Benefits over VPN
In terms of technology, the difference between G/On and typical VPNs is that it does not have an IP connection to the network. Authenticated users are only connected to the G/On server, which in turn establishes a separate connection to the specific application servers in the company network. The user may feel like he or she is working directly in the network with his or her programs and resources, but in reality the connection is only virtual and ends physically at the G/On server. What's more, G/On does not have a broadcast address: The server just listens and only processes authorized flows of data.
No information that could be used by a potential attacker is saved, cached or left on the local client computer. Without a G/On token, any potential hacker does not even have an address to find the server and attempt to reestablish the connection. And even if the hacker did have the address, he or she would have to be able to falsify the access data, protocol, application connection, and more just to reach the G/On server - and that still wouldn't let him or her into the company network.