A Virtual Private Network (VPN) is that private network built on a public network. The reasons that push the market in that direction are, mainly, of costs: it is much cheaper to interconnect delegations using a public infrastructure than to deploy a physically private network.
Virtual Private Networks (VPNs) use advanced encryption and tunneling so that organizations can establish secure private end-to-end network connections over third-party networks, such as the Internet or extranets. When leveraging third-party networks through VPNs, organizations do not have to continue using costly leased lines or Frame Relay lines, which are generally tricky to dispose of for remote locations. VPNs also allow secure connectivity with suppliers and partners, allowing the use of new networked business applications. VPNs also connect remote users and mobile users to the corporate network through a local Internet service provider, rather than through expensive long distance calls. Also, VPNs offer a much higher level of security, through their advanced encryption protocols, thus making the data can only read by the receiver to which they sent.
We’ll be covering the following topics in this tutorial:
Types of VPNs
VPNs are generally divided into three categories: intranet, extranet and remote access.
• Intranet (site-to-site): they are indicated to connect fixed locations, branches, branches, and remote offices. They normally use dedicated connections within the company’s WAN communications structure based on an operator’s private IP network.
• Extranet: implemented to expand network services and provide limited and secure access to partners and customers of a company. These extensions are generally supported by public networks (typically the Internet, the public IP network par excellence), for client accesses and private IP networks with higher quality access for partners and collaborators.
• Remote access: they provide secure access to mobile users and small offices with very basic communication needs. They use existing access networks, RTB and ISDN, to connect over the Internet.
It is interesting to highlight at this point, the difference between implementing a VPN over a private IP network or a public network (Internet).
On a private IP network, the corresponding operator can ensure an agreed quality of service (SLA) and can control and monitor its network to optimize its performance. They are networks designed and intended for corporate traffic that do not compete for bandwidth resources against domestic users who surf the Internet. Finally, being private networks intrinsically carry security and do not need to add costly encryption protocols in terms of equipment, delays, packet size increase, etc. Even so, they can implement if the security requirements are so strict that they demand them.
On a public IP network such as the Internet, no quality of service can guaranteed since no one controls the level of network congestion. The traffic belonging to an enterprise VPN compete for bandwidth resources against countless domestic users browsing for the latest news or only “chatting” with their circumstantial contacts. It can significantly degrade the performance offered by a VPN. Also, the cumulative effects of encryption protocols, which generally produce an increase in packet size (although there are some compression techniques) and introduce an inevitable delay in the end-to-end transmission-reception process, must be considered.
How a VPN constituted
However, let’s see how a VPN built. As the name implies, virtual means that the network that forms the VPN constructed from logical elements rather than physical devices (these certainly exist as the medium that supports the logical network). Unlike traditional links, dedicated lines, for example, VPNs do not maintain permanent links between the endpoints that make up the corporate network. It occurs because the Internet serves as the basis for these connections, and the structure of the Internet is dynamic. When you need to connect two sites, the link created, once it is stopped using, the connection is destroyed freeing resources for other users.
These connections are called tunnels. These may consist of two endpoints, whether these are single computers or networks. Security bridges (gateways) that serve as a filter to stop intruders should include. These bridges can be a “router” or a wall of fire (firewall).
To demonstrate how vital VPNs are, we can now see that the PPTP network protocol already included in the Microsoft Windows NT 4.0, Windows 98 and Windows 2000 operating systems, which allows workstations to connect to a VPN.
As we saw before, what we need at both points of the VPN is to have Internet connections. Of course, on the side of the Central Office, we require links with sufficient bandwidth, and surely the link on this site is permanent. It is recommended to use security devices (firewalls) that separate the network from unauthorized access from the Internet. For users, there are so-called personal firewalls, which have a lower capacity and price. A hardware firewall can cost $ 3,000.00. We can find personal firewalls from $ 20.00 or even free
It is evident that behind this explosion, there are several benefits over the traditional network that companies have been able to appreciate. The main advantages include:
• Reduced costs: The total cost of ownership (TCO) reduced since bandwidth, trunk equipment and operations are less expensive. In fact, according to Infonetics, a network management consulting company, LAN-to-LAN connectivity costs usually are reduced between 20 and 40% compared to leased line networks, while reducing costs for solutions Remote access estimated between 60 and 80%.
• It makes possible the Internet economy, favoring the agility of the business network – VPNs intrinsically present a more flexible and scalable architecture than classic WANs and, therefore, make it possible for companies to expand their connectivity quickly and profitably, which is conducive to the connection and disconnection of remote offices, international sites, teleworkers, mobile users with local call services (roaming) and the inclusion of external collaborators as required by the company.
• Reduces management problems: Companies can outsource a good part or all of their WAN communications through an operator, making it possible for companies to focus their activities on the essential objectives of their business, instead of having to worry about the management of your WAN network or remote centers.
• Simplify the network topologies: By implementing an IP trunk that eliminates the permanent virtual circuits (PVCs) associated with the connection protocols, such as those of the Frame Relay, a fully open network topology created, thereby complexity and network costs are reduced.
• It serves as a support for the installation of value-added services such as VoIP, Video Conference, etc.
Importance of Virtual Private Networks
The network of networks, the Internet becomes increasingly important. Every day there are faster access speeds, and the range of services offered through the Internet widened. It happens that many companies or institutions, with particular growth, have established branches or terminals which have their computers. In many cases, it is necessary to connect these computers to the central office network. We also have the case of remote users, employees, who connect from home or when they are traveling to, for example, check their email.
One of the solutions that have found to the problem of the remote connection is that of Virtual Private Networks or VPN, according to its acronym in English, which use the open Internet infrastructure to transmit corporate data between offices or branches. When we talk about corporate data, we mean private information to a company or institution.
The intention here is to take advantage of the infrastructure of Internet providers (ISP) to interconnect remote users at a low cost. VPNs allow system administrators to connect the branches of a corporation with the central office in an economical way. Also, they provide remote access to employees while reducing equipment and support spending.
Also, often mobilized employees, such as sales representatives, can connect to the office network from any place where there is access (a phone number) to an Internet provider.