NordLayer Review: Secure, Flexible VPN Service for Businesses

The internet has changed how we do business, as well as how we live our everyday lives. Each time we go online, we’re connected to a worldwide network of resources and information. For businesses, this means that people thousands of miles apart can collaborate on a project in real time. For individuals, it means you can move money from your checking account to savings without calling your bank. But in both cases, you’re not just accessing good things online. The same technology that connects us also exposes us to bad actors. Hackers are constantly trying to steal our identities, which can be a nightmare for a company’s HR department.

These risks are well-known, and have been for some time. It’s not exactly shocking that when you go on the internet, you might get a virus. And as a result, there are a number of tools that people and businesses use to keep their systems safe. Some of these are client-side applications that are used to protect computers directly. For example, you might use antivirus software on your computer, as well as a firewall for added protection. But what do you do to keep your information safe in transit? In that case, a VPN, or Virtual Private Network, can be the ideal solution.

A VPN is exactly what it sounds like – a virtual network. It helps keep your traffic safe by disguising the traffic’s origin. Normally, your traffic would travel from your system directly to the person you’re communicating with. They can view the traffic’s origin, which makes it easier to execute a man-in-the-middle attack. With a VPN, data is sent from your system through the VPN’s servers, and then to the other person. You can be located in Chicago, but appear as if you’re running out of a data center in Stockholm. Needless to say, this can make your company’s data far more secure.

Today, we’re going to review a popular “new” VPN service, NordLayer. We used quotation marks because NordVPN has actually been around for several years. They’re one of the most popular VPN services on the market. However, their standard service is designed for individuals or sole proprietors. NordVPN, on the other hand, is designed for enterprise-scale use. Let’s see how it compares!

What is NordLayer?

NordLayer is an enterprise-scale VPN service built on the same backbone as their consumer service. However, the interface and functions have been retooled to better serve businesses. Via an easy-to-use control panel, you can change options for the entire company, as well as for individual users.

In terms of location support, we were mildly disappointed. The ordinary NordVPN service has servers in 59 countries. This has been cut to 31 for NordLayer. That said, you get more options than you do with the consumer VPN. You can add your own custom gateways, and determine which users and teams use which gateways. For example, you could route your San Francisco team through a server in the UK, with just a few clicks.

This service supports two-factor authentication through a number of different methods. You can use Authy, Azure AD, Google Authenticator, GSuite, Okta, OneLogin, or Sami. Alternatively, you can simply use a cell phone number as your authentication. Within the software, you can also choose specific IP ranges to authorize. Through this whitelisting process, you can restrict access only to IPs used by your company. This helps prevent unwanted individuals from accessing your VPN.

NordLayer is available in three different service levels. The Basic service covers all of the basic features. You get the web console, easy billing, third-party two-factor authentication, and support for any OS. The Advanced service provides you with 24/7 phone support, as well as your own account manager. You can even add your own dedicated servers at an extra cost. For the highest number of features, you need the Enterprise plan. This plan supports LDAP active directories, site-to-site VPNs, and even running your own servers. All three plans provide easy, automated billing, and a 30-day money-back guarantee. Not only that, but licenses are transferrable. If an employee quits, you can simply transfer their license to their replacement.

If you’re an sole proprietor or a DBA, you might want to save money by using NordVPN’s consumer service. You could also use a hardware solution like the Syfer Smart VPN Router. This has a similar per-person price, and it’s easy to use. That said, it’s not a scalable solution for larger organizations.

NordLayer Interface

One thing we appreciated about the NordLayer dashboard is how easy it is to use. While it’s only available on the web, it’s still a great way to manage your VPN. When you add employees, you type in their email address, and click a button. You can also add multiple employees at once by adding multiple email addresses. Once they’ve been entered, you can choose which version of the VPN they’re going to need. They can receive an invitation to download an app for PC, Mac, iOS, or Android.

You can divide your employees into teams, which is where this service gets its name. These can be physical offices, company departments, or some division of the two. In the Basic service, this just gives you another way to find employees, besides listing them alphabetically. From the administrator dashboard, you can then access their profiles or reset their passwords. The Advanced service offers a bit more functionality. You can view when a user has last been logged in, and what devices they were using. This makes it easy to ensure that your employees are using the VPN like they’re supposed to.

The NordLayer client apps are simpler than their counterparts for the standard service. Users can log in, log out, and select the type of security protocol they’re using. They can also choose which country to log in from. The interface differs slightly from platform to platform. But for the most part, the Windows, Mac, Android, and iOS apps offer the same set of features.

NordLayer Security

If you’re looking for a VPN provider who’s dedicated to security, NordVPN is tough to beat. Here’s a quick anecdote that illustrates how dedicated they are to keeping their users’ data private.

In 2019, the company announced that one of their server had been hacked. This server did not store any identifiable information, due to NordVPN’s strict “zero logs” policy. In other words, no customers were harmed. Nonetheless, out of an abundance of caution, NordVPN went back and retooled all their servers anyway. Now, none of their servers utilize physical memory, except for a tiny partition with the OS itself. They’re RAM-only, so no customer data is ever stored, period. It can’t even happen by accident, because there’s no disc space to store it on. This re-tooling was not cheap, and it illustrates NordVPN’s dedication to customer privacy.

Another benefit of NordVPN is that they utilize AES-256-bit encryption. Now, the ordinary standard of 128-bit encryption is normally unbreakable by anyone short of a state-level actor. Why would you want a system that’s twice as safe? Simply put, it’s not just twice as safe. It’s 2128 times as safe, which is a number so long it displays logarithmically on our calculator. Even the NSA would need to work until the heat death of the universe to break one AES-256 key. In other words, even in the unlikely event that someone intercepts your data, it will be indecipherable to them.

When you make your connection, NordVPN continues to employ further extra privacy techniques. For one thing, you can choose to use their Onion Over VPN option. This is sort of like a double VPN. Your data first goes to NordVPN’s network, then through the Onion network, and then to the recipient. Even if someone tracks the location of one connecting server, they won’t find both. And unlike many Onion routing services, you don’t have to set up any extra services or software. You just select the Onion option in your VPN dashboard, and NordVPN takes care of the rest.

Along the same lines, you can use a literal double VPN instead of the Onion. With this setting, your traffic goes to one NordVPN server, then to a second NordVPN server. From there, it goes on to its destination. Now, you might run into some traffic bottlenecks with either of these methods. By their very nature, VPNs – and the Onion – are slower than the regular web. Stringing these kinds of connections together can slow you down even more. But you can still get speeds upwards of 50Mbps, depending on which servers you’re using. That’s plenty for most business applications.

In addition to server-side protection, NordVPN also provides protection on your side, the client side. There are not one, but two kill switches built into the software. The first is a general kill switch. If the VPN connection is lost, the internet connection is automatically shut off for your entire system. Even under stress testing, we weren’t able to break this feature. This is very useful, although you’ll want to explain it to users when their VPN is first set up.

The other option is the app kill switch. This is similar to the general kill switch, but only blocks traffic from certain applications when the VPN is off. For example, it could block traffic through company apps or company email, but still allow Netflix traffic. This can be useful if you have a bring your own device (BYOD) policy. You can protect sensitive company data, without preventing your employees from using their own computers.

Final Verdict

NordLayer is an excellent VPN solution in most respects. Our only serious complaint is the lack of 24/7 support for the base level plan. Other than that, this service offers everything. The double kill-switch is particularly useful, particularly if your company has a BYOD policy. The AES-256 encryption is unbreakable for all intents and purposes. And as for ease of use, the dashboard is pretty straightforward. There’s a lot to like about NordVPN’s enterprise service!