Thank you for your thorough response, James! Gave me def. some food for thought. We have VPN solution available I just haven't used it. I guess it's about time I start checking it and crowd render out. Thanks again!

Hi Kasper,

Ok, security depends on how you connect, using a VPN is as secure as the VPN if you want to use one.

Crowdrender does encrypt all its data, however, so you'd be using double encryption if your VPN also uses encryption, which is probably all VPNs these days.

If you wish to use Crowdrender without a VPN, then you'd need to setup port forwarding, but I don't recommend this approach. Crowdrender can only really connect to just one computer at a remote network to use it as a render node. That limitation may be ok for you, it may not, but using a VPN gets around this limitation.

Also if you can find a good VPN software that can be setup without port forwarding required at either office, that would be the most secure. We've used soft ether successfully in tests, but it requires port forwarding to send traffic to a VPN server. So in that scenario there is a permanent forwarding rule through your NAT, sending ANY traffic from the internet that specifies the ports you have setup. This would be the main vulnerability you'd need to counter.

The same would go for Crowdrender being used without a VPN, port forwarding is necessary here to allow connections. The forwarding in this case, however, happens on the render node's network, and directs requests for rendering to the render node. This means you're render node is listening to traffic coming from the internet. Not great in my opinion.

At least with a VPN, you can create a computer to act as the server and handle the VPN traffic from the internet. This machine can be locked down to only allow VPN traffic in/out of its network interface, you can also only allow it to talk to the IP address of the other office so it will ignore traffic coming from somewhere else on the internet.

Hope this helps :)