VPN structure. VPN classification. The technology of building a virtual private network – IPSec, SSL protocols. VPN examples.
Private networks are used by organizations to connect to remote sites and other organizations. Private networks consist of communication lines leased from various telephone companies and Internet service providers. These links are characterized in that they only connect two sites while being separated from other traffic, as leased connections provide two-way communication between two locations. Private networks have many advantages.
The Information Is Kept Secret
- Remote sites can exchange information immediately.
- Remote users do not feel isolated from the system they are accessing.
Unfortunately, this type of network has one significant drawback – high cost. Using private networks is very expensive. Using slower links can save money, but remote users will notice the lack of speed, and some of the benefits mentioned above will become less obvious.
With the increase in Internet users, many organizations have switched to using virtual private networks (VPNs). VPNs provide many of the benefits of private networks at a fraction of the cost. However, with the introduction of a VPN, there are several questions and dangers for the organization. A well-built virtual private network can bring significant benefits to an organization. If the VPN is implemented incorrectly, all information transmitted through the VPN can be accessed from the Internet.
Definition Of Virtual Private Networks
So, we intend to transfer the organization’s confidential data over the Internet without using leased communication channels while still taking all measures to ensure traffic confidentiality. How can we separate our traffic from the traffic of other global network users? The answer to this question is encryption.
On the Internet, you can find traffic of any type. Much of this traffic is transmitted in the clear, and any user observing this traffic will be able to recognize it. This applies to most email and web traffic and telnet and FTP sessions. Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS) traffic is encrypted traffic and cannot be viewed by the packet sniffing user. However, SSH and HTTPS traffic does not form a VPN like diebestenvpn.
Deploying Custom VPNs
Custom VPNs are virtual private networks built between a single user system and an organization’s host or network. Often, custom VPNs are used by employees on a business trip or working from home. The VPN server can be the organization’s firewall, or it can be a separate VPN server. The user connects to the Internet through a dial-up connection to a local service provider, a DSL line, or a cable modem and initiates a VPN connection to an organization’s site over the Internet.
The host of the organization prompts the user for authentication data. Successful authentication allows the user to access the organization’s internal network as if the user were inside the host and physically located within the network. The speed of the network connection will be limited by the speed of the user’s connection to the Internet.
Custom VPNs allow organizations to restrict remote users’ access to systems or files. This limit should be based on your organization’s policy and depends on the capabilities of your VPN product.
While a user has a VPN connection to the organization’s internal network, they can also connect and surf the Internet or perform other activities as a regular Internet user. The VPN is maintained by a separate application on the user’s computer.
Benefits of Custom VPNs
Custom VPNs have two main benefits:
Employees on a business trip can access email, files and internal systems at any time without the need for costly long-distance and international phone calls to connect to servers.
Employees working from home can access network services just like employees working in an organization without renting expensive dedicated lines.
Both of these benefits can be attributed to saving money. Savings can come from eliminating costly long-distance and international calls, leased lines, or having employees administer the servers that receive incoming phone connections. Home users with DSL or cable modems can get faster speeds with 56Kbps phone lines. More and more hotel rooms are equipped with links for access to the network; therefore, all conditions for high-speed Internet access are created for users on the road.
Issues Related To Custom VPNs
Proper use of custom VPNs can reduce costs for an organization, but custom VPNs are not the answer to every problem. There are significant security risks and implementation issues to consider when using them.
Perhaps the most significant security issue when using a VPN as an employee is connecting to other Internet sites simultaneously. Typically, the VPN software on the user’s computer determines whether the traffic should be sent through the VPN or sent to some different location in the clear. If a user’s computer has been attacked using a Trojan horse, some illegal external user may be using the employee’s computer to connect to the organization’s internal network. Attacks of this type are pretty tricky, but they are pretty accurate.
Custom VPNs require the same attention to user management issues as in-house systems. In some cases, VPN users may be bound to user IDs in a Windows NT or Windows 2000 domain or other centralized user management system. This feature simplifies user management, but administrators still need to be vigilant about which users need remote VPN access and which don’t.
Custom VPN Management
User VPN management is mainly about managing users and their computers. When separating employees, you must follow the appropriate user management procedures.
Of course, the correct versions of the VPN software like gizlilikveguvenlik must be installed on users’ computers and the appropriate configurations implemented. If an organization owns the computers, this software is a standard feature on every computer. Suppose an organization allows employees to use VPN from their home computers. In that case, they will need to increase the overall level of support for these users, as different computers and ISPs may require different configurations.
Deploying VPN Mesh Networks
Nodal VPNs are used by organizations to connect to remote sites without the use of expensive dedicated circuits or to connect two different organizations that need to be connected to exchange information related to the activities of these organizations. Typically, a VPN connects one firewall or border router to another similar device.
To initiate a connection, one of the nodes attempts to send traffic to another node. As a result, the VPN is created on both opposite nodes of the VPN connection. Both end nodes determine the connection parameters depending on the policies in place on the nodes. Both sites will authenticate each other with some shared predefined secret or a public key certificate. Some organizations use node VPNs as backup links for leased links.