{"id":6188,"date":"2021-01-14T14:32:02","date_gmt":"2021-01-14T12:32:02","guid":{"rendered":"https:\/\/tekmart.co.za\/t-blog\/?p=6188"},"modified":"2021-01-14T14:32:03","modified_gmt":"2021-01-14T12:32:03","slug":"remote-access-vs-site-to-site-vpn-whats-the-difference","status":"publish","type":"post","link":"https:\/\/tekmart.co.za\/t-blog\/remote-access-vs-site-to-site-vpn-whats-the-difference\/","title":{"rendered":"Remote access vs. site-to-site VPN: What’s the difference?"},"content":{"rendered":"Reading Time-approximately:<\/span> 3<\/span> minutes<\/span><\/span>\n

A remote access VPN connects remote users from any location to a corporate network. A site-to-site VPN, meanwhile, connects individual networks to each other.<\/strong><\/h2>\n\n\n\n

By Paul Kirvan<\/a> and Lisa Phifer<\/a><\/p>\n\n\n\n

Remote working has become pervasive in business processes. While remote work, or teleworking, has been around for years — and the technology has become largely standardized — its importance to businesses increased significantly in 2020. Remote access to corporate networks and internal resources is now the norm, rather than the exception, for public and private businesses of all types and sizes.<\/p>\n\n\n\n

As such, the primary remote access technology is the virtual private network, or\u00a0VPN. In this article, we’ll compare two different types of VPNs that make remote work possible: a remote access vs. site-to-site VPN.<\/p><\/blockquote><\/figure>\n\n\n\n

First, a VPN is a virtual<\/em> network, as opposed to a physical network. Connections are made using information from internet protocols, such as an IP address, to establish an encrypted tunnel between two endpoints. Data packets are transmitted via the internet over a variable set of routes, based on available network paths, to a receiving end that reassembles the packets into their original format.<\/p>\n\n\n\n

By contrast, a physical<\/em> network requires a hard-wired connection between endpoints, using a single communication link, like a private data channel. VPN traffic is typically secured using encryption, often with a security appliance on each end of the connection.<\/p>\n\n\n\n

When pitting a remote access vs. site-to-site VPN and choosing between the two configurations, data center network managers must consider the roles they want\u00a0VPN technology\u00a0to play.<\/p>\n\n\n\n

What is a remote access VPN?<\/strong><\/h3>\n\n\n\n

Most widely used today for remote workers, especially employees working from home, remote access VPNs connect individual users, or clients, to private corporate host networks. Typically, remote access users include travelers,\u00a0teleworkers and mobile users\u00a0who need to access their company’s internal network securely over the internet.<\/p>\n\n\n\n

In a remote access VPN, every host accessed by remote users must have VPN client software. Whenever the remote user prepares to send traffic, VPN client software in a router encapsulates and encrypts that traffic before sending it over the internet to a VPN gateway at the edge of the target corporate network.<\/strong><\/p><\/blockquote>\n\n\n\n

Upon receipt, that VPN gateway behaves just like in a site-to-site VPN. If the target host inside the corporate network returns a response, the VPN gateway performs the reverse process to send an encrypted response back to the VPN client over the internet. Firewalls may also be present to further\u00a0protect network traffic\u00a0from unauthorized intruders.<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

What is a site-to-site VPN?<\/strong><\/h3>\n\n\n\n

By contrast, site-to-site VPNs connect multiple networks to each other, typically a branch office network to a company headquarters network. In a site-to-site VPN configuration, hosts do not have VPN client software; they send and receive normal\u00a0TCP\/IP\u00a0traffic through a VPN gateway.<\/p>\n\n\n\n

The VPN gateway encapsulates and encrypts outbound traffic, sending it through a\u00a0VPN tunnel\u00a0over the internet to a peer VPN gateway at the target site. Upon receipt, the peer VPN gateway strips the headers, decrypts the content and relays the data packets toward the target host inside its private network.<\/p><\/blockquote>\n\n\n\n

Remote access VPN security protocols<\/strong><\/h3>\n\n\n\n

When comparing a remote access vs. site-to-site VPN, security is an important factor. Multiple remote access VPN configuration protocols can be used. Each approach requires VPN client software on every remote system, as well as a VPN gateway at the corporate headquarters network. The corporate host supports the same protocols and options or extensions to facilitate access from remote user networks.<\/p>\n\n\n\n

The most common secure tunneling protocol used in VPNs of each type is the\u00a0IPsec\u00a0encapsulating payload protocol. IPsec is an extension to the standard IP security standard used by the internet and most corporate networks today. Most routers and firewalls now support IPsec.<\/p><\/blockquote>\n\n\n\n

Alternatives to IPsec VPNs are\u00a0Secure Sockets Layer (SSL) VPNs. These are often referred to as\u00a0clientless<\/em>\u00a0in that they do not require the use of specialized software on the remote user’s computer. In an SSL VPN, the remote user connects to the network through a web browser. Information is encrypted either with SSL or the Transport Layer Security protocol.<\/p>\n\n\n\n

Site-to-site VPNs typically use the IPsec protocol. Another site-to-site VPN protocol is\u00a0MPLS, but MPLS does not provide encryption.<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

Benefits of remote access VPNs<\/strong><\/h3>\n\n\n\n

Remote access VPNs enable remote users to connect to a corporate host network from any location, which makes them beneficial for enterprises with employees and customers who are highly mobile. Data transmitted through remote access VPNs is encrypted, which means remote users can take advantage of public Wi-Fi connections or other places where traffic isn’t generally secured.<\/p>\n\n\n\n

Benefits of site-to-site VPNs<\/strong><\/h3>\n\n\n\n

Site-to-site VPNs connect individual networks to each other, so they are well suited for organizations with\u00a0multiple locations. Information can be sent securely through site-to-site VPNs, and they can handle mission-critical traffic, such as VoIP communications, which requires low latency and good quality of service.<\/p>\n\n\n\n

Site-to-site VPNs also offload encryption and processing overheads from host PCs or devices to a separate security or router component. Additionally, they reduce the need for users to constantly log in or log out of a VPN connection.<\/p><\/blockquote>\n\n\n\n

Planning considerations for VPNs<\/strong><\/h3>\n\n\n\n

When planning remote access VPNs, network administrators should make sure they have a sufficient number of VPN software licenses and sufficient network bandwidth to ensure throughput and minimal latency for remote users. From an operational perspective, periodically use network\u00a0sniffing\u00a0and monitoring equipment to ensure the integrity of network traffic.<\/p>\n","protected":false},"excerpt":{"rendered":"

Reading Time-approximately:<\/span> 3<\/span> minutes<\/span><\/span>A remote access VPN connects remote users from any location to a corporate network. A site-to-site VPN, meanwhile, connects individual networks to each other. By Paul Kirvan and Lisa Phifer Remote working has become pervasive in business processes. While remote work, or teleworking, has been around for years — and the technology has become largely standardized — its importance to<\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[185,4,30,3,188,116],"tags":[],"class_list":["post-6188","post","type-post","status-publish","format-standard","hentry","category-data-center-hardware-terminology","category-datacenter-news","category-expert-advise-and-opinion","category-industry-news-and-expert-advise","category-network-infrastructure","category-network-security"],"_links":{"self":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/6188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/comments?post=6188"}],"version-history":[{"count":1,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/6188\/revisions"}],"predecessor-version":[{"id":6189,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/6188\/revisions\/6189"}],"wp:attachment":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/media?parent=6188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/categories?post=6188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/tags?post=6188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}