Table of Contents
What is VPN:
A virtual private network (VPN) is a private network that is expanded by partially encapsulating and encrypting data packets from various remote points through public transport infrastructures. Data packets from the private network pass through a tunnel defined in the public network.
With remote access, it allows the user to access their company network and assign their addresses and authorizations to their remote computer. Even if the connection was established through a public Internet access. Sometimes it can be interesting that the communication that circulates in the tunnel established in the public network is encrypted to guarantee greater confidentiality.
More About VPN:
VPN uses Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP), which allows secure access to network resources while connecting to a remote access server over the Internet or other net. The use of public and private networks to create a network connection is known as a virtual private network.
Factors to consider:
It can be configured with devices dedicated to this device task or with software running on servers. Microsoft offers VPN functionality on its Microsoft Windows 2003 and Microsoft Small Business Server servers.
It is very important that the devices used to build VPNs and firewalls have the “hardened” operating system. Which means that all non-critical system functions are removed. In some cases, the manufacturer even destroys the GUI-GUI. The purpose of operating system hardening is to reduce vulnerabilities and limit the ability of a potential attacker to exploit these vulnerabilities through services that run at the operating system level. And are not configured correctly. In other words, the fewer modules the operating system has loaded, the more difficult it is to find a vulnerability.
The devices are a good example of a hardened operating system, because they are specially designed for a job. The manufacturer adapts the operating system built into the machine (mainly Linux) and all the functions of the machine are mounted on this mini kernel. These boxes were developed from the ground up with one goal in mind and their memory, processor and architecture are optimized for VPN tunnel or firewall work as needed.
Advantages and disadvantages of VPN:
Some advantages of VPN:
The main advantage of using a VPN is that we can have a network connection to any function of the private network that we want to access. The VPN client receives the membership status of this network in its entirety. And enforces all security and authorization policies of a computer on this private network.
Thus, the information published for this private network is accessible: databases, internal documents, etc. through public access. At this point, all Internet access connections from the VPN client computer are made using the resources and connections available on the private network.
Some disadvantages of the VPN:
The downsides are a higher burden on the VPN client as it has to take on the additional task of encapsulating data packets. This situation is made worse when additional data encryption is applied, further slowing down most connections.
In addition, the data traffic is more complex, which can inadvertently affect the numbering assigned to the VPN client and make any necessary changes to the application or program settings (proxy, mail server, authorizations based on name and IP number ).
Also Read : What Is E-Business And Where IT Has Started?
Basic VPN requirements:
- User identification: It must be able to verify the identity of users and restrict access to the VPN to unauthorized users. You must also provide statistical records showing who accessed what information and when.
- Address management: The must configure a client address on the private network and make sure that private addresses are kept this way.
- Data encryption: Data transmitted over the public network must be encrypted beforehand. So that it cannot be read by unauthorized clients on the network.
- Key management: It must generate and renew the encryption keys for the client and the server.
- Multiple Protocol Support – The VPN must be able to handle the common protocols used on the public network. These include Internet Protocol (IP) and Internet Packet Exchange (IPX).
Examples of VPN programs:
- Hamachi: It is a free application (freeware) for a virtual private network videographer. It can (in most cases) establish direct connections between computers under NAT firewalls without reconfiguration.
- Cisco VPN Client – Cisco Client software supports IPSec connections to Cisco concentrators. This VPN software application works on Windows, Linux, and Mac OS X.
- OpenVPN: OpenVPN is a virtual private network implementation that allows remote access to workstations in encrypted form through secure tunnels.
- Shimo 2: Apple Mac OS fully supports virtual private networks. Shimo is a GUI client for Mac OS X computers. The latest Shimo version 2 replaces Cisco’s client on Mac computers and supports other technologies. Such as PPTP, L2TP, and SSH VPN such as Hamachi and OpenVPN.
- Tinc VPN Daemon – This is an IPSec software solution for Linux networks. Active FreeS / WAN development has been discontinued, making this solution particularly attractive to students and researchers.