Virtual Private Networks

 

For a firm that does not already have a computer network with Internet access, the task of setting up a VPN is a much larger undertaking.

VIRTUAL PRIVATE NETWORKS AND SECURITY

Virtual private network systems are constantly evolving and becoming more secure through four main features: tunneling, authentication, encryption, and access control. These features work separately, but combine to deliver a higher level of security while at the same time allowing all users (including those from remote locations) to access the VPN more easily.

Tunneling creates the connection between a user (either from a remote location or separate office) to the main LAN. This connection is called a tunnel and is essentially the circuit-like path that transfers encrypted private information through the Internet. This requires an IP address which is an Internet address to which the client PC can direct itself, a pointer to the company network. Unlike other IP addresses, this one is not open to the public but is rather a gateway through which VPN users may enter, and after authentication and logging on, have access to the network.

To avoid crowded connections, a tunneling feature called "switching" was developed. This feature helps differentiate between direct and remote users to determine which connections should receive the highest priority. The switching can either be programmed directly into the virtual private network or upgraded so that the hardware recognizes each connection on an individual basis.

Incoming callers to the virtual private network are identified and approved for access through features called authentication and access control. These features are usually set up by the IT manager who enters a user's individual identification code or password into the main server, which cuts down on the chances that the network can be manipulated from outside the company. Authentication also offers the chance to regulate access to the material on the LAN so that users can be provided access to specific information only.

Encryption is the security measure that allows information on virtual private networks to be scrambled so that it becomes meaningless to unauthorized users. Encrypted data is eventually unscrambled at the end of the tunnel by a user with the proper authorization. This process is usually done via a private IP address that encrypts the information before it leaves the LAN or a remote location.

Despite these precautions, some companies are still hesitant to transfer highly sensitive and private information over the Internet via a virtual private network and still resort to tried-and-true methods of communication for such data.

THE PERFORMANCE OF VIRTUAL PRIVATE NETWORKS

The latest wave of virtual private networks features self-contained hardware solutions (whereas previously they were little more than software solutions and upgrades to existing LAN equipment). Since they are now self-contained, this VPN hardware does not require an additional connection to a network and therefore cuts down on the use of a file server and LAN, which makes everything run a bit more smoothly. These new VPNs are small and easy to set up and use, but still contain all of the necessary security and performance features.

In order for a virtual private network to perform properly, the server must have enough bandwidth to accommodate the number of users active at any one time. The number of remote users can also affect a VPN's performance. In addition, new technology that requires more bandwidth is bound to come out from time to time, and this should be planned for in advance to avoid a potential disruption in performance.

High volumes of traffic are also known to adversely affect the performance of a virtual private network, as is encrypted data. Since encryption technology is often added on via software, this may cause the network to slow down, hindering performance. A more desirable solution is to incorporate encryption technology that uses hardware solutions to keep the network running at the proper speed. New technologies are also constantly emerging that help to decide just how sensitive certain material is (and therefore how intensive the encryption needs to be).

THE FUTURE OF VIRTUAL PRIVATE NETWORKS

As virtual private networks continue to evolve, so do the number of outlets that can host them. Several providers have experimented with running VPNs over cable television networks. This solution offers high bandwidth and low costs, but less security. Other experts see wireless technology as the future of virtual private networks.

A new protocol for VPN systems has emerged in recent years and shows promise for enhancing the flexibility of VPNs. The traditional VPN system was based on Internet protocol security. The new protocol is based on Secure Sockets Layer or SSL. According to an article in Network World, "The biggest difference between SSL VPNs and traditional IP Security VPNs is that the IP Security standard requires installation of client code on the end user's system, while SSL VPNs focus on making applications available through any Web browser."

The popularity of VPNs continues to grow and evolve, providing companies of all sizes a means with which to leverage the Internet to reduce the costs of communication.

BIBLIOGRAPHY

Administrator's Guide to TCP/IP. Second Edition. Tech Republic, June 2003.

Binsacca, Rich. "Virtual Private Networks." Builder. June 2000.

Goldberger, Henry. "The Migration from Frame Relay to IP VPN and VPLS Services." In-Stat Alerts. 2 February 2006.

Hayes, Jim. "Managed Data Services." Communicate. July 2000.

Schnider, Joel. "SSL VPN Gateways." Network World. 12 January 2004.

Winther, Mark. "Avoiding the Challenges of Do-it-Yourself Broadband VPNs." Business Communications Review. February 2006.

 PREV  1 | 2