NordLayer Remote Access VPN | Features & Review | #linux | #linuxsecurity | #education | #technology | #infosec

I’ve been a big advocate of privacy and security for a very long time. And in today’s world, anyone who doesn’t take those two issues seriously might as well draw a target on their backs and wait for bad actors to do their thing.

This is why any company that has permanent or even part-time remote workers should consider a VPN a must-have. The good news is there are plenty of outstanding VPN technologies available. One such platform is NordLayer.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

NordLayer is not just a client-based VPN tool that you have your employees install and hope they remember to use, it also includes an admin console that allows you to keep tabs on those employees if they’re using the VPN, and what gateways they’ve connected to.

NordLayer also features threat management, network management, 2FA/SSO/biometric authentication, auto-connect, network segmentation, site-to-site dedicated gateways, shared servers, AES 256-bit encryption, ThreatBlock, custom DNS, dedicated IP addresses, jailbroken device detection and smart remote access.

NordLayer offers three different plans:

• Basic: $7.00 user/month.
• Advanced: $9.00 user/month.
• Custom: contact for pricing.

To find out what each plan offers, make sure to check out the NordLayer price/feature matrix.

But how does NordLayer perform as a straight-up VPN? I created a Basic plan and installed the required software on both Ubuntu Desktop 22.04 and macOS Monterey to see how well it performed and how easy it would be to manage users from the console.

I came away from my testing impressed with the NordLayer service. Let’s dig in.

The NordLayer client

As far as the NordLayer client is concerned, there’s a world of difference between what’s available for the Linux desktop and the macOS desktop. On Linux, you’re relegated to the command line. Once you’ve installed the NordLayer client, you must log in with the command:

nordlayer login

You’ll then be prompted for the login type, which is dictated by how your admin has set up the account. After logging in, you then must select a gateway by first listing them with the command:

nordlayer gateways

Locate the gateway you want to use and then issue the command:

nordlayer connect GATEWAY

Where GATEWAY is the gateway you would like to connect to. At this point, you are connected to the NordLayer VPN. If you go to whatismyip.com, you should see your connection as emanating from the country you chose for your gateway.

On macOS, things are significantly easier. Install the software, launch the software, log in to your account and then, from the top-bar drop-down (Figure A), select the gateway you want to use.

Figure A

Once connected, I found NordLayer VPN does not suffer from the dogged slowness of network connections that other VPNs fall victim to. Yes, there is a slight slowdown of connection speed, but it’s hardly noticeable. Web browsers load quickly and even ping times are pretty average.

The only difference I did notice was there was a slightly higher packet loss for pings (around 20%). That could simply be the gateway I was connected to: To test that theory, I connected to the Japan gateway and discovered the slowdown was pretty dramatic. You’ll find your users will have to pick and choose their gateways to get the fastest connection speeds.

Another nice feature which isn’t available on the Linux version is the trusted Wi-Fi networks option, where you can define if a network is trusted or not. With this feature, you can not only define a network as trusted, but you can also set a default gateway for the app (Figure B).

Figure B

The management console

This is where NordLayer stands out for me. Instead of just offering client-based tools, the platform includes a management console that gives your administrators the ability to see what team members are logged in and what gateway they are using (Figure C).

Figure C

Connected team members are not only listed by name and by the connected gateway, but also by the WAN-facing IP address of the network they are connected to.

One thing the console is missing is the ability to control team members’ connections. You cannot disconnect them from the VPN, change their gateway, monitor their activity or make any configurations for them.

Even with this caveat, the NordLayer admin console does make it very easy for you to see what teammates are connected and the gateway they are using. This alone makes the service a worthwhile investment, especially if you have numerous remote workers who should be connecting to a VPN when using less-than-secure networks. With the NordLayer admin console, you can do a quick check and then send out a reminder to those team members who are not connected to the VPN.

Of course, adding new members to the VPN is fairly straightforward. Simply go to the Member section and click Invite New Member (Figure D).

Figure D

You cannot, however, install or configure the required client remotely, so you’ll have to count on your remote staff to take care of this on their own.

Conclusion

For any business looking to add an extra layer of protection without having to struggle through complex and lengthy setups, NordLayer is a breath of fresh air. It’s incredibly simple to use for both admins and end-users and isn’t bogged down with too many features.

If your company is looking for a VPN service, and you want something simple and effective for your remote staff, you cannot go wrong with NordLayer.