What is Perimeter 81 VPN?
Perimeter 81 is an Israeli network security service provider. The company’s founders previously developed a consumer-focused VPN service called SaferVPN. After a successful exit, they used SaferVPN’s technology as the foundation for Perimeter 81. The new company’s focus is on solving the problems that legacy hardware-centric technologies like VPN create for the modern enterprise.
Using a Secure Access Service Edge (SASE) model, Perimeter 81 consolidates networking, security, and remote access within a single, cloud-based service. Applying principles of Zero Trust Network Access helps Perimeter 81’s customers adopt a more secure and flexible approach to defending their most sensitive networked resources.
Billing itself as the “world’s first Cybersecurity Experience Platform,“ Perimeter 81 offers a wide range of services:
- Unified, cloud-based console for managing user access policies.
- Cross-platform agents for remote devices.
- Identity-based and user-based access policies.
- Site-to-site wide-area networking for branch networks and cloud resources.
- Global Points of Presence network backbone.
- Split tunneling to balance user experience and network performance.
- Authentication with single sign-on and multi-factor authentication.
- Encryption of user-to-resource connections.
- DNS filtering to block malicious or inappropriate websites.
- Device posture checking.
Although Perimeter 81 promotes its broader suite of converged networking services, companies can use a subset of those features as a replacement for their legacy VPN infrastructure:
- Encryption by port and protocol.
- Role-based, least-privilege access rules.
- Protect cloud and on-premises resources.
- Always-on security for remote users.
- Network visibility through unified dashboards.
- Manage access through browser-based consoles.
- Manage access for remote users.
- Manage access for on-premises users.
- Manage access for contractors and other third-party users.
- Unify access control to on-premises and cloud-based resources.
- Unified dashboards for managing access control rules and network usage.
- Easy deployment of Perimeter 81 VPN agents to user devices.
- Global PoP network.
- Client agent support for Windows, macOS, Linux, iOS, and Android.
- “VPN alternative” features are a subset of much larger platform.
- Changes may be needed to network architecture or configurations.
- Entry-level Essentials plan requires a minimum of 5 users and has fewer security features.
- Third party reviewers have mentioned inconsistent performance and/or speed
Twingate delivers a modern approach to secure network access by establishing software-defined perimeters around every protected network. Least privilege access and other Zero Trust principles significantly reduce a company’s attack surface while making networks more efficient and performant.
- Manage access for remote and on-premises users.
- Manage access for employees and third-party users.
- Implement role-based, least privilege access.
- Secure on-premises and cloud resources.
- Zero-trust network access based on least privilege.
- Unified access control for all users and resources.
- No changes to network infrastructure required.
- No changes to resources or user devices required.
- Compatible with existing security stack.
- Simple, easy-to-use administrative console.
- Quick implementation within 15 minutes.
- Tiered pricing includes a free option for individuals or small teams.
- Tiered pricing based on the number of users and remote networks.
- Advanced features limited to the Enterprise tier.
Both Twingate and Perimeter 81 offer solutions to many challenges organizations face from legacy VPN technologies’ increasing vulnerability to cybercrime. Publicly visible on the internet, hackers can easily discover unpatched VPN gateways and establish footholds in vulnerable networks. And because VPN gateways allow full access to the networks they protect, any vulnerable credentials give hackers freedom to move laterally through the breached network.
Both solutions apply Zero Trust Network Access principles to eliminate these vulnerabilities. But there are differences. Perimeter 81 network entry points, for example, are publicly visible while Twingate hides all company resources behind software-defined perimeters.
Legacy VPN technologies can undermine network performance and user experience. VPN gateways are choke points through which all secure traffic must flow, consuming bandwidth and increasing latency. As we saw during the pandemic, VPN gateways that supported a handful of traveling employees could not handle the spike in traffic as everyone worked from home.
Although different, the cloud-centric architectures that Perimeter 81 and Twingate use help mitigate the challenges of supporting large populations of remote users. Split tunneling, for example, routes a user’s non-essential traffic to the public internet while work-related traffic passes through encrypted connections. In Twingate’s case, split-tunneling is enabled by default while administrators must reconfigure each Perimeter 81 client agent.
VPN technologies have also become more difficult for end-users and administrators alike. To mitigate the security weaknesses of VPNs, companies segment their networks behind different VPN gateways. This forces users to connect and disconnect their VPN client as they switch from one resource to another.
Administrative overhead increases as well. Segmented networks require more access control policies. The physical networks themselves become more difficult to manage. And since VPN only provides remote access to on-premises resources, parallel systems are needed to support on-site workers and cloud-based resources.
Unified, cloud-based solutions such as those from Perimeter 81 or Twingate simplify the user and administrator experience. Client agents are simple and easy to use, creating connections directly to resources. Remote users, on-site users, and third-party users fall under the same access control system.
Twingate goes a step further by fully decoupling access control from the physical network. Adding Twingate’s Zero Trust protection can be done without making changes to the resource’s address or disrupting established user workflows. Decoupled from the underlying network, Twingate’s secure access solution can work with more complex architectures.
Another advantage that modern access control solutions have over legacy VPN architectures is their responsiveness to changing business conditions. Embedded in the network architecture, VPN simply cannot scale quickly or affordably.
Both Twingate and Perimeter 81 leverage their cloud-based architectures to make security and access control more responsive to business goals. Simple browser-based consoles let administrators manage access control policies, user profiles, and devices.
Where the two service providers differ is in the complexity of the deployment process. Twingate is designed to coexist with a company’s existing network. Customers have deployed Twingate’s software-based solutions in as little as 15 minutes. Perimeter 81, on the other hand, is better seen as a replacement for a company’s wide-area-networking, network management, and remote access solutions. The planning and implementation process is more involved and can require changes to the network to get access provisioned exactly as desired that could impact business processes and workflows.
Access to support varies with the tiered pricing structure the two companies offer. In Twingate’s case all customers, including those on the free Starter tier, get access to their comprehensive knowledge base and community forum. Email support is added at the Business tier while Enterprise-tier customers get priority support.
Perimeter 81’s paying customers get a knowledge base as well as chat and email support. At the lowest tier, however, chat and email are only available during office hours. Phone support and dedicated “success managers” are only available for customers at the two highest tiers.
Twingate’s laser focus on secure access control can be attractive to organizations that want to keep their existing infrastructure investments in place. Phased deployments of Twingate are simple, straightforward, and do not require any changes to the way the organization works. Moreover, Twingate offers additional features that enhance an organization’s network security.
Legacy services such as SSH were designed with few, if any, security features. Rather than letting all users have access to these services, Twingate lets companies apply 2-Factor Authentication to limit privileges to specific users accessing specific resources. This dramatically reduces hackers’ ability to leverage compromised privileged credentials.
In addition to setting least-privilege access policies by user or role, Twingate customers can define policies based on device posture. Unlike other solutions, Twingate decentralizes policy enforcement. The Twingate client agent evaluates device posture and applies relevant access rules before any connections are made.
Twingate helps minimize the blast radius of a security breach by providing detailed activity logs. Besides indexing by user, Twingate’s system indexes activity logs by device. Extensive, detailed, indexed logs make spotting unusual behavior much easier. As a result, companies can react to potential breaches much faster.
Perimeter 81 and Twingate are among the new generation of service providers eliminating the security weaknesses of legacy VPN technologies through Zero Trust Network Access. Twingate’s approach gives organizations of all sizes a simple, less disruptive path to unifying access control for all users and resources. No changes to the network are necessary. Twingate coexists with legacy systems as a company rolls out its more secure system. Deployable in minutes, secure, and performant, Twingate scales with any organization and budget.
Check out Twingate’s free Starter tier to quickly evaluate how easy modern security and access control can be.