Remote User VPN
The Problem

Securing User Access to VPCs

An important security measure for your VPCs (and VNETs) is to effectively control remote user access to your VPC(s). With cloud adoption on the rise, the cloud makes most users “remote.” Not only for employees who are out of the office, the “remote” label can be applied to developers, contractors, and partners whether they’re in the office or around the globe. Reducing latency of that access will improve productivity of these users.

While a bastion host using an SSH tunnel is an easy way to encrypt network traffic and provide direct access, most companies looking for more robust networking will want to invest in a VPN solution. Single instance VPN servers in each VPC results in tedious certificate management and questions arise like “who can access what VPC?” If you have more than 15 users and more than a few VPCs, management and auditing of the user access can become a major challenge. What’s needed is an easily managed, secure, cost-effective solution.

The Aviatrix Solution

Remote User VPN

Aviatrix provides a cloud-native and feature-rich client VPN solution. The solution is based on OpenVPN® and is compatible with all OpenVPN® clients. In addition, Aviatrix provides its own client that supports SAML authentication directly from the client.
AWS Remote Access
How we’re different

User VPN Designed for the Cloud

Centrally-Managed VPN

Visibility of all users, their connection history and all certificates across your network.

Many Authentication Options

LDAP/AD, DUO, Okta, MFA, Client SAML and other integrations.

Profile-Based Access Control

Answers “who can access what VPC?” Each VPN user can be assigned to a profile that with access privileges to a multicloud network, even down to hosts, protocols and ports.

Broad Client Support

Compatible with all OpenVPN® and Aviatrix SAML clients.

Scale Out Performance

Instances can be placed behind a load balancer to handle many users.

Logging Integration

Sessions, connection history, and bandwidth usage can be logged to Splunk, SumoLogic, ELK, Remote Syslog and DataDog.


Low, connections-per-hour pricing. Optionally tacked on to your AWS bill.

Learn More

Learn more about VPC User VPN

Ready to get started?

Choose your deployment model to build this networking use case on AWS in minutes.

Cancel any time.