AWS Client VPN is a fully-managed remote access VPN solution used by your remote workforce to securely access resources within both AWS and your on-premises network. Fully elastic, it automatically scales up, or down, based on demand. When migrating applications to AWS, your users access them the same way before, during, and after the move. AWS Client VPN, including the software client, supports the OpenVPN protocol.
Many organizations require multi-factor authentication (MFA) and federated authentication from their VPN solution. AWS Client VPN supports these and other authentication methods.
Traditional on-premises VPN services are limited by the capacity of the hardware that runs them. AWS Client VPN is a pay-as-you-go cloud VPN service that elastically scales up or down based on user demand.
Unlike on-premises VPN services, AWS Client VPN allows users to connect to AWS and on-premises networks using a single VPN connection.
AWS Client VPN automatically takes care of deployment, capacity provisioning, and service updates — while you monitor all connections from a single console.
AWS Client VPN use cases
Quickly scale remote access
Unexpected events can require many of your employees to work remotely. This creates a spike in VPN connections and traffic that can reduce performance or availability for your users. AWS Client VPN is elastic, and automatically scales up to handle peak demand. When the spike has passed, it scales down so you are not paying for unused capacity.
Access applications during migration
AWS Client VPN provides users with secure access to applications both on premises and in AWS. This is helpful during a cloud migration when applications move from on-premises locations to the cloud. With AWS Client VPN, users don’t have to change the way they access their applications during or after migration.
Integrate with your authentication and MDM systems
AWS Client VPN supports authentication with Microsoft Active Directory using AWS Directory Services, Certificate-based authentication, and Federated Authentication using SAML-2.0 to facilitate these scenarios when using the AWS provided OpenVPN Client software. AWS Client VPN works with Mobile Device Management (MDM) solutions to reject devices that do not comply with the your policies.
Securely connecting IoT devices
Create encrypted connections between IoT devices and Amazon Virtual Private Cloud (VPC) resources using certificate-based authentication.
"Columbia University Medical Center is a clinical, research, and educational enterprise located on a campus in northern Manhattan. We have an emergency situation where due to the COVID 19 our hospital is limiting access to the campus. We needed to supplement our current physical VPN solution in order to support up to an additional 150 concurrent users with access to our datacenter and campus, so we have set up a Client VPN endpoint. With AWS Client VPN, our staff and researchers are quickly able to access the campus and continue to do research on the virus."
- Robert De Boer, Deputy CIO, Columbia University Medical Center
“Shionogi is a pharmaceutical company headquartered in Osaka, Japan, with research and distribution extended worldwide. We needed to dramatically and quickly change our VPN environment to support mandated Work From Home (WFH). This applied to all employees which was practically impossible with our current system. With AWS Client VPN, we were able to turn up the VPN environment for approximately 3,000 employees in just 3 days. As a result, end-users thanked us saying that the User Experience for the remote work has been greatly improved, which proved that our IT department can make a difference to the organization. The whole experience reminded us the power of the Cloud – for its speed, flexibility, and scalability.”
– Kazuhiro Shirahase, Director of IT Promotion Division I, Shionogi Digital Science Co., Ltd.
Simple pricing so it's easy to know what is right for you.
Instantly get access to the AWS Free Tier.
Get started building with AWS VPN in the AWS Console.