My friend happens to be in Boston, and has a decent cable connection (25/5 Mbps). The first thing we tried was pinging, which usually averaged 20 ms but would spike up to 400 ms every so often—not bad overall. My internet connection is a 25/25 connection from Verizon Fios.
We then decided to try file sharing. I pushed a file to him at an average speed of 15 Mbps, which was not maxing out either connection. We made sure nothing else was running on either network to be sure about this speed. 15 Mbps is pretty quick for a software VPN connection, especially after doing a traceroute and seeing the traffic was going through NYC, which is a very busy Internet hub.
After seeing that throughput, I decided to do one more test (which ultimately held up this review, but was worth it). We both opened iTunes and set up sharing. He then proceeded to stream an HD video (720p) from me, with no loss in quality and no dropouts for the 15 minutes he ran it. I then tried pulling from him, which didn’t work as well, since I maxed out his 5 Mbps upload speed, which is just not enough for HD. SD video worked well though, as did streaming MP3s.
We also tried a VNC connection, since this might be more typical VPN'd traffic. This also worked better connecting to my machine, because I have higher upload bandwidth. However, connecting to him on his 25/5 connection was very usable, as long as I tuned the VNC settings correctly.
Access and Security
Accessing the Hamachi2 VPN network is through the LogMeIn client only, due to the proprietary method it uses for creating connections. There are official clients for Windows and OS X, and a beta client for Linux, which is command line only and has limited support.
Administrators have control over the network from a decent web portal, and can configure numerous options. The web portal is a little confusing since it presents the entire LogMeIn product options. So if you are only using Hamachi2, there are several options you won’t ever use.
Hamachi2 backend web manage
Hamachi2 is well secured, offering RSA Key Exchanges and AES-256 tunnel encryption. Packets are authenticated using a SHA1 encryption hash, and are numbered to prevent replay attacks.
There are still some security concerns, however. Hamachi doesn’t use IPsec, most likely due to the nature of Hamachi’s connection types. For this reason alone, many businesses won’t be able to use Hamachi, since it won’t pass muster for information security audits.
VPN security technologies such as ESP, SA, and ISAKMP aren’t specifically called out in Hamachi2's documentation. The use of Diffie-Helmann infers that perfect forward secrecy (PFS) is in use, but it can’t be managed.
Additionally, in the event you must use a relay server, data will be temporarily passed through LogMeIn. For many, this may seem innocuous because LogMeIn doesn’t keep data on its relay servers. But the fact a relay server could be used, means many businesses can’t use Hamachi2 for HIPAA or other compliance reasons.
LogMeIn offers support to all people using Hamachi2 by way of a support hot line, email ticketing and an active community forum. It’s interesting to note that purchasing a subscription to Hamachi2 does not actually improve support in any fashion, which is not the case for most LogMeIn products. In fact, most LogMeIn products require purchasing a subscription in order to get support.
Overall, LogMeIn Hamachi2 does the job it sets out to do: creating secured VPN networks easily and quickly. Some of the security concessions won’t work for certain businesses that must meet specific industry regulatory requirements. But for many businesses, Hamachi2 will work quite well.
However, once a business hits a certain size, the mission-critical nature of VPN could rule out Hamachi2. The reason is most businesses will want to use Hamachi in the Gateway mode, which requires installing Hamachi on a Windows computer; something not generally known for long-term stability.
LogMeIn, however, does require that a Gateway system can't be a member of any other network and can't be a domain member. If absolute reliability is a must, it would make sense to have a dedicated gateway system with Windows update disabled and unnecessary processes shut down.
Even then, I recommend any business looking into Hamachi be aware of its limits, and plan to replace it once they have the revenue to step into a proper VPN appliance.