comp.org.uk

Networking | Programming | Security | Linux | Computer Science | About

VPN Basics

A Virtual Private Network (VPN) is an extension of a private network into the public network domain. The public network would act as a private network and the user would be able to perform every function as if logged in to the private network. It also helps to allow a remote user to work with the same security and management policies defined by the administrator of the private network. This connection is established by a virtual point-to-point connection through a set of assigned connections and encryption, or a combination of both, depending on the business requirements.

VPNs allow employees to securely log in to their private network, even if they are not in their office premises. It is secure and cost-effective.

Any kind of network connection over an untrusted network, such as the internet, would benefit from implementing a VPN. Even inside an organization's premises, in order to implement a VPN, you need to create a secure private channel between network devices (site-to-site VPN), as well as between people and network devices (remote-access VPN).

Benefits of a VPN

A VPN can benefit an organisation in the following ways:

Site-to-site VPNs

A site-to-site VPN allows offices in multiple fixed location to establish a secure connection with each other over a public network, as shown in the following topology, with a lot of security measures bundled in. This enables the company's resources and data to be available to branch offices in other locations.

The two sites, using their VPN edge devices, set up the IPSEC VPN tunnel, which includes security parameters such as encryption algorithm, hashing algorithm, and authentication. Once the tunnel is established, the data from the LAN of the head office would be sent through the secured tunnel to the LAN of the branch office.

There are two types of site-to-site VPN:

Remote-access VPN

A Remote-access VPN is also called a VPDN, or virtual private dial-up network.

Similar to the site-to-site access evolution from WAN technologies, remote access has evolved from dial-up technology. The differentiating factors between these two types of VPN are:

This can be very flexible when implemented as a software solution on a remote user's PC. The teleworker can benefit from the same confidentiality, integrity, and authentication services of a site-to-site VPN.

It allows individual users to establish a secure connection with a remote computer network. They can access only the secured resources or data on that particular network, as if they were directly connected with the network.

There are two components in a remote-access VPN:


Published on Wed 21 March 2012 by Daisy Batty in Networking with tag(s): vpn