COVID-19: Impact Support | Learn More

Site-to-Site VPN: How It Works and Do You Need One?

What Is a Site-to-Site VPN?

Site-to-site VPN is a type of VPN that keeps data encrypted between two locations without needing credentials or client apps on devices using it.

Site-to-Site VPNs are important tools for many organizations worldwide, and because of the unprecedented situation we find ourselves in, businesses are looking to what kind of security protections their company needs.

The VPN services market is expected to reach $54 billion in 2024

There Are Different Types of VPN?

Yes, and they each serve distinct purposes designed to be implemented based on a company’s needs.

VPNs can be split up into three categories:

  • Remote access VPNs: Typically consumer-grade VPNs, and what individuals will be accustomed to. Examples include NordVPN and ExpressVPN
  • Intranet-based site-to-site: Multiple connected LANs that collectively make up a wide area network (WAN); useful for securely pooling resources across a company with more than one office 
  • Extranet-based site-to-site: Commonly used between companies that are partners, allowing them to share specified information externally while still maintaining security and allowing internal networks to be used only by internal workers

Today, we’ll be looking at site-to-site VPNs, and the benefits they can bring to SMBs going forward.

What It Looks Like

Site-to-site VPNs are intended to connect entire networks, usually from different locations.

For example, an organization which has offices in Los Angeles, Chicago, and New York can utilize a site-to-site VPN to connect all the offices together.

This, in effect, creates one whole network (WAN), where users can exchange data and information with each other from completely different places—all encrypted and secured by the VPN.

For users, there is virtually no difference in their daily working functions.

Since site-to-site VPNs encrypt data at a gateway, users don’t have to have any of the VPN software installed on their computer—so long as they’re connected to the “site” (the network), their data is protected.

This is in contrast to a remote access VPN.

If you use a VPN at home, a remote access VPN is almost certainly what it is.

It requires you to launch the application (client), sign in, and keep it running for as long as you want to use it.

So, with a site-to-site VPN, you’re sparing the guys in IT the chore of having to individually install software on every device that needs protection.

An extranet site-to-site works in much the same way in that employees won’t “see” the VPN or have to run any applications—just with the difference being only certain information is shared between the sites.

How It Works

When you normally use the internet with a regular connection, wired or wireless, through a router, you’re out in the open.

Imagine a vast ocean of other data, users, and networks which can all interact with each other.

This isn’t a problem in itself, but there are protections that are severely lacking.

VPNs started out as a way for businesses to protect themselves and continue to do so today.

It works by creating a “tunnel” between two networks.

With a site-to-site VPN, these tunnels go from one location to another, and the only people who can see the data being transferred are users logged onto the network.

The VPN uses gateways at each location, which encrypt all traffic that passes through.

All traffic (data) has to be authenticated at the gateway, which is solely responsible for protecting the data and sending it through the tunnel to the other side.

When inbound traffic is received, it is decrypted and data packets are sent on to the target host—such as an employee receiving sensitive information about clients.

Because of this process of encryption and decryption, hackers and other cybercriminals are shut out and any other potential bad actors in the “ocean” cannot take advantage because the data is impenetrable and the tunnel inaccessible.

Site to site VPN visual explainer

Benefits of Site-to-Site VPN

Watertight Internal Network

When a business utilizes a site-to-site VPN across its operations, they can expect a far more secure footing as far as their data is concerned.

Business leaders are concerned about the rise of cyberattacks, and a newfound inclination from hackers to target SMBs should worry them.

Using a VPN will give them peace of mind, safe in the knowledge that data can be transferred between disparate locations without being fearful of a breach.

Operational efficiency

Because users don’t have to have client apps installed on any of their devices, using a site-to-site offers ease-of-use opportunities for businesses.

Employees simply have to be logged on to the work network as they normally would and the gateway takes care of the rest.


One of the biggest benefits of implementing a site-to-site VPN for an organization is its scalability.

If you open a new branch or office, it’s easy to add them to the WAN—you won’t have to individually get each device under network up and running.

Does Your Business Need One?

This depends on a number of factors, but usually will come down to the following considerations, namely:

  • Size of the business
  • Number of locations/offices
  • Sensitivity of data being shared

If your business is small, functioning in one office with little data sharing outside of your premises, then it’s unlikely that a site-to-site VPN will be necessary.

If, however, you’re a growing company that has ambitions to grow into a larger organization in multiple locations, or perhaps already operating in multiple locations, then a site-to-site VPN would be a sensible investment for now and for the future.

As far as data is concerned, it’s worth considering how important safeguarding that data is.

For businesses operating in some industries, like healthcare or finance, data protection is absolutely crucial, and not looking after customer records in the most secure manner can be dangerous.

This goes for many businesses of other verticals, too, many of which handle significant amounts of customer data and can face hefty fines or worse if they don’t have the right security measures in place.

In 2020, it’s simply asking for trouble to be sharing unencrypted sensitive data outside of a secured network, so if this applies, then it’s worth getting a site-to-site VPN to ensure the safety of your customers details—and the security of your organization.

MSPs provide the tools and expertise to help SMBs achieve their cybersecurity goals, including implementing VPNs. To find out more about business cloud technology and which solutions are right for keeping your business competitive and in good shape for the future, download our eBook,  “Which Cloud Option Is Right For Your Business?”