Last month, we walked you through the benefits of using eduVPN, a tool for secure remote access to your organization’s protected systems (read article). On November 12, many of you also participated in our online information session. Currently, we are continuing to explore the opportunity to offer this service to our community. This is already made available by NRENs in other European countries and is already well used. We share with you three examples of the successful use of eduVPN in research and higher education institutions in Europe. (©géant news)
In Portugal, the University of Minho has chosen to use eduVPN, Marco Teixeira explains the reasons: “Amid the COVID-19 first-wave pandemic, and the increasing necessity of teleworking that derived from the confinement period, the Information and Communications Systems Services Unit of University of Minho, was tasked with the development of a contingency plan in several areas, regarding this new scenario. Remote Access service (VPN) was one of the areas for which there was the need to increase the service capacity to support an exponential growth in remote workforce. After some research, we preselected the eduVPN, a community project supported by GÉANT. This community project has the features that meet our requirements and is based on well-known and tested open source technologies. After a brief assessment we decided to adopt it. The main points in favour are:
- the absence of licensing and financial costs;
- simplicity of use for our end-users especially those with mobile clients;
- has applications for all the major platforms;
- an architecture capable of horizontal scalability that allowed us to repurpose some servers for the project.”
In France, the CNOUS - which manages, among other things, accommodation and catering services for students and which is made up of 27 sites spread over France - heard about eduVPN at the start of the COVID crisis via Renater, the French NREN . The service aroused the interest of the CNOUS because the VPN solutions used so far could not support the 15,000 potential users. In less than two weeks, they put into production a complete eduVPN solution covering all 27 organizations.
The CNOUS has also developed a specific web interface allowing the IT department of each site to be able to monitor its own users (number of simultaneous connections, list of current users, speed, etc.). They also configured different profiles for eduVPN. End users can for example have access to the CNOUS intranet while specific profiles can access confidential data.
In the Netherlands, eduVPN is offered as a managed cloud service. This means the eduVPN servers are maintained by SURF. Melvin Koelewijn (Technical Product Manager SURF) is responsible for the Dutch eduVPN servers. When asked about his experience with eduVPN server scaling aspects he says: “Our largest university handles 750 concurrent users effectively with a 2 CPU cores. Based on this I expect a 16 CPU core VM would be capable of handling up to 5k concurrent users. The eduVPN software also supports multi server scaling and we are now deploying an eduVPN cluster with 4 VMs in order to handle 10k+ concurrent users.”
Most institutions start with a single server, but it is also possible to deploy multiple servers with OpenVPN processes in order to allow for a higher number of concurrent users or distribute over different locations. Typically, a server (with 16 cores and >= 10 Gbit) can allow up to 1,000 clients to connect (depending on Firewall and Connectivity capacity).