Laptop VPN for Public Networks and System Administration

Overview

NordLayer is our supported VPN (Virtual Private Network) platform for GitLab Team Members.

The use of NordLayer is optional, however it is recommended when working on guest networks or public Wi-Fi. In other words, you should connect to the VPN to secure your laptop’s traffic anytime that you’re not at home. That could be at a co-working location, an airport, a coffee shop or on a guest network at a customers office.

Some members may use a different VPN solution for these scenarios and we would recommend that they migrate to NordLayer when it’s convenient.

Background Context

When we first approached the idea of a simple VPN for those times that our employees work away from home (coffee shops, trains, planes, etc.), we found a lot of options out there. While many VPN options exist, some are much more than we need, and some far less.

When it comes to our decision on NordLayer, we had a number of things to look at:

  • Is it secure?
  • Is it easy to administer?
  • Does it support multiple operating systems?
  • Are admin actions logged?

We tested many options and while a number fit a few of these, NordLayer fit the most with security being our most important criteria.

System Owner and Support

  • DRI: @adamhuss
  • #it_security_help Slack channel
Laptop VPN Setup Guide
Access Request Please open an Access Request and add /label ~"it-security-status::needs-review". NordLayer Installation After your access request is provisioned, you will receive an email from nordlayer@nordlayer.com with a link to download the application. MacOS: Enter gitlab as the organization. Authenticate with Okta. When prompted, select to Allow an upcoming prompt. Linux: Follow https://help.nordlayer.com/docs/installing-on-linux to download the application and add your user to the user group. Log out and log back in.
Laptop VPN Troubleshooting Guide
Overview Vendor Docs FAQs Linux VPN Protocol In case you are experiencing any issues with your NordLayer connection, the first course of action would be to change the VPN protocol. You can do so by running the following command nordlayer settings set and selecting VPN protocol. Windows 10 Sufficient Privileges Verify that you have sufficient privileges to start system services If you are getting an error ‘Verify that you have sufficient privileges to start system services’ on Windows 10 while installing the NordLayer application - please make sure that you are using an up-to date Windows 10 version.
Last modified July 1, 2024: Add Corporate Security handbook pages (b684cdaf)
View page source - Edit this page - please contribute. Creative Commons License