Mesh VPNs explained: Another step toward zero-trust networking

Organizations are taking a closer look at mesh virtual private networks as they must support and secure more remote network connections.

Mesh VPN software definition

Mesh VPNs use a peer-to-peer architecture where every node or peer in the network can connect directly to any other peer without going through a central concentrator or gateway. This approach can be less expensive and easier to scale than a traditional VPN.

Mesh VPNs are not a new concept, but it has taken a long time for them to mature and expand beyond a niche use. Until a few years ago the VPN needs of most organizations were perfectly met through a traditional hub-and-spoke architecture. Most corporate firewalls and gateway security products include VPN functionality and that was convenient for most companies who only had a few employees working remotely.

The move to hybrid cloud-based infrastructure and the growing remote workforce has finally put mesh networking solutions on the map. This started with the need to connect VMs and nodes running in different clouds, a technology commonly referred to as a "service mesh," and now is expanding to connect traditional endpoints such as laptops and mobile phones.

"I believe that in the long term, the distinction between service meshes and mesh VPNs will blur, as both products are working to solve the problem of moving packets securely and privately between devices." David Crawshaw, CTO and co-founder of mesh VPN startup Tailscale and former Google software engineer who worked on distributed systems and experimental infrastructure projects, tells CSO. "The traditional distinction is whether the device is virtual (a VM or container) or physical (a phone or laptop or server), and that distinction is getting blurrier."

To continue reading this article register now

The 10 most powerful cybersecurity companies