VPN means Virtual Private Network. A VPN can be an extra virtual network over a preexisting real network.
Why VPN – likely uses
A VPN is typically used today for two purposes: connecting several sites on the internet and accessing the organization network on the go. The bond of the neighborhood area networks (LANs) of specific sites via a VPN is called site-to-site VPN. Info transfer occurs via the web or via leased lines. Traffic is usually encrypted.
When accessing the organization network by mobile phone users or residence workers, this is called user-to-site VPN. Here the encrypted data transmission takes place via the web. The kind of Internet connection is really no matter (ADSL, VDSL, ISDN, UMTS).
Webpage networking with site-to-site VPN
To create a site-to-webpage VPN, a VPN router or Free VPN is employed at each blog. This router creates the necessary VPN tunnels to hiss the sites. For the users in the neighborhood networks, the VPN is transparent. You can access data in all locations (within their access rights).
Portable users with user-to-site VPN
Mobile users (Road Warrior) can access the organization network via VPN alternatives. For this, an individual earliest establishes an Internet connection and then runs on the VPN consumer on the portable computer to set up a VPN tunnel to the business network. Here, too, the user has full access to the network. He can access data file servers, edit mails or use industry software.
Protected WLAN with VPN
VPN may also be used to secure wireless networks. Sometimes it is not possible to apply WPA or just WEP. In such cases, access to the network can be manipulated through VPN tunnels. Simply users with a corresponding certificate will receive usage of the network.
For the development of a VPN software or special equipment can be used. Open source software program can be available.
How VPN can be realized
Different protocols are for sale to the technical execution. Typically IPsec and SSL are used.
VPN with IPsec
IPsec with Encapsulating Security Payload (ESP) ensures the authentication, integrity and confidentiality of IP packets. Various routers support IPsec as a VPN protocol and there will be IPsec clientele for House windows, Linux and Mac OS X. IPsec performs on the OSI level 3. However, many network components cannot cope with this , nor onward IPsec (intentionally or unintentionally). So that it can happen a public spot can not build up an IPsec tunnel.
Many suppliers of professional VPN solutions are repackaging IPsec in IP / UDP (NAT traversal). This will avoid transmitting problems.
Secure Sockets Layer (SSL) can be an encryption process. Some manufacturers make use of SSL for establishing VPNs. Since SSL, like other traffic, is definitely transmitted over IP and UDP or TCP, there happen to be no transmitting problems also in restrictive networks. The open origin software OpenVPN is based on SSL.
There are also VPN alternatives for access via browser. An individual accesses an SSL appliance using Internet Explorer or Firefox. The browser offers him usage of data and applications in the corporate network.
The IPsec and SSL VPN protocols will be safe from today’s point of view. The known episodes on HTTPS or SSL will be man-in-the-middle attacks with forged certificates. Such attacks on VPN tunnels aren’t possible because both the VPN appliance and the VPN client detect the wrong certificate and don’t tunnel.
The problem is definitely stolen notebooks or VPN routers. The certificates applied to these devices must be quickly revoked (keyword Certificate Revocation List CRL), the PSK must be changed. Actually Trojans, viruses and additional malware on the laptop of a Highway Warrior can get in to the corporate network without adequate protection.