OpenVPN Compared to IPsec VPN
Even though IPsec is the de facto standard, there are many arguments for using OpenVPN. If you want to convince your management about why your branches should be connected through OpenVPN instead of IPsec VPN, the following table can help your argument (points preceded by "+" are advantages and points preceded by "-" are disadvantages):
|
IPsec VPN |
OpenVPN |
|
+ The standard VPN technology |
- Still rather unknown, not compatible with IPsec |
|
+ Hardware platforms (devices, appliances) |
- Only on computers, but on all operating systems. Exception are devices, where embedded UNIXs are running like OpenWrt and similar |
|
+ Well-known technology |
- New technology; still growing and rising |
|
+ Many GUIs for administration |
- No professional GUI; however, there are some interesting and promising projects |
|
- Complex modification of IP stack |
+ Simple technology |
|
- Critical modification of kernel necessary |
+ Standardized network interfaces and packets |
|
- Administrator privileges... |
