When organizations originally started building network infrastructure, the internet was not a safe place to conduct business. Companies constructed their own private networks and built firewalls that could protect what was inside. These firewalls protected the private network at the office, so that devices sitting inside the same four walls, on the same local network, were considered trusted and allowed to communicate. As employees worked on the go, however, they wanted to connect to internal machines or services on the company’s private network. To do this, they had to use a Virtual Private Network (VPN).
This perimeter-defense approach came to be known as the “castle and moat” model: VPNs are the bridges, and firewalls are the locked doors that you need a secret password to open.
But with organizations migrating to a cloud-based infrastructure, and with more and more people working remotely, the limitations of the “castle and moat” model have come into sharper focus. When resources are distributed and remote workers use various devices, it no longer makes sense to assume the walls around a physical location are enough to protect all your assets. Traditional VPNs don’t scale well, as connections to the internal network go through a central VPN concentrator, which can create a bottleneck. Speed and reliability can take a hit, too.
Peer-to-peer or mesh networks are one solution to such problems. These services allow machines to connect to each other directly, with coordination provided centrally, reducing bottlenecks, speeding things up, and improving reliability.
In addition, several VPNs have now innovated to offer a “zero trust,” identity-based approach to security, allowing the use of single sign-on and user group-based security policies.
But which among these new VPN solutions is right for you and your organization? To help get you oriented, we offer this collection of articles, each discussing the strengths and drawbacks of other VPN solutions relative to Tailscale.