Corporations and organizations increasingly rely upon remote and off-site employees and users to accomplish tasks while they are traveling or at home. Offsite employees may ‘telecommute’ while traveling, from their homes, and/or from remote office locations. These remote users and off-site employees often need to access their corporate or organization networks from client devices that are not directly connected to their corporate or organization network.
Remote users typically access corporate and organization networks by connecting to a Virtual Private Network (VPN) in order to access the same applications, servers, databases, and directories/files that they are able to access while directly connected to a corporate or organization network. Although VPN connections allow remote users and offsite employees to execute applications and access files hosted by a corporate or organization network, the relatively low quality (i.e., lower bandwidth, higher latency, and increased delay) of some user's remote connections often translates into an inferior experience as compared to direct network connections. Lower quality VPN connections hinder the productivity of off-site employees and force their employers to choose between subsidizing upgrades to their employee's remote connections and mandating that telecommuting employees pay for upgraded remote connectivity themselves.
In the fields of packet-switched networks, telecommunications, and computer networking, Quality of Service (QoS) refers to a set of technology and techniques designed to provide improved service to selected network traffic or users. The goal of QoS is to provide guarantees on the performance of a network or service. QoS metrics can include availability, bandwidth, latency, delay, upload data transfer rate, download data transfer rate, and per-session upload/download limits (i.e., total amount of megabytes or gigabytes that can be uploaded and/or downloaded during a network session).
A network can assign different QoS levels to different network client devices and users. QoS can also guarantee a certain level of performance to a user or client device associated with a user in accordance with requests from an application program or an internet service provider's (ISP's) policy. QoS guarantees are important when network capacity is limited, for example in cellular data communications networks, for real-time streaming multimedia applications, in voice over IP (VOIP) applications, and Internet Protocol (IP)-TV, as these applications require fixed bit rates and are delay sensitive.
Network customers and providers typically enter guarantees into a contractual Service Level Agreement (SLA). An SLA defines metrics that a service provider must meet for performance, throughput, and latency limits based upon mutually agreed upon minimum levels. The QoS levels for offsite and remote users accessing a corporate or organization network are limited to user's respective home service SLAs, and these SLAs typically do not guarantee the same QoS levels that the users would otherwise enjoy while they are connected to the organization's network.
QoS is usually achieved by prioritizing network traffic. For example, a network or protocol that supports QoS may agree on a traffic contract with application software and reserve capacity in the network's nodes, for example when a network session is being established. During the network session, the network may monitor the achieved level of performance, for example the data transfer rate and delay, and dynamically control scheduling priorities in the network's nodes. The network may release any reserved capacity during a tear down phase when the session is terminating.
QoS comprises all the aspects of a connection, such as time to provide service, voice quality, echo, loss, reliability and so on. A subset of telephony QoS is Grade of Service (GOS), which comprises aspects of a connection relating to the capacity of a network.
When a user accesses a virtual private network (VPN) (e.g., by logging onto a VPN client via an Internet service provider or wireless service provider), the user is typically authenticated by the network. As part of the authentication process, a decision is made as to whether the user is allowed to access the VPN.
There is an increasing need for flexible connection rates and guaranteed QoS levels for remote and home office workers who connect to corporate and organization networks via VPNs. Offsite network services that an organization's employees use are increasing in complexity and are also driving increased bandwidth requirements. Due to these demands, organizations cannot currently efficiently manage and control the quality of connections into their networks from remote client devices. Furthermore, organizations cannot readily guarantee the same QoS for offsite and remote users accessing the organization's network via a VPN that users directly connected to the network have.
When users access an organization's VPN from homes, hotels, and other remote sites, QoS metrics such as connection rate, bandwidth, network latency, maximum upload/download data transfer rates, and the maximum amounts of data that can be uploaded and/or downloaded during a session are limited by the account used to access the VPN. Unless a user's personal account has an SLA that meets or exceeds the SLA of their organization, connections to their organization's VPN via a user's personal account will be inferior (i.e., slower, higher-latency, limited throughput, limited upload/download data transfer rates, etc.).
Therefore, what is needed are systems, methods, and computer program products for providing dynamic QoS for VPNs. What is further needed are systems, methods, and computer program products that dynamically boost a remote user's connection to match the QoS of a VPN to which a user is connecting.
What is also needed are systems, methods, and computer program products that enable network usage and connection time to be attributed and billed to an organization when a user accesses the organization's VPN remotely.
The present invention will now be described with reference to the accompanying drawings. In the drawings, like reference numbers can indicate identical or functionally similar elements. Additionally, the left-most digit(s) of a reference number may identify the drawing in which the reference number first appears.