Blog article

VPN Concentrator Explained

VPN concentrators are stand-alone devices that create secure encrypted tunnels to provide remote access to company resources over the public internet.

7

Min read

VPN
Table of Contents
This is also a heading
This is a heading

VPN router, VPN gateway, or VPN concentrator? The borders between the three may be blurry, but there exist some practical differences.

This article describes what the VPN concentrator is and what it does.

Table of contents

What is a VPN concentrator?

What does a VPN concentrator do?

How a VPN concentrator works

Benefits of using a VPN concentrator

Drawbacks of a VPN concentrator

Alternatives to a VPN concentrator

Summary

What is a VPN concentrator?

A VPN concentrator is a dedicated network device (hardware or virtual) that provides secure connections between remote users and a company network. VPN concentrators tend to be enterprise-grade devices capable of handling a large number of parallel connections.

You may think of it as a scaled-up VPN router with a few bells and whistles attached, or another name for a VPN gateway marketed as a stand-alone product.

Fig. 1 – VPN concentrator deployment

What does a VPN concentrator do?

The main purpose of a VPN concentrator is to provide secure remote access over the public internet via a secure tunnel.

In the language of VPNs, this is called a point-to-site VPN. However, in companies with several remote branches, individual local concentrators can be interconnected via site-to-site tunnels.

In addition, VPN concentrators may handle other tasks, such as:

  • User authentication – Only verified company employees are granted access with assigned privileges, which prevents unauthorized access and protects company data from theft and misuse.
  • Traffic encryption – VPN concentrators establish end-to-end encrypted connections (VPN tunnels), which conceal data during transit over the internet and protect it from interception.
  • IP address assignment – Users are assigned IP addresses, e.g. to provide secure remote access to cloud systems (IP whitelisting).

Thanks to this, VPN concentrators fulfill several use cases.

  • Secure remote access – The primary use case is to provide remote access to remote employees with the same level of security and privacy as they would enjoy on the company LAN.
  • Network segmentation – VPN concentrators capable of assigning privileges can segment the network by limiting the number of privileges a user receives, which contains an attack in a limited number of systems if the attacker succeeds in penetrating the network.
  • Identity obfuscation – Encapsulation in an encrypted tunnel hides metadata about the communicating parties, such as IP address or port number, which conceals the user’s activity on the internet and protects their data from interception.
  • Application access – Modern VPN concentrators allow remote users to safely access SaaS applications by establishing a private tunnel between them and the application.

How a VPN concentrator works

Before any data passes between the company network and the user, the VPN concentrator creates an encrypted tunnel. It can use several VPN protocols to do this, and more than one at a time.

The traffic is then sent through this tunnel, encrypted before departure and decrypted upon arrival.

Benefits of using a VPN concentrator

VPN concentrators provide several benefits.

  • High workloads – VPN concentrators are robust stand-alone devices capable of handling hundreds of parallel tunnels.
  • Central administration – VPN concentrators provide central management of secure VPN connections
  • Access control – VPN concentrators allow restricting user access to selected systems based on attributes or roles.

Drawbacks of a VPN concentrator

VPN concentrators aren’t for everyone. Despite their benefits, they have certain downsides.

  • High initial cost – VPN concentrators come with an enterprise-grade price tag that smaller companies cannot afford.
  • Lack of scalability – With a large number of remote workers (as the pandemic has shown), you may run out of bandwidth to provide smooth enough service for all of them. Hardware concentrators have a performance ceiling that can only be raised by deploying additional VPN concentrators.
  • Management complexity – Configuring a VPN concentrator requires a trained networking specialist in order to provide smooth remote access to all relevant systems and to make the VPN fit in with the rest of the organization’s security ecosystem.

Alternatives to a VPN concentrator

VPN router

A VPN router provides a similar functionality as a VPN concentrator, but with fewer features and at a smaller scale. It may be a good alternative for companies with fewer remote workers and a smaller budget.

On the other hand, the configuration complexity is still very high, if not higher, as you may need to configure every VPN client individually.

Business cloud VPN

A cloud-delivered business VPN provides a remote-access service identical to a VPN concentrator without any of the downsides. The function of the VPN concentrator is taken over by the cloud VPN gateway, which is a virtual device that handles site-to-site and point-to-site tunneled connections in a highly scalable way.

Being SaaS-delivered, the business cloud VPN is better suited for small and medium businesses:

  • The price matches the performance – companies pay more when they use more,
  • The cloud VPN scales easily according to changing needs,
  • The administration overhead rests with the provider, which eliminates management complexity for the business.

Summary

VPN concentrators are reliable, high-performance solutions for securing remote access for a large number of workers.

Legacy hardware concentrators require serious financial investment and know-how, which means they cater primarily to the needs of large enterprises. Small and medium businesses make better use of virtual concentrators (gateways) that come with business cloud VPNs, as SaaS-delivered VPN services scale better and reduce management overhead.

VPN

3 Proven VPN Alternatives to Keep Your Business Safe

Read this blog to learn about three main VPN alternatives for your business to help you decide what solution fits your specific needs and preferences.

Learn more

10

Min read

VPN

VPNaaS (VPN as a Service) For Businesses Explained

VPN as a Service (or VPNaaS) has several benefits especially for small and medium businesses. Here’s everything you need to know about it.

Learn more

5

Min read

Network security

What Is A Bastion Host? Choosing A Network Security Solution For Your Business

This article explains what a bastion host is, the security risks involved with using one and the alternatives for your business.

Learn more

12

Min read

In GoodAccess, we invest our passion into developing a cybersecurity platform that is easy to deploy, easy to manage, and easy to use.

Facebook icon LinkedIn iconTwitter icon
Education
VPN with Static IP Explained
What is Business Cloud VPN
What is IP Whitelisting
DNS Filtering Explained
Zero Trust Network Access
35+ Gateways Worldwide
How secure is GoodAccess
Platform
Free business VPN
Business VPN
Zero trust network access
Software defined perimeter
Secure web gateway
Remote access VPN
Features
Dedicated VPN gateway
Static IP address
Central dashboard
Zero-trust access control
DNS filtering
Multi-factor authentication
Network access control
Split tunneling
Access logs
IP whitelisting
SSO
Resources
Product tour
Blog
Events & webinars
Support portal
Customers
Integrations
Company
About us
Become a partner
Become an affiliate
Careers
Newsroom
Contact us
Partner
Sign up form
Pricing
Plans
Small teams
Starter
Download App
iOS
Mac
Android
Windows
Chrome OS
Linux script

Copyright ©2023 GoodAccess

Acceptable Usage Policy
Term & Conditions
Privacy Policy