Need Clarification on "Public VPNs" re: Firewall Rules

Just wondering what exactly is included with this rule. The word "Public" is confusing me. Does this mean only free VPN services or does it include private VPN Services that are paid for (e.g. ExpressVPN, Private Internet Access, NordVPN, etc.)?


1Password Version: 7.6
Extension Version: 4.7.5.90
OS Version: OS X 10.15.6
Sync Type: Not Provided

Comments

  • Ben
    Ben
    edited July 2020

    Hi @alex_pres_tech

    This would likely include the services you listed. The public/private distinction is there to differentiate between e.g. corporate VPNs, which are generally only accessible to employees and contractors of the corporation, and services which anyone can sign up and use. We don't block the former. We do block the latter.

    Is that more clear? Please let me know.

    Ben

  • alex_pres_tech
    alex_pres_tech
    Community Member

    Perfectly clear. Thank you so much.

    For a small business, it is usually economical to use a paid VPN service as opposed to spending large amount on hiring a specialist to come in, buy the hardware and set up a "corporate VPN". I know it would be difficult, but it would be ideal for a firewall rule to allow a specific VPN service and disallow all others. I figure that's impossible, so thank you for the help.

  • Ben
    Ben
    edited July 2020

    I figure that's impossible

    I don't know that it is impossible (though it indeed is not currently an option). I'll pass the suggestion along to the team for consideration. :)

    For a small business, it is usually economical to use a paid VPN service as opposed to spending large amount on hiring a specialist to come in, buy the hardware and set up a "corporate VPN".

    While they typically use the same or familiar technologies these two things typically serve different purposes. Corporate VPNs are most often established to allow remote workers to access resources available only while connected to the corporate network. The purpose of publicly available VPNs is generally to mask one's location or to allow for some security while connected to an insecure WiFi network.

    I don't know of any publicly available VPNs that allow for printing to a printer at the office while remote, for example, though that would be a fairly common use case for a corporate VPN.

    And not to get too far off topic, but a corporate VPN for a small number of employees can likely be set up fairly inexpensively. :+1: The difficulty is scale — but by that point you likely have other challenges and resources.

    Ben

  • alex_pres_tech
    alex_pres_tech
    Community Member

    Totally appreciate the help. We have gone the route of moving all shared files/folders to a Dropbox-like service, and only print when absolutely necessary, and in this case, we don't print to the office remotely, so for us, it is truly remote when we are remote. VPN service for us just protects us and our company's data on public WiFi, etc., so again for our use case, a paid VPN service works beautifully, hence the wish for additional options in the firewall rules for VPNs.

    Thank you so much for your help, your team is always on-point.

    Alex

  • Understood! You're very welcome Alex, and thank you for your feedback on this feature for your use case.

    Ben

  • @alex_pres_tech If you have a dedicated IP address with your VPN provider you can add an allow IP rule above the deny VPN rule.

This discussion has been closed.