Anything…..ANYTHING! can be cracked given the right motivation, tools and time.
encrypted VPNs are obviously better at protecting you. You can use Cisco but they have had some appliances with gapping holes in security before now so you’re potentially not getting any benefit other than they are a good strong company with good support.
As soon as you set up a VPN you are sending data out into the wild. It is controlled in that you are sending it directly to the other site however it is still a high risk.
What you need to do is either accept the risk that someone could be sitting ‘man-in-the-middle’ style collecting every packet of data sent.
So what you need to safeguard against are those packets of data being readable. Encrypt whenever possible, with as higher incryption bit as possible. Make it a ball ache for anyone that does get any of your data to read it.
Their are vendors out there that specialise in setting up secure VPN’s (for clients such as banks, financial institutions etc…). If you are unsure of what you are doing or unsure of the risks book a consultancy day with one of these companies. It’ll be expensive so it realy boils down to what risk are you prepared to except and/or how much are you willing to spend.