VPN

A VPN tunnels traffic through encryption over an untrusted network — IPsec for site-to-site, TLS for remote access. Full-tunnel routes all traffic through the corporate gateway (more visibility and control); split-tunnel sends only corporate traffic through it (better performance, less visibility). ZTNA is increasingly replacing traditional VPNs, granting per-application rather than whole-network access.