Encryption-based VPNs create a VPN using the public Internet infrastructure. A corporation establishes public Internet connections from each of its office locations to an ISP’s PoP. The corporation can establish the connections with a single ISP or multiple ISPs.
Encryption-based VPNs are susceptible to any weaknesses that the public Internet may experience. Typically, these weaknesses are related to data security and network performance. The original design and implementation of the Internet did not address the security and performance requirements of private networks.
Encryption-based VPNs are often the easiest type of ISP–based private network to create. Several different encryption vendors supply a large range of solutions. Figure 2 shows a typical encryption-based VPN implementation. Each branch office or partner company connects to any ISP; users simply must have access to the public Internet. An encryption device (typically a router or firewall) is placed at each location. The encryption devices receive encrypted data from the other locations and perform the appropriate decryption.
Dinesh Thakur holds an B.C.A, MCDBA, MCSD certifications. Dinesh authors the hugely popular