Virtual private network - Definition and Overview

A Virtual Private Network, or VPN, is a private communications network usually used within a company, or by several different companies or organizations, communicating over a public network. VPN message traffic is carried on public networking infrastructure (ie, the Internet) using standard (often insecure) protocols.

Secure VPNs use cryptographic tunneling protocols to provide the necessary confidentiality (preventing snooping), sender authentication (preventing identity spoofing), and message integrity (preventing message alteration) to achieve the privacy intended. When properly chosen, implemented, and used, such techniques can indeed provide secure communications over unsecured networks.

Note that such choice, implementation, and use are not trivial and there are many insecure VPN schemes on the market. Users are cautioned to investigate products they propose to use very carefully. 'VPN' is a label which, by itself, provides little except a marketing tag.

Secure VPN technologies may also be used to enhance security as a 'security overlay' within dedicated networking infrastructures.

Secure VPN protocols include the following:

• IPsec (IP security), an obligatory part of IPv6.
• SSL for tunneling specific protocols, such as in OpenVPN.
• PPTP (point-to-point tunneling protocol), developed by Microsoft.

Trusted VPNs do not use cryptographic tunneling, and instead rely on the security of a single provider's network to protect the traffic. Multi-protocol label switching (MPLS) is commonly used to build trusted VPNs. Other protocols for trusted VPNs include:

• L2F (Layer 2 Forwarding), developed by Cisco.
• L2TP (Layer 2 Tunnelling Protocol), including work by both Microsoft and Cisco.
• L2TPv3 (Layer 2 Tunnelling Protocol version 3).

A well-designed VPN can greatly benefit a company. For example, it can:

• Extend geographic connectivity.
• Improve security.
• Reduce operational costs versus traditional WAN.
• Reduce transit time and transportation costs for remote users.
• Improve productivity.
• Simplify network topology.
• Provide global networking opportunities.
• Provide telecommuter support.
• Provide broadband networking compatibility.
• Provide faster ROI (return on investment) than traditional WAN.

External links:

• Virtual Private Networks (http://www.windowsnetworking.com/articles_tutorials/vpn.html) - a basic article on how VPNs work
• Virtual Private Network Consortium (http://www.vpnc.org/)
• VPN resources (http://vpn.shmoo.com/)
• VPN software information (http://www.vpn-software.info/)
• VPN Labs (http://www.vpnlabs.org/)
• Virtual Private Networking (http://www.windowsecurity.com/articles/Virtual_Private_Networking.html) - what is VPN?