A virtual private network (VPN) is a catchall description for a variety of networking schemes that allow businesses to use public Internet lines to create a virtual network. It has no standard model, but in general, it uses public Internet lines in one of several unique fashions to create a virtual private network. The network can operate between branches, regional centers, and field representatives via a set of software and hardware protocols that authenticate users and encrypt traffic.
A few types of VPN security include the following:
- Encrypted tunneling uses SSL (Secure Socket Layer) encryption to authenticate users and send information between the remote client(s) and server(s).
- IP Security (IPSec) encrypts IP packets like SSL, but can also encrypt UDP (user datagram protocol) traffic, one layer deeper in the network model. UDP traffic accounts for only a small percentage of network traffic, but is used in some key applications like streaming media, and Voice over IP (VoIP).
- Point-to-point Protocol (PTPP) is Microsoft's VPN protocol, and is not considered as secure as some others.
Other models include "trusted VPNs," which rely on the third party services of an established network provider. The provider handles all network traffic and guarantees the security of network communications. Trusted network structures might use multi-protocol label switching (MPLS), layer-2 forwarding (L2F), layer 2 tunneling protocol (L2TP), or later versions of these protocols, such as L2TP version 3.
A VPN differs from a WAN (wide area network) in that the latter uses leased network lines, thus restricting all traffic to corporate business only. This is effective but costly, particularly when the network must span large distances.
Some companies use intranets or extranets to facilitate "private" communication. These protocols involve password-protected pages or sites that, ideally, only employees and authorized personnel can access. Connections between remote users and host servers are not always encrypted, however, and intranets and extranets are not technically private networks.
A VPN is expandable, much more cost-effective than a traditional WAN, connects field operators, international offices, affiliated partners or clients, and improves productivity. Assuming care is taken to build a secure the network, it is a highly beneficial step that can be a tremendous asset to any company with networking needs.