virtual private network

VPN

What is a VPN?
A VPN (virtual private network) enables a specific group of users to access private network data and resources securely over the Internet or other networks. Although often using public networks, a VPN inherits the characteristics of a private network, hence the name 'virtual' private network. A VPN is characterized by the concurrent use of tunneling, encryption, authentication and access control over a public network.

What is a VPN made of?
VPNs may connect an individual machine and a private network (client to server), or a remote LAN (local area network) and a private network (server to server). To do so, VPNs need:

• a routed network to transport data packets
• a tunnel switch to increase security and versatility
• tunnel terminators, which act like virtual cable terminators

How do VPNs work?
VPNs create 'virtual' point-to-point connections using a technique called tunneling. As the name suggests, tunneling acts like a pipe to bore through a network cloud to connect two points. Typically started by a remote user, the tunneling process encapsulates data and encrypts it into standard TCP/IP packets, which can then safely travel across the Internet.

What are the types of VPNs?
As the VPN market evolves, the lines between various classifications and architectures blur. Hardware manufacturers now provide software clients with features historically available only through software- or firewall-based solutions. Stand-alone applications, on the other hand, may support encrypting routers to improve performance. Emerging standards such as IPsec provide a basis to create custom solutions. The three basic types of VPNs include:

Intranet VPN - Transparent to clients, this type of VPN is usually implemented for networks within a common network infrastructure, but dispersed across various physical locations. For example, several buildings may be connected to a data center or a common mainframe application that can be accessed securely through private lines. Intranet VPNs need to be especially secure, with strong encryption, and meet strict performance and bandwidth requirements. They must remain easily upgradeable to accommodate new users and applications.

Remote Access VPN - Client-initiated, this type of VPN is ideal for remote users who need the flexibility of connecting to their corporate LAN from various locations. It is designed for telecommuters and sales professionals who connect intermittently from homes, hotels, conference halls and other locations. With remote access VPNs, performance and bandwidth issues are usually minimal. Authentication, rather than encryption, is the main security concern.

Extranet VPN - Using the Internet as its backbone, this type of VPN serves a larger number of users and locations, enabling customers, suppliers and branch offices to access corporate resources across various network architectures. Extranet VPNs rely on standards such as IPsec to ensure maximum compatibility, while not compromising security.