Designing Site-to-Site VPNs

Site-to-site VPNs are an alternative WAN infrastructure used to connect branch offices, home offices, or business partners to all or portions of an enterprise network. VPNs do not inherently change private WAN requirements, such as support for multiple protocols, high reliability, and extensive scalability, but instead meet these requirements more cost-effectively and with greater flexibility but possibly lower performance or service-level agreements (SLA). Site-to-site VPNs use the most pervasive transport technologies available today, such as the public Internet or service provider IP networks, by using tunneling and encryption for data privacy and quality of service (QoS) for transport reliability.

Site-to-Site VPN Applications

Site-to-site VPNs can be used to replace costly WAN services or serve as a backup for disaster recovery purposes. Site-to-site VPNs can also help organizations meet regulatory requirements by providing encryption for sensitive data. This section examines these common uses for site-to-site IPsec VPNs.