In this era of telework, many of us around the world are teleworking daily for the first time. Even if we are part-time telecommuters, remotely accessing the company intranet and our teleworking coworkers is now a daily practice.
Most companies enable telework in one of two ways: virtual private network (VPN) or a virtual desktop. Some companies offer one or the other, and some offer both. When I ask about which someone uses for telework, questions result. Most can be boiled down to one: what’s the difference?
This turned out to be more difficult than I had expected, so this post attempts to explain the difference from our working perspective. It’s not intended to be technically rigorous or to downplay the importance of security that protects company intranets around the world. So here is my nickel tour of the VPN versus virtual desktop.
The virtual desktop is essentially a host computer on the company intranet that uses a client application on your personal device to display its graphical desktop. The data that creates the desktop, which would normally show on a connected monitor, is encrypted and sent across the Internet to our devices, which decrypt it and update our display. It also exchanges data with our human interfaces like mouse, keyboard, and printers, depending on our device and the client application’s capabilities.
Virtual desktops are often allocated from a pool as needed; they aren’t physical computers, they just act like them. However, they may also be a limited resource, so companies need to plan accordingly to meet telework needs. Necessary applications run on the host computer, not our devices, so we don’t own or maintain the applications. Also, the information we work with never transfers to our devices. Rather, they load into applications running on the virtual computer within the firewall and are saved back to the storage location they loaded from.
Pros: Large files such as audio, video, or images can load directly into applications on the virtual computer or transferred between workplace locations without taxing our own Internet connections. Also, virtual desktop client applications are widely available for a variety of personal devices you may want to use, including Windows, Macintosh, and other Unix computers, tablets, and smart mobile devices with no special configuration. There is no need to own or maintain the desktop software needed for work.
Cons: As an allocated resource, the desktop might “time-out” and be returned to the pool while away or working offline. This time-out might also be triggered if our Internet connection is interrupted for any reason, including router issues or the connection quality from our Internet service providers. Also, if an application requires lots of data transfer to update the client, as with video, it could strain the workplace Internet connection. In practice, video performance is often intentionally degraded to one update per second or less, which then means poor performance.
Virtual Private Network
With a virtual private network, a properly configured device connects to the Internet and, with the same kind of authentication that might be needed for a virtual desktop, becomes a part of the company intranet—along with all of its security requirements. Data are encrypted and sent across the company’s Internet connection to the device we’re using. All required applications must be installed on our devices to use them. Data files can then be stored locally on our device or sent back across the Internet to their original location.
To use a VPN connection from a device outside from the workplace, devices are typically configured by information technology specialists. Many companies provide pre-configured devices for this purpose, rather than configuring our personal devices to make them work. In many cases, such companies completely prohibit personal devices from connecting to their intranets.
Pros: Once connected, our device is fully a part of the internal network with access to other devices, printers, servers, and services, both outsourced and organic. Because the device is physically in our possession, we can configure settings as we would on our workstation in the office. The VPN also excels where large data files transfer infrequently, allowing us to save them and work on them locally. This includes working offline if our VPN or Internet connection is terminated for any reason. Non-standard software, those applications beyond the office suite installed by most companies, can also be installed; they really cannot with a virtual desktop. A final note from personal experience, I’ve noticed an advantage for VPN for workplace conferencing applications, notably audio and video conferencing. This may vary between companies and configurations.
Cons: For those of us with capable personal devices, company-provided devices often demand more of our attention and take up space in our teleworking environments. High data demands from multiple devices at the same time may also strain a company’s Internet connection in certain circumstances, noting this might also be the case for virtual desktops. Large data files can transfer no faster than the speed of the slowest connection in the chain, which is typically our own Internet connection.
What’s the Difference?
Perhaps the biggest difference in the user experience is illustrated below. The virtual desktop runs in an application on our personal computer or mobile device, allowing us to use other applications and switch between them at will. The VPN device is directly a part of the company network, so all applications run natively on that device and are subject to the intranet’s security rules (including the proxy authentication to access the Internet). One sure-fire way to test this difference is to run a speed test, freely available on the Internet. The VPN device will display a speed limited by the bandwidth of our own Internet connection. The virtual desktop will instead measure the data transfer speed of the workplace connection with the Internet, which typically has much higher bandwidth than our home connections.
Again, this is not intended to be a technically rigorous explanation of either the virtual desktop or the VPN, but to highlight the difference from a user perspective.
Please let me know if this was helpful, what might need to be clarified, and what’s wrong with this summary.
Thanks for reading!
Featured image created by freepik – www.freepik.com