Detail Explanation about What is VPN? |
|
|
In a scanty local area network LAN with few, very trusted users and good physical security, clear-text data going over network wires is not likely to elevate security-related risk very much. The further this data is transmitted, the greater the risk because there are more distinct points at which clear-text data can be captured without authorization. Sending clear-text data from one point to another over a public network, however, raises security-coordinated concerns to an entirely different level. Virtual Private Network VPNs are secure tunnels over a public network, most notably the Internet. This secure tunnel allows two private, internal networks to spread over the public network without compromising the communications that flow over them. The two networks may be corporate LANs, a single remote machine from the vast pool of road warriors that your company has, or an employee working from home.
From a consumer perspective, each user is on the internal network. Each has access to all the resources available to someone who is physically connected to the regional LAN. The speed or bandwidth is probably the only noticeable difference in a true VPN configuration.
From a connectivity position that is, buts going over the wire, however, there is significant difference regarding virtual private networking. The VPN must package up all the bits, encrypt them to keep the private in VPN, and then send them over the public network to the destination.
All VPNs include certain functions and features that make them VPNs. These functions deal with encryption, authentication, tunneling, and barring of internal network access via any other means than the VPN itself.
The P in VPN stands for private. This means that in some manner the data in the communications is not generally available for others to see. In the environment of public networks, and the Internet as a specific example, this means that the data must be encrypted. That is mark, except now you need to ensure that you are encrypting with the person you choose. This is where authentication cones in.
You have to have a way to get packets that should only be on the internal network transported over the other side of the VPN link. This is where tunneling comes in. We take a packet that has only internal information in it, and package it up for transport over the public network. The VPN then uses a tunnel as the transport mechanism of this packet.
You need to protect your internal network, so by definition a virtual private network VPN has some firewall capability. It will not allow any external traffic into the internal network unless it goes through the VPN and thus acts as firewall.
|
|