I'm currently looking into solutions for my company. We deploy headless servers at business' and have to remote into them to perform maintenance. Currently we use a ssh tunnel to a central server that then routes traffic to the remote server at the site. This provides a way to vnc "securely" to the sites. What I want to do is setup a central vpn in the cloud and have all the site connect to that. The catch is I don't want any of the client servers to have access to each other. Is this possible with vpn or am I needing to look at something else. Also I need to log who connects to the sites, for accountability.