Get the most out of your Inc. online experience by registering and joining the Inc. community today. Get access to all Inc.com content and priority invites to free Inc. networking events in your area.

Login using:


Or login directly through Inc.com

Virtual Private Networks

 

Related Terms: Communication Systems; Local Area Networks; Mobile Office; Wide Area Networks

Virtual private networks (VPNs) are systems that use public networks to carry private information and maintain privacy through the use of a tunneling protocol and security procedures. By using the shared public infrastructure, these virtual private networks are far more cost effective than were early real private networks which companies built using costly private lines and systems. In a VPN some of the parts of the network are connected using the Internet (the public infrastructure). Data that travel over the Internet are encrypted, so the entire network is "virtually" private. This allows users to share private information over a public infrastructure. A typical VPN application would be one created by a company with offices in different cities. By setting up a VPN the company uses the Internet as the connector between the networks in its two offices effectively merging their networks into one. Encryption is used on all transmissions within the network that use the Internet link, making it a private network.

The public infrastructure that provides the backbone for most VPN systems is the Internet. VPNs can connect remote users and other off-site users (such as vendors or customers) to a larger centralized network. Before the Internet, and the easy availability of high-speed or broadband connections to the Internet, a private network required that a company install proprietary and very expensive communication lines. The expense of such an investment put private networks out of the reach of most mid- to small-size firms. This is no longer the case. This fact, along with the universal appeal of the Internet, has enabled the rapid spread of VPN technology. The result is remote access that is quicker, more secure, and wider in scope.

STRUCTURAL OVERVIEW OF VPN SYSTEMS

In the most basic terms, a computer network is a group of computers that are connected with cable. Usually, one or more computers acts as a server within the group. A network may also be formed with computers that communicate through wireless connections but the wireless signal must be caught and transmitted by hardware that is located reasonably near both the sending and receiving machines.

Companies have long networked computers. Until the advent of the Internet, however, the entire infrastructure of these networks had to be built by the companies themselves. They had to purchase and lay cables to connect their computers. They had to purchase and install boosters or repeaters to augment the signals transmitted through cables when large distances were involved. They had to lease high-capacity, dedicated phone lines in order to connect computers or networks in remote locations. They had to build or lease transmission towers in order to send wireless signals long distances and they had to purchase and install the systems used to send and receive these signals. Not surprisingly, most companies did not go far beyond networking computers in a single building since the cost of the infrastructure requirements for anything larger were prohibitive.

With the advent of the Internet and the growth in availability of high speed, broadband communication lines, new technologies were developed to use the Internet as the conduit through which to connect remote computers or networks. A company no longer had to absorb the full cost of building the infrastructure needed for wide area networks (WANs).

The communications protocols that regulate and make the Internet possible are also the basis for the protocols necessary to operate virtual private networks. The underlying collection of protocols is called transmission control protocol/Internet protocol or TCP/IP for short. The protocols for VPNs are called IPSec.

A virtual private network is, basically, a network in which some of its components are connected to one another through the Internet. Software written to use IPSec is used to establish these Internet connections. The connections created in this way are called tunnels, through which all transactions between the two authenticated computers on either end of the tunnel may transmit privately across the public Internet.

Client-to-Network A

VPN can be set up to connect single-client PCs with a company's local-area network (LAN) This sort of VPN is usually called a client-to-LAN VPN. This enables companies that have employees who travel extensively or work remotely to equip those employees with a computer that uses the VPN to access the company network and work on it like any other employee from just about anywhere, as long as they have access to the Internet. Small companies may set up a client-to-LAN VPN through which all the employees access a central server from their home offices.

LAN-to-LAN

A LAN-to-LAN VPN is one that connects two networks together instead of individual client computers being connected to a single LAN. The mechanisms behind these two types of VPN is the same. A LAN-to-LAN system is useful for connecting a branch office network to a corporate headquarters network, or a warehouse network to a supplier's network. The options are many.

THE COST OF VIRTUAL PRIVATE NETWORKS

The costs of implementing a virtual private network are reasonable for any company that already has a network and high-speed access to the Internet. The two biggest components of a VPN, for those with networks in place, are the software and set-up of the same, and the need in many cases to upgrade the Internet connection service. Because a VPN uses the Internet address of the network server as the access for those logging on the system through the Internet, a company must have a static IP address. Internet Service Providers usually charge slightly more for a service that holds the IP address static.

The software needed to manage a VPN is commonly sold as a part of many network operating systems. Setting up this software takes networking knowledge but can be done by any competent network administrator or network outsourcing supplier.

When a business decides to use an outside provider, it is immediately eliminating any costs for purchasing and maintaining the necessary equipment. The most the business will have to do is maintain security measures (usually a firewall) as well as provide the servers that will help authenticate users. Of course, this too can be done by an outside provider for an additional price. Outsourcing also cuts down on the number of employees that would be required to manage and maintain the virtual private network.

 1 | 2  NEXT