Skip to main content

What are Virtual Private Networks (VPNs)?

The problem with general communication methods-

Businesses had to historically dedicate on leased dedicated circuits such as T1, ISDN and OC3. Although these methods provide reliable private secure methods, these lines are expensive and often rise in cost as the distance between offices increase.



Fig 1 : Leased lines

What is VPN?

VPNs (Virtual Private Networks) are type of point-to-point connections across a private or public network.

VPNs use a tunneling process to secure data while transferring data through insecure medium like the internet.&nbsp

When a message to be sent is composed and submitted for sending through an insecure medium, a virtual envelope is created around the data, thus securing what is inside the message from the outsiders.

Then a virtual tunnel is created for routing between different ports by which the message is sent across. See figure below for more details.









Tunneling-

The process-

 Tunneling is the process of placing one packet within another packet and sending it over the network. The protocol of the outer packet is understood by the network on both points. These points are called tunnel interfaces and at these points the packets enter and exit the network.







Protocols-

Tunneling requires three different protocols: carrier protocol (the protocol used by the network that the information is travelling over), encapsulating protocol (the protocol such as SSL and IPSec that is wrapped around the original data) and the passenger protocol.

Importance of tunneling-

Tunneling is important as we can use a private IP address in a packet that is surrounded by a globally unique IP address to extend the private network over the internet. Tunneling also allows users to place a protocol that is not supported in the internet over a IP address and send it over the internet.

Types of VPN connections-

There are two main types of VPN connections:

1. Remote access VPN
2. Site-to-site VPN

Remote access VPNs-

Also called Virtual Private Dial-up Networks (VPDNs), remote access VPNs enables individual users to establish connections with remotely set-up computer networks.

Site-to-site VPNs-

Site-to-site VPNs allow individual networks at multiple locations to establish connections between them.


What is expected from a VPN over an insecure medium approach?


There are three main conditions that are expected from a VPN:

1. Security-

Security is the corner stone of all the VPNs. The three main goals of VPN security are data confidentiality, data integrity and data authentication. Data confidentiality protect data from eavesdroppers. Encryption is used for this. Data integrity ensures that data has not been tampered with (that is it has not been either modified or fabricated). Authentication ensures that only authorized senders and receivers enter the network.

2. Reliability-

Another important security goal is the availability of data and related facilities. When a VPN is set up, the connection should be reliable such that the user(s) in the VPN should be connected regardless of the time and location. It is also expected that VPNs should provide the same quality of connection for each individual user regardless of the traffic.

3. Scalability-

This means that updating and upgrading/downgrading of network facilities should be easy as a business continues. When existing connections are removed/modified or when new connections are added to a VPN, the VPN should be easily set up such that time long maintenance of modifications is not necessary and that data should be available in such instances.


What encryption standards are used in tunneling?

The two main types of encryption are symmetric/secret key encryption and asymmetric/public key encryption. Both uses a pair of keys for encryption and decryption processes. However, both of these methods share a common drawback - key management problems i.e. when users (in this case networks) get added into a specific VPN, the keys have to be managed and distributed to the new parties. However, sharing of keys is insecure and often is intercepted before the other party receives it.

Therefore, more advanced techniques have to be used when concerning the encryption and the overall security of data transmission in a VPN. The two techniques used are the IPSec (Internet Protocol Security) and GRE (Generic Routing Encapsulation), where IPSec is the major contributor.

IPSec consists of two sub-protocols:

1. Encapsulated Security Payload (ESP)- 

Encrypts the packet's payload using a symmetric key.

2.Authentication Header (AH)-

Uses a hashing operation on the packet header for information hiding.


What are the advantages of establishing a VPN?

VPN allows you to have your connection encrypted and secure, to become anonymous online and keep your private data safe from hackers and government censorship. VPN also allows you to access blocked content. Thus VPN gives you privacy, freedom and security. This is useful in online banking, use wifi hotspots, shop online, access media and secure your communication.


Followers



Comments

Post a Comment

Popular posts from this blog

Mesh / Fully connected topology

In the last blog posts we discussed about the star topology and bus topology . This is the third of the series of blog posts on network topologies. This blog post will explain about the mesh/fully connected topology, its pros and cons and the typical usage of its architecture. Mesh or Fully connected topology -  In a mesh or fully connected topology all the nodes are interconnected with each other without the use of a common media. In this blog post: Advantages of Mesh / Fully connected Topology Disadvantages of Mesh / Fully connected topology Usages of Mesh / Fully connected topology For example, as we discussed, in a star topology , all the networking devices were interconnected using a switch or a hub and in the bus topology , all the devices were interconnected using a bus line. More topologies to discover: Bus Topology Ring topology Star topology However, in mesh or fully connected topology, as the name implies, all the devices are inter
Post a Comment

Bus topology

In the last blog post , we discussed about a brief introduction to network topologies and focused particularly on the ">star topology . In this blog post we will discuss about the features, pros and cons and the usage of bus topology. In this blog post- Advantages of using bus topologies Disadvantages of using bus topologies Usage Bus topology -  In a bus topology, all the devices are connected to a central cable (called the bus), through interface connectors (BNC connectors), as shown below: More topologies to discover: Star Topology Mesh or Fully Connected topology Ring topology In a bus topology, terminators are added, as shown by the red squares in the above figure at the ends, to prevent reflection of signals. In a bus topology, only one device may communicate at a time. To avoid collision of packets, all other devices should wait until the bus line is free for them to communicate. A protocol called Distribute Access Protocol (DAP)
3 comments

Ring topology

We have already discussed about the introduction to topologies , star topology , bus topology and mesh or fully connected topology . This is the last of a series of blog posts on network topologies. In this blog post we will discuss about the ring topology, its pros and cons and the typical usage of its architecture.  Ring topology -  In ring topology all the nodes are connected to make a closed loop as shown in the diagram below :  However, data can travel in a ring network only in one direction with the help of a token. A token contains some information and along with this information data is sent throughout the network.  In this blog post: Advantages of Ring Topology Disadvantages of Ring Topology Usages For example, suppose A wants to send data to C and let us assume that the token is moving along the loop counter clockwise. Then first E receives the token and since the addresses do not match E passes further. Then D receives it and similar
Post a Comment

Introduction and Star topology

Network topologies are all about how the networking devices are connected. Suppose you are provided with a switch and 4 computers, there are numerous ways that these can be connected. The following diagram illustrates some ways of connecting them : Therefore, network topologies is about studying and connecting such computers in different patterns. When we connect in different orientations,we have to particularly pay attention to the pros and cons of each method rather than just using a particular topology randomly. Therefore, this blog post will discuss about the different topologies, their pros and cons and where each of these topologies are typically used. Star topology- A star topology, as shown below, is a topology where all the computers are connected to one centralized hub or switch. Therefore, each of these equipment are given the same opportunity (direct) to contact the switch and all devices radially span out from the centralized hub or switch. In this
Post a Comment

How emails are sent [the action of the SMTP servers]

What is SMTP? SMTP stands for Simple Mail Transfer Protocol and is used by email carriers to send and receive emails. SMTP uses the store and forward technique to send emails between two connections. [Actually, there are two different servers running on a server machine : the SMTP server and the POP3 or IMAP server. We will focus only on the SMTP and the functionality of the SMTP server in this blogpost]. How does SMTP work [or how emails use SMTP?] ? Consider the following expected communication between John and Brendon: Fig 1 : Expected communication between John and Brendon Suppose John is going to send his email using Outlook express. First, Outlook express should connect to John's network and then to the SMTP server using Port 25 (SMTP usually uses TCP port 25 for connections). Then Outlook express should notify the server the message to be sent, the address of the sender and that of the recipient. Suppose Brendon's address is Brendon@pqr.com. Fig 2
1 comment
DMCA.com Protection Status