What is a Site-to-Site VPN?

Site-to-Site VPN
Written by: Per-Erik Eriksson

A site-to-site VPN is a virtual private network designed to communicate between two or more networks (i.e. sites). Companies with multiple offices in different geographical locations frequently use this type of VPN.

With the help of a site-to-site VPN, employees working in remote offices can safely connect to the corporate network to communicate and share data. For example, a base office in New York can communicate with its branch offices in London, Munich, Sydney, or elsewhere.

Difference Between Remote-Access VPN and Site-to-Site VPN

Remote-access VPNs were initially intended for the use of employees to safely connect to their company’s LAN (Local Area Network). Nowadays, they are mostly associated with the personal use of consumers who wish for more privacy online. In contrast, many large businesses are shifting towards site-to-site VPNs. Read on to learn why.

Remote-Access VPN

With a remote-access VPN, employees working remotely can connect to their company’s LAN via their own device and access the company network. To do this, the remote device requires a NAS (Network Access Server), which authenticates the device and allows it to sign into the VPN. The remote user must also have client software, which creates a virtual tunnel between the two networks. Through this tunnel, the information sent by the remote device is encapsulated, encrypted, and sent to the VPN gateway, which decrypts the content and transfers it to the LAN.

Individual users also use this technology to communicate with an outside network to conceal their online activity and traffic.

Site-to-Site VPN

A site-to-site VPN securely connects two or more LANs in geographically separate locations. There are no limitations regarding the physical distance of users and the number of sites involved, which is the main reason why this technology has become the preferred choice of many large businesses with offices in different parts of the country or even on different continents. While remote-access VPNs connect individual users to a private network (for example, their headquarters), site-to-site VPN technology uses IPsec (Internet Protocol Security) to create an encrypted tunnel between the whole or only a part of a LAN on both sides.  

Another difference between the remote-access and site-to-site VPNs is that the latter does not require any VPN software installed on your device. They send traffic through VPN gateways. 

Types of Site-to-Site VPNs

Site-to-site VPNs can be divided into two types: intranet-based and extranet-based site-to-site VPNs.

Intranet-based site-to-site VPNs are used by employees of the same company working in different locations. On the other hand, extranet-based site-to-site VPNs are used by two or more different companies that want to share some information and keep other information private. This type of connection facilitates cooperation without exposing any sensitive data.

How to Choose the Right VPN for Your Business

Ultimately, three things should be considered when choosing a VPN for business:  the size of the companythe number of external offices, and the confidentiality of the shared data.

In the case of large businesses with multiple offices in different locations and high data sensitivity, priority should be given to site-to-site VPNs. On the other hand, remote-access VPNs are sufficient to cater to the needs of smaller or medium-sized companies which do not have remote offices but have remote workers who need access to the HQ’s network. Nevertheless, an extranet-based site-to-site VPN allows you to communicate with other companies, which could prove helpful at some point. 

Related articles