|
How do VPNs work? VPNs arose in the late 1990s to address a growing need: how do you connect disparately located people to central resources
securely and inexpensively? The answer was to utilize much of the infrastructure of existing networks, place a layer of security
on it, and make it work with a wide variety of clients.
VPNs do this by making use of existing public networks - namely the Internet. Let's say that you have a high speed DSL connection
to your home. It makes sense to utilize this Internet connection to access the network at your office. The only trouble with
this solution is that the Internet is not a safe and secure connection. As we know, there are individuals out there that would
like to hack into your network or examine your data traffic. So how do we make use of the Internet and yet protect our networks
and data?
By using VPNs, of course! The great thing about VPNs is they are seamless. Once the connection has been established it would
appear as though you are on the remote network. And with the security that is integrated into VPNs, it is almost impossible
for an outsider
to
see the data being exchanged between the two networks.
I am going to steal a great analogy from author Mark Minasi to illustrate how VPNs work. Imagine the Internet as a network
of interconnected pipes that passes information from source to destination. At any point in time there is information traversing
these pipes. Now imagine a second, smaller pipe; one within the first set of pipes that runs from your computer to an access
server on your office network - this represents the VPN. Essentially, a VPN “tunnels” through the Internet to provide a private
connection to your office network by using specific protocols. These protocols allow for remote authentication and encryption
of all information passing through the VPN, which makes the data unreadable to anyone monitoring traffic. So suddenly you
have a secure private network that links you to a remote site. This carries with it several benefits that will be explained
below.
The benefit of VPNs Consider how remote access has been accomplished in the past. For remote users, or telecommuters, it was necessary to use
a slow dial-up line to call into a modem pool on the office network. The disadvantage is that modem pools are difficult and
expensive
to maintain
. Furthermore, there is the additional expense of phone charges for access
at less than 56Kbps.
For the branch offices that connect to
headquarters, dedicated lines have been used in the past. These are very fast, secured connections that cost a small fortune.
Typically these connections are point-to-point, frame relay, or leased line, all of which are fast dedicated connections
at a premium cost.
The alternative is to connect to a local service provider with a high speed Internet connection, such as cable or DSL
, and
utilize the tunneling capabilities of VPNs
to connect to your office network. This provides a high speed Internet connection along with a cheap alternative to connect
to the office.
While there are some additional costs for obtaining, installing and supporting VPN equipment or software, replacing the cost
of dedicated
lines usually results in a fairly quick return on investment (ROI). This is an important issue to consider when investigating
the benefits of using a VPN.
What is required to run a VPN? The good and bad news about setting up VPNs is that there is no one solution. This means there is flexibility in implementing
VPNs
-but you also need to do your homework. It is important to understand how VPNs are going to be utilized in your network and
what you want to accomplish with this technology solution. For example, is this a connection between a branch office and the
headquarters, or are remote users trying to get access to the organizational network?
Furthermore, there are both software and hardware solutions to setting up VPNs. The hardware solutions include items from
firewalls to routers to access servers. For a telecommuter, VPN software on a laptop and a connection to a local ISP is all
that is needed. Small offices of 10-20 users can utilize routers that have VPN capability built into the
m. For larger branch office locations and
organizational headquarters it is a good idea to have a firewall set up that can handle VPN connections. Furthermore, in order
to get access to the
organization's network it is necessary to have a means of authentication. This can be done on access servers running such
services as RADIUS or TACACS+.
While the equipment and solution may vary, the process for transmitting data across a VPN is consistent. Through an Internet
connection a remote user connects to an
organizational network. At this point,
the user must be authenticated through a username and password or other authentication scheme, such as a smart card. Once
this happens,
communication can be established. Utilizing an encryption method that is agreed upon by both the remote user and the access
server, information can be passed using one of the tunneling protocols. A remote user can now seamlessly access the
organization's network.
There is a vast amount of information, both on
the Internet and in
print, on VPNs. Do your homework to establish your needs and a budget to work within. VPNs are a safe way to utilize the Internet
for your needs; however, it should not break the bank.
Web Resources: How Virtual Private Networks Work http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094865.shtml “This document covers the fundamentals of VPNs, such as basic VPN components, technologies, tunneling, and VPN security.”
The document provides background knowledge as well as a review of tunneling protocols. There is also a list of Cisco's VPN
product line.
Linux FreeS/WAN Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux. This site includes a good overview of IPSEC and how VPNs work
, as well as software that will allow you to create VPNs using Intel-based hardware for lower cost than vendor proprietary
systems.
VPNs and IPSec Demystified http://www.onlamp.com/pub/a/bsd/2002/12/12/FreeBSD_Basics.html Part of O'Reilly's series on encryption, this article is written by Dru Lavigne. There is some good information on VPNs and
encryption. Includes links for terminology and related technologies.
Virtual Private Network Consortium “VPNC is the international trade association for manufacturers in the VPN market.” This site includes a link to VPN technologies
with an extensive amount of information and definitions.
VPN Source http://www.internetweek.com/VPN/ Breaking news on VPN technology and real life applications. Includes interactive discussion groups. |
Documents
| What is a VPN? |
Virtual Private Networks (VPNs) are secure logical networks that create a safe 'tunnel' through public telecommunication channels to allow access to a remote network.
|
|
Contribute to this topic
Do you have an article, presentation, or other content to share on this topic?
You can post it on this topic page. Find out more about submitting documents in the Member Center.
Ratings You must be signed in to rate this item
|
Average (0 Votes)
|
Comments