Virtual Private Network is a private network built on the infrastructure of a public network, typically the Internet. In other words, instead of using dedicated links or packet networks (such as Frame Relay, and X. 25) to connect remote networks, uses the Internet infrastructure.
Internet connections may have a lower cost than dedicated links, especially when the distances are great, this has been the reason for companies increasingly using the Internet infrastructure to connect to the private network.
The use of the Internet as an infrastructure connection between hosts on the private network is an optimum solution in terms of costs but not in terms of privacy, because the Internet is a public network, where data traffic can be read by any equipment. So what about the security and confidentiality of corporate information?
Encryption is the answer! Incorporating encryption between hosts on the private network so that, if the data is captured during transmission, cannot be deciphered. The virtual tunnels enable the encrypted data traffic over the Internet and these devices are able to understand the encrypted data to form a secure virtual network on the Internet.
The devices responsible for managing the VPN should be able to ensure privacy, integrity and authenticity of data.
How it works?
Basically a VPN can be done in two ways:
The first form is a single host in transit, connects a provider of Internet and through that connection, establishes a tunnel with the remote network.
In the second case, two networks are linked by the hosts with a dedicated link or via the Internet, thus forming a tunnel between two networks.
The protocols used in the virtual tunnel, are (IPSec) Internet Protocol Security (L2TP) Layer 2 Tunneling Protocol (L2F) and Layer 2 Forwarding (PPTP) Point-to-Point Tunneling Protocol. The chosen protocol will be responsible for connection and encryption between hosts on the private network. They can usually be enabled through a Firewall or RAS server that is working with one of them associated.
A datagram IP, IPX, or NetBEUI is submitted by their proper protocol to the virtual interface that represents the VPN connection, it uses the NDIS, which in turn submits the package to NDISWAN that encodes or compresses and then submit the PPTP protocol, and this, when forming the package result, sends by the serial interface that is used by the analog modem.
Basically, the VPN's in addition to providing security in data transmission is vital for the company, ensuring cost control, avoiding unreasonable costs on such important issues as security of the company.
