Though many non-technical people have already been exposed to HTTPS and endpoint VPNs, they usually fail to realize that their home router has the ability to create a site-to-site VPN. A site-to-site VPN, which is extremely similar to a desktop VPN, offers some unique benefits and drawbacks compared to a software VPN.
What is a Site-to-Site VPN?
A site-to-site VPN is just like any other that you purchase from a service provider, with only a few small caveats. First of all, a site-to-site VPN creates a network-to-network VPN as opposed to a PC-to-server one. For example, if you already have a VPN service to encrypt your traffic installed on your PC, the tunnel terminates at two points: your PC and the VPN server. However, a site-to-site VPN tunnel terminates between two networking devices (usually routers with firewall capabilities for consumers).
One large advantage of a site-to-site VPN is that it offloads the encryption and processing overhead from your PC to your security device or router. This will help to free up local hardware resources such as processor speed and memory consumption.
In addition, you don’t have to constantly log in and log out of a VPN that terminates on your PC. Because SOHO (small office/home office) routers are constantly plugged in and are rarely rebooted, a site-to-site VPN will be active longer without the need to login.
Largest Disadvantages of a Site-to-Site VPN
The largest drawback to a site-to-site VPN is that you lose mobility concerning when and where you can send encrypted traffic. Site-to-site VPNs are static by nature, and only exist between two remote endpoints. You cannot, for example, establish a secure tunnel from anywhere you have a Wi-Fi connection. You can only send encrypted traffic between two specific networks. This is one reason why a software VPN is so attractive to the vast majority of end users.
Furthermore, you need a little technical know-how or a solid how-to guide to setup a site-to-site VPN correctly. You need to have access to both ends of the VPN tunnel or work with someone who does. Common technical considerations need to match on both ends of the tunnel such as the private key, the encryption algorithm and cypher used, as well as the local and remote traffic to encrypt/decrypt.
Where to Create a Site-to-Site VPN
Essentially, you want to create a site-to-site VPN between two private networks where you usually connect. For example, some organizations want their employees to create a site-to-site VPN from a user’s home network to an isolated area of their corporate network. This allows employees to connect to corporate network resources securely for remote-work or work-at-home applications.
However, you need to think about two physical locations that you want to send encrypted traffic to before you can implement a site-to-site VPN. If you lack two common private networks that you frequently connect to, a software VPN is most likely your best option to protect your online privacy. Though site-to-site VPNs improve you computing device’s hardware resources, a software VPN will provide you with unrestrained mobility.