Maybe some of you heard about Open VPN, or SoftEther VPN, a VPN technologies allowing you to setup advanced VPN tunneling for your organization. One might ask why then do we have our own VPN product. This blog post is to clarify that.
Several books have been written about Open VPN and it is very known solution. The question is "Can Open VPN be used instead of Green Screens VPN"? Simple answer is: "Yes it can". However, we do not provide any kind of technical support for this.
The same goes for SoftEther VPN - free open-source VPN solution.
The reason is simple. Setup and configuration are complex, and quite overwhelming for an end user but also requires our support with remote access to the client company internal network to setup an environment. For larger organizations with multiple branches, it is even more tedious. Thus, we decided to create our own and easier to use solution.
Don't get us wrong here, both, Open VPN and SoftEther are extremly powerful products with a lot of features, which is also a common reason to be hard to setup requiring a lot of understanding how VPN works.
Our main point was to enable Green Screens Terminal Server running in cloud and being able to connect to the IBM i running inside client internal network with high industry grade security standards. And nothing more. Thus, we created VPN Client / Service apps that works as full VPN but without implementing all the features full VPN has but not required here. For an example, not requiring tap/tun network driver installation.
Additionally, Green Screens VPN service works as an instance-per-server mode because vpn service itself filters all incoming packets allowing / redirecting only to an IBM i server internal network IP. No access to other internal resources which brings one more layers of security and gives a full control under client hands.
Regarding security, Green Screens VPN uses the same techniques full VPN solutions has by implementing TLS 1.3 full client / server certificate-based authorization, authentication and strong modern encryption using proven industry standard protocols. Green Screens VPN is no less secure than any other VPN solution.
Compared to Open VPN and other solutions, Green Screens VPN setup for TLS is straight forward. If used with Green Screens Terminal Server, during IBM i tunnel registration, Green Screens Server will generate 2 files which should be copied to the VPN Service. Second step is to open port on the router and that's all. No other special installations and setups.
Implementing this feature, give us fully rounded solution for installing Green Screens Terminal Server and connecting it to the IBM i in all possible ways with an easiest as possible setup.
Green Screens VPN service can also work in standalone mode where it can be used in conjunction with VPN Client allowing remote workers to securely access IBM i with favorite telnet program and / or other services. In that case, password only (an easiest way) or TLS protection (strongest way) is available.
To use TLS in standalone mode, generate certificates with our Certgen tool by simply configure some values in config file, run certgen tool to generate certificates, copy certificates to VPN Service and you are good to go. VPN Service will create bin file containing all what is needed. Send bin file to the remote worker to copy files in VPN Client location and run the client. Nothing else to do. Easy and simple.
Green Screens VPN is specially developed solution for IBM i with a goal to make it as easy as possible to setup encrypted tunnel for end user without requiring special knowledge or multiple installation from drivers, various tools and other requirements but keeping high industry grade security standards. This approach might be ideal from small businesses with limited knowledge or resources.
This bring us to the next feature. Green Screens Terminal Server can be installed and managed inside Cloud by us, and small VPN Service program can run inside client company network to enable secure link with extremely easy Green Screens Product setup and install ideal for small business.
Green Screens VPN is closed source but absolutely free non-chargeable solution made for one purpose and to do it well. That's the bottom line.
Of course, if someone wants more features as connecting and accessing company internal network resources from remote locations, then sure, solutions as Open VPN, SoftEther or other commercial products with specialized appliances might be a better choice.
The choice is up to you.