Product
Solutions
Enterprise
Customers
Docs
Blog
Pricing
Download
Contact sales
Get started - it's free!
Login
WireGuard is a registered trademark of Jason A. Donenfeld.
Terms of ServicePrivacy Policy
© 2025 Tailscale Inc. All rights reserved. Tailscale is a registered trademark of Tailscale Inc.
Go back

Tailscale for Media Companies

In this article, we will explore an example of how a media company can use Tailscale to facilitate large-file collaboration and transfer with reduced latency, without incurring fees from a CSP, and while maintaining security.

Collaboration is at the core of most creative endeavors. Teams that work with video, graphics, music, or other large media files require the ability to move, transfer, collaborate, and safely store them with little latency.

Having a remote workforce can complicate things. For example, you might have an employee who is editing a large graphics file on a physical laptop. It doesn’t sound like too much, but often they’ll likely be connected to the company VPN and possibly on public wifi. If they need to transfer that file to a colleague to meet a deadline it’s taking the slowest route with the slowest upload speed. Creatives who are working in these situations expect to be collaborating quickly. As a technical team, you want this process to be quick, economical, secure, and not overly complex. Not everyone on the team has the background to use a complex solution. It just has to work. This is a common problem and typically teams turn to IT for help.

In this article, we will explore an example of how a media company can use Tailscale to facilitate large-file collaboration and transfer with reduced latency, without incurring fees from a CSP, and while maintaining security.

A Hypothetical Example

Suppose the IT team at a media company has been asked to set up a solution that facilitates the creative process while also securing it and making sure it is protected from plagiarism, theft, and destruction. The company has engineers and graphic designers who are working with 3D modeling and they produce very large files. The solution needs to be:

  1. cost effective
  2. high speed
  3. simple to set up and maintain
  4. quick roll out
  5. performant

The creative team uses Windows machines and also uses remote desktop to connect to headless workstations to access additional team resources. The IT team explores creating a new infrastructure via Azure, specifically AVD (Azure Virtual Desktop). When large files are involved, high performance compute is needed which Azure GPU can provide. In addition to Azure AVDs, IT would have to set up a gateway, a broker, a new firewall, and purchase additional licensing. Costs can quickly get out of hand when dealing with large files over the cloud.

Media companies likely already have an existing infrastructure managed by the legacy VPN. VPNs can be slow and cumbersome to manage. Tailscale is a VPN replacement that overlays and connects your existing network infrastructure, provides secure remote access capabilities, and access controls via an ACL policy file.

For instance, our hypothetical media company could store all of their large files on headless workstations and add those workstations to their Tailscale network (tailnet) by installing Tailscale on each machine which allows teams to remote access in. The ACL policy file can tag workstations based on their purpose and only allow access to the teams who need it. For example, the video editing team only has access to the video editing headless workstation, etc.

This is a more cost-effective option relative to AVD (Azure Virtual Desktop) which requires you to spin up a number of other things such as a gateway, a broker, additional licensing, and secure all of your ports with Azure firewall pricing. Azure also charges for data both in-transit and at-rest. These costs can really add up fast for media companies who have data storage and transfer needs in the terabytes.

Remote access and file transfer options with Tailscale

Tailscale SSH: Tailscale SSH can give you a more direct and an even more protected connection than a remote desktop session and includes everything that you’d expect from SSH: authentication, authorization and encryption but without the hassle of requiring a user to manage keys. Additionally, Tailscale SSH session recording allows you to stream logs of Tailscale SSH sessions to another node in your tailnet. These recordings are encrypted end-to-end just like all other Tailscale traffic.

Remote Desktop Application: You can utilize an OS-based RDP app (for example, Microsoft Remote Desktop) or a third party solution with Tailscale. This gives you the flexibility to use whatever is best or preferred for your users and expect the high speed experience you want to provide. Add the host machine to your tailnet and you’ll be able to provision access and control its relationship with the Client. Once you’ve accessed the remote machine, you can use Taildrop to facilitate file transfers.

Taildrop: Taildrop is a feature of Tailscale that allows you to move files from one location to another and is OS agnostic. Meaning, you can transfer files from that headless Windows machine to your Android device. This enables teams to move files between two systems or devices in a secure manner but also incredibly fast over your Tailscale mesh network in the fastest way possible. The following file types can all be transferred via Taildrop (common examples, but not limited to):

  • Music file formats: AAC, MP3, WAV, WMA, DOLBY DIGITAL, DTS
  • Photo file formats: JPEG, GIF, TIFF, BMP, SVG
  • Other available music file formats: AIFF, ASF, FLAC, ADPCM, DSD, LPCM, OGG,
  • Video file formats: MPEG-1, MPEG-2, MPEG-4, AVI, MOV, AVCHD, H.264, H.265., .FLV, .SWF, 3gp, .3g2, .MP4, .M4A, .M4P, .M4B,.M4, .M4V,
  • Other available video formats: DivX and DivX HD, Xvid HD, MKV, RMVB, WMV9, TS/TP/M2T, WMV.
  • Autodesk AutoCAD: .dwg, .dwt, .dxf, .dwf, .dst
  • Adobe: .PSD, .AI, .INDD

By installing Tailscale on each node, it enables teams to utilize the network that is already in place to create a secure environment with point to point connections eliminating the need for a complex and costly cloud solution. Most media companies likely already have high performance machines which make options like Remote Desktop viable and incredibly fast over your Tailscale network.

VPNs are not known for being able to move data quickly due to their architecture. Funneling traffic through a single concentrator can add a significant amount of latency - especially when dealing with large media files.

Tailscale, a mesh-capable VPN which offers point-to-point connections, can facilitate significantly faster file transfer speeds due data packets having to travel less distance. Also, teams can connect via cellular signals and a simcard in the laptop with no noticeable degradation in performance. For instance, if your design team needs to get two full screen remote displays running streaming video at 30 fps and use a high performance graphics editor with no noticeable latency.

Setting up Tailscale is relatively simple compared to traditional VPNs.

  • Sign up for a Tailscale account: Get started with a free plan to test all the features. Tailscale requires a Single Sign-On (SSO) provider, you will need an Apple, Google, Microsoft, GitHub, Okta, OneLogin, or other supported SSO identity provider account to begin.
  • Download Tailscale to the machines you want to add to your network: Tailscale helps you connect your devices together. For that to be possible, Tailscale needs to run on your device. Tailscale works with Linux, Windows, macOS, Raspberry Pi, Android, Synology, and more. Download Tailscale and log in on the device.
  • Add another machine to your network: Add more of your devices and share Tailscale with your peers to grow your private network. Add more machines to your network or invite others to join your network.

Congratulations! You just created your tailnet!

Provisioning access

Tailscale uses Access Control Lists (ACLs) to setup and provision access for both devices and users of your tailnet. 

In order to maintain a secure posture while connecting users and devices, Tailscale provides a flexible system to grant and restrict access to only those who require it. This means that your security remains invisible to your users in the sense that it does not impact their experience by adding layers of authorizations and sign in points.

ACLs prevent accidental access to something out of scope for certain teams and it prevents bad actors from accessing the network through one point via an organized attack and then having free reign once inside (known as a lateral attack). Tags and Groups work in conjunction with your ACL file to make configuration for new users and resources simple and efficient.

Network Access Control Lists (ACLs) are the highest level of control that is going to make sure that the users and devices existing on your tailnet can speak with each other. It will monitor all traffic to validate if that user or system is allowed basic communication and then the east to west prevent the user or system from speaking to others that may not have the same access.

Tags allow for a more specific and granular access control over team resources. You can use ACL tags to make sure that your users have access to specific resources that are required for their role and their function and nothing else. For example, you might tag a music file server tag:music and allow all tag:music devices to communicate with each other in your network, rather than having to specify each device individually. 

Groups allow you to extend that granular control and create a pool of access. This is sometimes known as Role-Based-Access-Control(RBAC). Typically networks are not able to be as flexible as other IAM approaches, but utilizing Groups provides your Tailnet with a level of control that can really be classified as RBAC for a VPN. With Groups you define a shorthand for a group of users, which you can then use in ACL rules instead of listing users out explicitly. Any change you make to the membership of a group is automatically propagated to all the rules that reference that group.

Conclusion

Media companies face many complexities with managing digital assets and the creatives that work on them. Tailscale is built to keep the configuration to a minimum and the creative work to a maximum. Managing the security of your media company can often take you away from the things that are core to the business and Tailscale can help keep your focus on the creative and manage the solution for you.

Weather you need an RDP, SSH or file sharing solution Tailscale can help you secure your network economically, maintaining the high speed you need to operate well, roll it out quickly and make it simple to operate.

Try Tailscale for free today.

Try Tailscale for free

Get started
Schedule a demo
Contact sales
cta phone
mercury
instacrt
Retool
duolingo
Hugging Face