VPN: VPN stands for Virtual Private Network, which can be utilized on a public network, such as the Internet.
What is VPN?
VPN stands for Virtual Private Network. It is a network that is built across a public network, mainly the Internet. The main purpose of the network is to allow authorized personnel to access information stored on the private network, even from a different physical location. The information and data shared on the VPN cannot be accessed by anybody who does not have authorization to access the network.
What is VPN used for?
A VPN is mainly used by companies and organizations. This allows the companies to secure all the data and any voice or videos that they may send over the internet. Companies can also use a VPN to allow remote employees, i.e. employees working from home, or telecommuting, to access the information and data stored on their personal network. Companies also used a VPN to connect different office locations, or overseas offices, even partner offices that of distributors or clients. This connection can then be used to share data in a private manner. The data to be transferred is automatically encrypted, so that anybody who is not part of the VPN cannot access or decrypt the data.
What are the types of VPN?
VPNs are mainly distributed in to two categories:
Intranet: A network that is based on the TCP/IP protocols of the company. It is also protected by the company’s firewall. These types of VPNs are fastest-growing, as they are less expensive to build and manage than private networks based on proprietary protocols. These types of VPNs are only accessible by the company’s members, employees or others with authorization.
Extranet: This type of network allows authorized outsiders to log onto the network using a log-in ID and password. However, these outsiders have various levels of accessibility as decided by the administrator. These types of VPNs are mainly used by corporations to share information with partners, clients, distributors, etc.
Further categorization of VPNs can be done of the basis of:
- The protocols used to tunnel the traffic.
- The tunnel's termination point location, e.g., on the customer edge or network-provider edge.
- Whether they offer site-to-site or remote-access connectivity.
- The levels of security provided.
- The OSI layer they present to the connecting network, such as Layer 2 circuits or Layer 3 network connectivity.
What are the security mechanisms of VPN?
VPN’s primary defense is to allow only authenticated remote access, which essentially means that someone cannot access the data unless they have authorization by the administrator. The administrator is the one who set up the VPN and for all purposes controls it. All the data on the VPN is encrypted unless the user has authenticated access. In addition to security procedures such as encryption, VPN also utilize tunneling protocols.
Wikipedia lists the various features and security protocols of VPNs:
The VPN security model provides:
- Confidentiality such that even if the network traffic is analyzed at the packet level, an attacker would only see encrypted data
- Sender authentication to prevent unauthorized users from accessing the VPN.
- Message integrity to detect any instances of tampering with transmitted messages.
Secure VPN protocols include the following:
- Internet Protocol Security (IPsec) whose design meets most security goals: authentication, integrity, and confidentiality. IPsec uses encryption, encapsulating an IP packet inside an IPsec packet. De-encapsulation happens at the end of the tunnel, where the original IP packet is decrypted and forwarded to its intended destination.
- Transport Layer Security (SSL/TLS) can tunnel an entire network's traffic or secure an individual connection. A number of vendors provide remote-access VPN capabilities through SSL. An SSL VPN can connect from locations where IPsec runs into trouble with Network Address Translation and firewall rules.
- Datagram Transport Layer Security (DTLS) - used in Cisco AnyConnect VPN and in OpenConnect VPN to solve the issues SSL/TLS has with tunneling over UDP.
- Microsoft Point-to-Point Encryption (MPPE) works with the Point-to-Point Tunneling Protocol and in several compatible implementations on other platforms.
- Microsoft Secure Socket Tunneling Protocol (SSTP) tunnels Point-to-Point Protocol (PPP) or Layer 2 Tunneling Protocol traffic through an SSL 3.0 channel.
- Multi Path Virtual Private Network (MPVPN).
- Secure Shell (SSH) VPN - OpenSSH offers VPN tunneling to secure remote connections to a network or to inter-network links. OpenSSH server provides a limited number of concurrent tunnels. The VPN feature itself does not support personal authentication.
What should someone use VPN? What are the benefits of using VPN?
Despite the fact that VPNs are mainly used by business and corporations, they are getting quite a following among the average users. This is mainly because they have a number of benefits for the regular person.
In addition to the companies, VPN can be used by schools and universities to share files and studying materials with its students. VPNs can also be used at home to connect various home networks. Users can use the VPN to share e-mails, voice, videos, private documents, photos, etc. safely and securely. VPNs can also be used one from the dangers of online surfing. Using public Wi-Fi or untrusted networks opens the user’s computer to dangers of hacking. However, a VPN encrypts the internet traffic; hence the hacker will not be able to access any private files on the computer.
Additionally, a user can even connect to a regional VPN in order to access a local website. For example: a user can connect to a British VPN in order to watch the BBC iPlayer outside the UK.
Image Courtesy: blog.tuvpn.com, gta.com