Docstoc

How VPN Works

Document Sample
How VPN Works Powered By Docstoc
					How VPN Works
VPN stands for Virtual Private Network. This is a technology that allows one to remotely connect to a private network,

so that they are "virtually" connected to that network, as though they are on-site and plugged into the LAN. VPN is

useful for remote workers to connect to office resources, such as internal web portals and file shares, without needing

to be physically in the office. In this computer networking notes VPN tutorial, we will take a brief overview of the

different types and uses of VPN.


There are many different VPN protocols and types of VPN's. LAN-to-LAN VPN's are used to connect multiple

networks together. For example, a corporate office may wish to have connectivity to multiple branch offices for

internal communication and resource access. This allows edge firewalls to still block any outside access that tries to

connect to its protected resources, but still allow these VPN connections as though they are "internal" or already on

the trusted side of the firewall. IPSec is a collection of security protocols that are most commonly used for LAN-to-

LAN VPN's, providing a robust set of varying encryption and authentication protocols.


Remote workers connect to remote VPN's. These are usually temporary, or "dial-in" connections. Microsoft Windows

comes with PPTP (Point-to-Point Tunneling Protocol) built-in, which provides an easy access method to roll out.

However, PPTP relies on a weak encryption protocol, called MS-CHAP, which makes it a less favorable option.

IPSec can also be used for remote VPN's, with the use of special third-party client software, and/or IPv6. SSL VPN's

are becoming more popular for remote access VPN's, as they provide a secure connection, as well as the easiest

option for remote workers. With a SSL VPN, remote workers can usually login to a HTTPS web page that allows them

to download an app (often a Java app) that serves as the client software. After the initial install, clients can usually

run the app without having to login to the web page. SSL VPN's also may allow access from the web portal to certain

resources without needing to give remote workers a full network connection to the private network.


Aside from granting access to remote workers, VPN is sometimes used to mask a host's true identity. This presents a

security concern, since VPN can be used as an encrypted tunnel to transport classified data off of a corporate LAN.

Modern data loss prevention (DLP) and firewall rules not allowing outbound VPN connections are a good starting

point, but SSL is very difficult to accurately block, due to the fact that many legitimate secure websites use SSL. VPN

services can also be subscribed to for masking a host's external IP. For example, a site or service may only be

allowed in the UK, but if someone in the United States connects to a UK VPN server and uses it to browse to the site,

it would appear they were in the UK.


To recap, VPN is a type of connection that allows a remote connection to be treated as though it is part of a local

private network. These connections may be used for remote individuals or entire remote networks. VPN connectivity
is achieved with a variety of protocols.

				
DOCUMENT INFO
Shared By:
Tags:
Stats:
views:21
posted:3/31/2012
language:
pages:1