Virtual Private Networks
From Computing and Software Wiki
Virtual Private Networks (VPNs)
A virtual private network (VPN) is a private data network that uses public telecommunication infrastructure. More precisely, it is a communications network tunneled through another network (usually the Internet) to provide certain functions that are meaningful to its users on the dedicated network.[R1]
The phenomenon caused by VPN technology has caused a huge stir in both the computer science field in the business world.[R2]
Contents |
VPNs
Since there are many competing definitions for VPN, one possible broad definition could be:
'A network (or service) that emulates the properties of an actual private network using a shared public networking infrastructure.'
History
During the 1980s ATM technology and a suite of protocols known as X.25 were created for intended use in both local area and wide area networks. It can be argued that X.25, the oldest packet-switched service, was the forerunner of VPNs because of its prominent role in the telecommunication and financial industry during that period. Phone companies originally intended its use to carry digitized voice calls, but their importance in data networks was soon realized. An X-25 network consists of complex packet switches that route packets and hosts would attach to a packet switch using a serial communication line instead of attaching directly to a communication wire of a network. The result is a connection between the host and the X.25 packet switch which is now a miniature network consisting of one serial link. Before the Internet exploded onto the scene, a virtual private network consists of at least one circuit leased from a communications provider. Each leased circuit was a like a single wire in a network controlled by the customer. As companies grew beyond geographical limitations, it became expensive to maintain VPNs using leased circuits and with the rapid advancement of the Internet, it was inevitable that VPN technology would try and exploit it.
VPN Today
Why VPN?
Why would an organization choose to have a VPN? These are the main reasons.
1. No geographical limitations: This results directly in increased productivity of its employees who are now capable of working and accessing resources offsite and a potential increase in revenue due to increased productivity.
2. Improved security: Higher security due to separation of traffic.
3. Reduced costs: It is cheaper to maintain than WANs and reduces transportation/communication costs.
Features of a VPN
In the past, VPNs were secure by virtue of it being leased by a provider for only the customers’ use. With the Internet and improved networking technology, this became expensive hence and cumbersome hence, the requirements for a well-designed VPN had changed. The following list of requirements is the unofficial standard today of a well-designed VPN.
Security: This is the focus of most VPN solutions today. Security is achieved by concentrating on confidentiality, integrity, and authentication. Confidentiality is achieved primarily using secret key cryptography and public key cryptography such as DES with Diffie-Helman algorithms. One-way hash functions and digital signatures are some of the features that are included to protect the integrity of the information and to authenticate a user on the network; password authentication and digital certificates are used.
Predictability: Having ownership of the communication links of a network guarantees the bandwidth between the user sites and can make network performance more predictable. In addition, having ownership allows a company to control the information flow through the network thus, increasing performance, reliability, and security.
Independent Addressing: Within the last decade, there has been lots of news buzzing that the address space provided by IPv4 was running out, and VPN with their own independent address space was an excellent solution to that end. However, with IPv6 expecting to eliminate IPv4’s problems, this is no longer a concern. However, for a company to possess their own independent address space also means increased security and one example includes limiting only those addresses to access a company’s sites, preventing unauthorized access.
