Remote-Access VPNs
Whereas site-to-site VPNs are used to make a point-to-point connection between two sites over the Internet, remote-access VPNs are used to allow end devices (PCs, mobile phones) to access the company's internal resources securely over the Internet.
Remote-access VPNs typically use TLS (Transport Layer Security).
TLS is also what provides security for HTTPS (HTTP Secure).
TLS was formerly known as SSL (Secure Sockets Layer) and developed by Netscape, but it was renamed to TLS when it was standardized by the IETF.
VPN client software (for example Cisco AnyConnect) is installed on end devices (for example company-provided laptops that employees use to work from home).
These end devices then form secure tunnels to one of the company's routers/firewalls acting as a TLS server.
This allows the end users to securely access resources on the company's internal network without being directly connected to the company network.
Remote-Access VPN vs. Site-to-Site
| Site-to-Site | Remote-Access |
|---|---|
VPNs typically use IPsec | VPNs typically use TLS |
VPNs provide service to many devices within the sites they are connecting | VPNs provide service to the one end device the VPN client software is installed on. |
VPNs are typically used to permanently connect two site over the Internet. | VPNs are typically used to provide on-demand access for end devices that want to securely access company resources while connected to a network which is not secure. |
Last updated
