The VPN client provides client-side functionality for secure remote access over IP networks using VPN routers and VPN servers. VPN client software is available in several localized languages. Simply to deploy and operate, the VPN client allows organizations to establish end-to-end, encrypted VPN tunnels for secure connectivity for mobile employees or teleworkers.

VPN client provides full user-side functionality for VPN router and VPN gateway-based secure access different systems. It enforces centralized security policies, including bandwidth allocation, access control authentication, encryption, and other user parameters; triggers automatic denial or termination of out-of-parameter client connections. It enables PDA and other devices running the Windows Mobile operating system (Pocket PC 2003) to securely connect to VPN Router (Connectivity) via Nortel provided and supported software (i.e., no 3rd-party software required). It also allows end-users to roam across network boundaries (e.g., from wireless LAN to fixed LAN) without breaking the secure VPN connection and disrupting end-user applications. Enables administrators to customize and mass-distribute configurations to users; optionally, can auto-launch when connecting, with no end-user software load required. It supports load-balancing, failover, and LZS compression for optimum user experience. VPN client integrates with complementary security, authentication, and access control products (Verisign, Entrust, Baltimore, etc.).

There are a lot of VPN client softwares that can be configured to require that all IP traffic must pass through the tunnel while the VPN connection is active, for increased security. From the user's viewpoint, this means that while the VPN connection is active, all access outside the secure network must pass through the same firewall as if the user were physically connected to the inside of the secured network. This lessens the hazard that an attacker might get access to the secured network by attacking the VPN client's host machine: to other computers on the workforce’s home network, or on the public internet, it is as however the machine running the VPN client simply does not exist. Such security is essential because other computers local to the network on which the client computer is operating may be unreliable or incompletely reliable. Even with a home network that is secluded from the external internet by a firewall, people who share a home may be concurrently working for different employers over their individual VPN connections from the shared home network. Each employer would therefore want to make sure their proprietary data is kept secure, even if another computer in the local network gets infected with malware. And if a traveling employee uses a VPN client from a Wi-Fi access point in a public place, such security is even more important. However, the use of IPX/SPX is one way users might still be able to access local resources.