Mountain West Farm Bureau Insurance
office workers empowered by business technology solutions
BLOG
4
28
2020
10.1.2021

Using System Center to Reduce VPN Congestion from Remote Workstation Updates

Last updated:
9.20.2020
10.1.2021

During this challenging time, we need to make sure our infrastructure is available for our quickly evolving remote workforce while ensuring security and compliance.

Many organizations have sent devices home with employees so they can work remotely. Your standard monthly Windows and security updates — typically distributed across a high speed, corporate network — can now potentially create bandwidth and user performance issues if received over the corporate VPN. It’s critical to maintain patching and compliance schedules while minimizing traffic spikes over your VPN that can cause connectivity and performance issues.

In the below charts, you can see a real-world example of how customer’s traffic quintupled in the last few weeks as all employees began working remotely and connecting via the corporate VPN.

The graphic below shows the customer’s devices connecting via VPN or internet-based clients. The goal to reduce load from the VPN would be to shift clients from the intranet MP (orange) to either the Internet MP (green) or the Cloud Management Gateway (blue).

Using System Center to Minimize the Impact of Updates on the VPN

When you are sending updates to these remote clients, the network undergoes further strain. For example, I recently spoke with one of my coworkers, whose wife works for a state government agency. Their remote system access was completely choked last Friday as the VPN could not handle the simultaneous influx of traffic. While she was happy enough to call it a weekend early, that kind of disruption should not become the norm for remote work.

There are two System Center tools that help offload on-premise software distribution to Azure cloud resources, reducing the load on your corporate VPN.

A combination of the Cloud Management Gateway and Cloud Distribution Points allows you to manage SCCM clients on the internet and push software content to internet-based clients using a Platform as a Service portal.

This has the dual benefits of cloud-enablement of your content distribution, which reduces the need for traditional on-prem distribution points, while avoiding exposure of your on-prem infrastructure to the public internet.

The 280 clients in the above charts are internet-based and get their content from the Cloud Distribution Point or Microsoft Update. The benefit with this strategy is that the VPN load will be reduced, providing better performance to all remote workers. The VPN clients cause the intranet-connected client numbers to peak by around 1,000 each day. Using traditional patching approaches will result in updates being pushed to these Intranet managed remote workers via the VPN. This will likely put significant load on the VPN and reduce performance, potentially impacting the remote employee’s access to critical business platforms.

Ultimately, Azure and System Center offer several ways to minimize disruption to your network and compute resources as your distributed workforce and corporate owned computing resources require patches and updates. If you need guidance around how best to accomplish VPN optimization or patching and compliance in this new paradigm, Green House Data is ready to help.

Recent Blog Posts

lunavi logo alternate white and yellow
11.29.2021
11
.
05
.
2021
Improve Your Cloud Security Posture with Azure Security Center

Azure Security Center can help you strengthen your security posture by providing “at a glance” security updates via Secure Score, leveraging Azure policies behind the scenes, and keeping you compliant. In addition, Security Center recommendations can help you rapidly rectify any security concerns in your environment.

Learn more
lunavi logo alternate white and yellow
10.1.2021
07
.
19
.
2021
How Lunavi Approaches Digital Transformation: HostingAdvice Company Profile

For prospective clients and partners, the history, ethos, and capabilities of a vendor are paramount. HostingAdvice.com recently profiled Lunavi to explore our approach.

Learn more
lunavi logo alternate white and yellow
10.1.2021
04
.
26
.
2021
Test Automation Best Practices: Balancing Confidence with Efficiency

Automation can instill confidence to release software and improve the team’s ability to create high-quality applications in the fastest and most efficient way possible. Essentially, it eliminates the need to compromise or choose one set of priorities over another. Instead, it allows teams to strike a balance between confidence/coverage and speed/efficiency. But automation isn’t a one-size-fits-all solution.

Learn more