What is a VPN?
A Virtual Private Network (VPN) creates an encrypted connection between a device and a network over the internet. It provides privacy, security, and the ability to access resources as if directly connected to the private network.
VPN Types
Remote Access VPN
- Individual users to corporate network
- Client software required
- Common for remote work
Site-to-Site VPN
- Connect entire networks
- Router/firewall based
- Branch office connectivity
Client-to-Site
- Cloud resources
- Modern approach
- Zero-trust compatible
VPN Protocols
| Protocol | Security | Speed | Use Case |
|---|---|---|---|
| WireGuard | High | Fast | Modern default |
| OpenVPN | High | Medium | Widely supported |
| IKEv2/IPsec | High | Fast | Mobile devices |
| L2TP/IPsec | Medium | Medium | Legacy |
| PPTP | Low | Fast | Deprecated |
Enterprise VPN Considerations
Split Tunneling
- Only route specific traffic
- Reduce bandwidth
- Security trade-offs
Always-On VPN
- Automatic connection
- Consistent security
- Zero-trust approach
VPN vs. ZTNA Modern trend toward Zero Trust Network Access as VPN replacement.
VPN Components
Client
- Software on user device
- Establishes connection
Concentrator/Gateway
- Terminates connections
- Enforces policies
Authentication
- User credentials
- Certificates
- MFA integration
Security Best Practices
- Require MFA
- Use modern protocols
- Implement split tunneling carefully
- Monitor connections
- Regular client updates
- Consider zero-trust alternatives