« Conversion from Binary to Decimal and Decimal to Binary the Easy way

Understanding Ip Addressing »

Introduction to VPN Concepts

VPN (virtual private network) is a tunneling method that gives us the capability to connect two remote sites together over the public WAN.

VPN allows us to connect to our local network from remote locations. For example let’s say that we have a company with two sites, one central office in California and one branch office in Texas. Some of the available methods for establishing a connection between them are: leased line, frame relay and ATM. But from the cost point of view none of these methods has the efficiency of VPN tunnels. You can establish a VPN tunnel even by using a cheap DSL connection.

VPN Concepts

Look at the diagram above, with the VPN tunneling, California can communicate with Texas as they were in the same LAN. As you can see, the data passes through the WAN (public internet).

I will ask you a simple question

IS THE PUBLIC INTERNET SECURE???

The answer is NO.

The owner of the company starts complaining “the data of my company are running through the internet, everybody can sniff it and read it or modify it”

The solution is called IPsec (IP security). IPsec is a collection of different protocols that secures IP.

By using IPsec with VPN connections we achieve:

  • Confidentiality
  • Integrity
  • Authentication

Confidentiality means that even if someone sniffs the data that passes from one host to another, those data can’t be read. We are achieving confidentiality by using encryption.

The most popular encryption algorithms for VPNs are:

  • DES
  • 3DES
  • AES
  • RSA

Integrity in the VPN means that when someone sends data over the tunnel, nobody can alter them in any way. To ensure integrity we use Hashing algorithms like MD5 and SHA-1.

Authentication is used to verify that the person or network equipment trying to establish a connection is allowed to do so. Most used authentication methods are OTP (one time password), username / password, biometrics and digital Certificates.

The most popular devises that can be used to initiate or terminate a VPN tunnels are: routers, firewalls, network appliances dedicated for VPN connections and PCs.

After this brief introduction to VPNs, I am looking forward, in one of my next articles, to giving you an example of a site-to-site VPN configuration.

If you Like this Article, Share it!

This entry was posted on Monday, September 24th, 2007 at 5:06 pm, by Jim Skenderlis and is filed under General Networking. You can leave a response, or trackback from your own site.

RSS feed | Trackback URI

1 Comment »

Trackback by 9b2eaf4a5dfa
2008-05-10 03:04:05

9b2eaf4a5dfa…

9b2eaf4a5dfa87dc21fa…

Reply to this comment
 
Name (required)
E-mail (required - never shown publicly)
URI
Subscribe to comments via email
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong> in your comment.
Close
E-mail It

Proudly hosted @ Web Hosting @ InterServed