What Is a Virtual Private Network?
A virtual private network (VPN) is a secure, encrypted connection between two points across the Internet. Information is sent via tunneling, which is the practice of encrypting and encapsulating traffic in Internet protocol (IP) packets. Wide area networks (WANs), security products, and routers are all pieces of the overall VPN puzzle.
Conducting Business over the Web
CTR's new Virtual Private Networks: Achieving Secure Internet Commerce and Enterprisewide Communications report examines the role of VPNs in corporate networks. The use of the Internet and the Web for e-commerce is a major impetus of the development of VPNs, which offer a way to send private IP data over a public network infrastructure. This report offers a step-by-step program for VPN implementation.
The report addresses the major Internet shortcomings, including lack of quality of service (QoS) guarantees, performance definition, and even the most basic security and privacy measures. The report discusses cryptography, encryption,hash functions, and public key infrastructure (PKI).
The report also outlines identification (Are you who you say you are?), certificates (How do you know who I am?), and the non technical aspects of public key certificates and Internet certificate authorities (CAs).
Remote Access
In many cases, remote access to a central intranet for mobile or at-home users is the cost justification for VPNs. Remote access VPNs enable the user to connect to an intranet via a local call to an Internet service provider (ISP) and an Internet connection, rather than via a long- distance direct call to a communications server.
CTR's Virtual Private Networks: Achieving Secure Internet Commerce and Enterprisewide Communications explores the "three A's" - authentication, authorization, and accounting - and specifics regarding products and protocols, such as:
- Terminal Access Controller Access Control System + (TACACS +)
- Remote Access Dial-in User Service (RADIUS)
- Challenge Handshake Authentication Protocol (CHAP)
This report also addresses multiprotocol encapsulation, generic routing encapsulation (GRE) protocol, secure tunnel establishment protocol (STEP), and point-to-point tunneling protocol (PPTP).
Firewalls and Virtual Private Networks
Firewalls are critical to VPNs. An entire chapter of the report is dedicated to firewall functions and related issues, including firewalls' relationship to intranets, extranets, and the Internet; how firewalls determine employees' use of office PCs; and Java screening, used by firewalls to determine which external downloads are permitted. Various types of firewalls are examined - from simple packet filters to hundred-user proxy servers.
Management Implications
Should an organization construct its own VPN or outsource the project to service providers? Is the answer a managed network service (MNS) or a simple, closed intranet? This report presents the advantages and disadvantages of both sides of the argument and provides sample VPN service offerings.
Organizations must consider user reaction to the chosen method of VPN implementation: No VPN will be valuable unless users have confidence in it.
CTR's Virtual Private Networks: Achieving Secure Internet Commerce and Enterprisewide Communications report discusses user and application perspectives of VPNs, and the risks and benefits of building or buying VPNs based on frame relay (FR), asynchronous transfer mode (ATM), or the Internet.
The future trends outlined in the report will provide information technology (IT) managers a foundation for planning successful VPN implementations
Comments