Virtual private networks (VPN) provide an encrypted connection between distributed sites over a public network (e.g., the Internet). By contrast, a private network uses dedicated circuits and possibly encryption. The basic idea is to provide an encrypted IP tunnel through the Internet that permits distributed sites to communicate securely. VPN's permit secure, encrypted connections between a company's private network and remote users through a third-party service provider. A VPN can grow to accommodate more users and different locations much easier than a leased line. In fact, scalability is a major advantage that VPN's have over typical leased lines (dedicated circuits). Unlike with leased lines, where the cost increases in proportion to the distances involved, the geographic locations of each office matter little in the creation of a VPN.
Descriptions / Types
Virtual Private Networks allow enterprises to utilize cost effective, secure, and scalable hardware to extend their wide area network. These networks are cost effective in that they are able to connect remote users to the corporate network without the need for expensive dedicate WAN links or modem banks. They also allow remote users to utilize their own internet connections from their remote site which also saves the corporation money. In essence, the longer the distance is between the connections, the more savings the company can realize. Increased security is also a factor in that it provides encryption between the two sites and that helps protect against unauthorized access to the system. The system is also scalable in that additional hardware is easily added to the network to allow for more users. This allows the corporation to add significant amounts of new users without significantly changing the network infrastructure.
VPN's are typically platform independent with the majority of the VPN's occurring on UNIX, Windows, or Macintosh. They all operate seamlessly; offer strengthened security, mobile user support, and ease of use.
Site to Site
Site to site VPN's extend the wide area network in the sense that they provide large scale encryption between multiple sites such as remote offices and central offices, and also over the internet. There are two main types of site to site virtual private networks, internet and extranet (HowStuffWorks.com). Intranet based VPN's are used for connecting one or more remote locations to the existing LAN, while an extranet based systems connect one or more different companies to the existing LAN to create a shared environment or partnership.
Site to site VPN's typically use a tunnel in which the communication between the two sites is handled from router to router, where the communication between the two is seamless to the end user.
Remote access provides for secure connection between remote users and their corporate networks. This connection works through either a dialup connection or through the public internet. It is also secure, scalable, and available through public networks utilizing client software. (HowStuffWorks.com)
Remote access VPN's typically employee a point to point protocol (PPP), of which the basic structure is used in Layer 2 Forwarding (L2F), Point to Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP). (HowStuffWorks.com) A tunnel is a structure that encapsulates the data (payload) and provides the transport from one secure system to another.
Virtual Private Network (VPN) Security
The main concern for most companies when trying to obtain some sort of remote access to their network for employees is security. Most people believe that it is impossible for a network to be accessed remotely while still remaining as secure as accessing it from your office. This is not necessarily the case. Virtual Private Networks (VPN's) can be utilized for this purpose. The need for security is greater when using VPN's vice the old Remote Access Service (RAS) connections....
Please join StudyMode to read the full document