|
|
|
|
|
|
by mcpherrinm
3394 days ago
|
|
|
layering differences aside, there's a fairly important security difference here: Because the proxy is examining requests, it can authorize them, and provide data to the back-end about what user was authenticated. A VPN usually just gets you onto the network, and doesn't provide much if any data to the service being accessed about what user and application is connecting. A VPN is generally invisible to both sides of the communication, so you can tack on extra security, but it's harder to have the applications actually rely on it for authn/authz guarantees. In practice this means you have to log in twice: Once to the VPN, and again to the application. There's some ways to make that invisible to the user, though. |
|
|