may want to work outside of a coffee shop, hotel, or any number of alternative locations. While it would be wise to expect employees to bring their laptop to work with them on these trips, few would be willing to unplug the hardware security/performance device each time they want to work from a different location. It will not be possible to connect this type of equipment in many locations. Solving this navigation issue is exactly where software-based security/performance tools come into play. These tools can be installed directly on corporate laptops and can work anywhere there is an internet connection.
Over the past couple of years, software-based tools have expanded beyond VPN remote access and are now able to offer the same firewall and SDN capabilities found in hardware-based alternatives. In addition, many WFH software tools now rely on cloud computing and edge computing to deliver highly advanced security features such as:
- Zero Trust Network Access (ZTNA)
- Web content filtering
- DNS security
- Data Loss Prevention (DLP)
- Advanced Persistent Threat Prevention
These are the types of security services that require more processing power than commercial laptops and SOHO devices can provide. Thus, the combination of the security product and software-based performance coupled with the Secure Access Service Edge (SASE) model delivers the most advanced security and performance benefits in a highly portable package.
Mobility, features, and cost will determine the best option
There is no right or wrong answer to the hardware versus software question in this case. The choice between hardware and software-based WFH performance and security services is likely to be determined by answering the following three questions:
- Are users likely to work from one site or multiple sites?
- What levels of performance and security protection are needed for the remote user base?
- How much does it cost to deploy and manage hardware-based devices against a SaaS model that can increase the price significantly depending on the types of performance/security features required?
Given that WFH’s policies are likely to remain in place for the foreseeable future, I’m willing to bet that software-based tools will become the preferred option going forward as they allow for greater scalability and upgradeability to new security services. However, hardware-based products have proven to be highly reliable and battle tested. Thus, this architecture model may be preferred in situations where reliable connectivity and ease of management are of paramount importance.
What to read next:
Working from home: a year in review
8 working from home experiences we didn’t expect last year
Why IT teams working from home may be at greater risk of burnout