Apple @ Work: Tailscale is a first-principles approach to VPN technology with full macOS and iOS support – 9to5Mac

Yesterday
Bradley Chambers
– Apr. 23rd 2022 5:00 am PT


Apple @ Work is brought to you by Mosyle, the leader in modern mobile device management (MDM) and security for Apple enterprise and education customers. Over 28,000 organizations leverage Mosyle solutions to automate the deployment,  management and security of millions of Apple devices daily. Request a FREE account today and discover how you can put your Apple fleet on auto-pilot at a price point that is hard to believe.
There’s a concept of building from first principles that can create some pretty incredible products. For example, one of the technologies I’ve long thought was more complicated than it should be is VPN. VPNs came further into the spotlight with remote work and employees needing to access company resources from wherever they are. I recently came across a product that works great on macOS that takes that first-principles approach to how VPN connections work, and it’s called Tailscale.

(adsbygoogle = window.adsbygoogle || []).push({});

About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise grade Wi-Fi, 100s of Macs, and 100s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.
VPN setup is clunky at best. Different firewalls require different setups, and it can sometimes be challenging to get the proper devices to the correct servers depending on the subnet, IP scheme, etc. By implementing Tailscale, it’s easy to connect to another network by using a stable IP address for each device (server, laptop, etc.). These addresses stay the same, no matter where nodes move to in the physical world the devices are located. Each device gets an IP in the 100.X range, and it’s assigned based on the device and the Tailscale login.
I’ve got a fairly simple use case with Tailscale for personal use. I want to access my Umbrel server (learn how to build one in my past guide) remotely as well as my Plex server. Umbrel has a Tailscale app in its App Store, so the setup was painless. I can now access it from anywhere. It’s running on my Umbrel server and my Plex server, so when I want to connect to those servers directly, I just enable Tailscale on my Mac, and I can connect to those devices.
Tailscale is built on top of WireGuard. WireGuard is a fast encrypted networking protocol that offers a number of performance benefits over typical VPNs. Tailscale adds to WireGuard by adding automatic mesh configuration, single sign-on support, 2-multi-factor authentication, NAT traversal, and centralized Access Control Lists (ACLs).
So let’s say you’ve got employees spread out around the country (or world), and you want to securely let them access secure company resources like internal servers over VPN while letting public internet traffic run locally. TailScale works this way out of the box. It runs as an overlay network and only routes traffic between devices running Tailscale but doesn’t touch traffic not aimed at a Tailscale device. With this default setup, you can leave Tailscale running at all times on macOS or iOS without sending all your traffic through them.
To sum it up, Tailscale is an affordable VPN that requires no configuration, installs on any device in a few seconds, handles firewall rules for you, and works from anywhere. While my use case is 100% personal, you can see the benefits it could bring to enterprises everywhere. Tailscale is truly a VPN for the remote-work world. It’s one of those rare solutions that “just works.” Pricing starts at free for one user with up to 20 devices, and paid plans start at $5/month (paid annually). So, if you’re struggling to roll out VPN access to your entire company in a way that’s not stretching your team with troubleshooting, check out Tailscale. Its VPN so simple, I am not sure Apple or Google could have made it any easier. It works great on macOS and iPhone and iPad.
FTC: We use income earning auto affiliate links. More.
Check out 9to5Mac on YouTube for more Apple news:
Apple @ Work is a 9to5Mac series where Bradley Chambers looks at the latest trends and news with how the Mac and iOS are working in enterprise IT environments.

Bradley lives in Chattanooga, TN.
Tips, feedback, corrections and questions can be sent to Bradley@9to5mac.com.
iPhone 14 leaks: Everything we know so far
Earth Day-inspired workouts now on Apple Fitness+
Apple may have already inked NFL Sunday Ticket deal
iPadOS 16 concept imagines new multitasking

source

Share:

More Posts

Market Research

Pulse Surveys

Turn feedback into action

Our survey platform makes it easy to measure and understand feedback so you can drive growth and innovation

Pulse Handshak

Pulse Handshak

Collaborative online survey tool for the market research industry. Remote assisted surveying just like face-to-face interviews. Here interviewers can talk to the respondent over the web-console without the need for any other communication channel and share the same Q're with responses and click actions.

Pulse FE

Pulse FE

Pulse Field Expert or Pulse FE is the main platform for both offline and online survey at softofficepro.com. It is robust and used by hundreds of clients over tens of years with millions of responses. Do it once Q're and deploy on both offline devices (android) and online forms makes it a great cost effective platform for any kind of responses

Pulse Ultimate

Pulse Ultimate

Pulse Ultimate is targeted for tracking studies and retail audits. An offline survey system offering extreme field control including processes like data quality check, back-check, rework, comparison with previous wave data etc. helps to get the best results on a day-to-day basis

Pulse LS

Pulse LS

Use a managed Limesurvey and our expertise for creating complex forms and token based user management. Use optional mailing system to send survey invitation to each participant and track progress of the response status. Industry standard SPSS / R output supported