Virtual Private Networks (VPNs) emerged as a one-stop solution for transmitting business-critical data securely and privately over the public shared Wide Area Network (WAN). The colossal growth of Information Technology (IT) has opened up avenues for enterprises to conduct businesses over WANs or Internet in a quick and efficient way. The increasing concern for security in data transmission over the networks has resulted in VPN solutions being the most preferred technology for secure networking.
VPNs use the shared public telecommunication infrastructure to connect nodes and securely create a pathway for access between a WAN and an Intranet. VPN connections over the WAN or Internet functions as a separate WAN link. Network traffic can be separated adeptly by VPN technology while also providing security features. VPN solutions are cost efficient than using private or leased lines, or using a dial-up modem for long distance connections. VPNs have the ability to work over private as well as public networks. VPN makes use of the same infrastructure that is being used by the Internet/Intranet links, with the aid of its VPN tunneling process. VPN technology comprises diverse security mechanisms for providing protection to the private virtual connections. Virtual Private Networks primarily support three different modes of use:
- Remote access client connectivity through the Internet
- Internetworking (LAN-to-LAN)
- Access control within Intranet
In the virtual network, the link layer protocols are tunneled through the larger network. VPNs provide secure communications over the shared public network, which is the Internet. They are also used for separating IP traffic over the network using security features. By using a VPN, users can access a network through a different IP address other than the one connecting their computers and the Internet. In virtual private networking, there is a private network configured within a shared public network to avail of the benefits enjoyed by large networks. Enterprises widely use VPNs to create WANs, which enables to provide site-to-site connectivity to companies’ remote branch locations. It also facilitates mobile users with the capacity to dial up the Local Area Networks (LANs) of their company.
Over the years of development of VPN technology, Virtual Private Networks were built over IP networks, X.25, frame relay, Switched 56, and ATM technologies. To enhance their security options, VPNs use encryption and authentication. Data is encrypted at the sending end and decrypted at the destination point. Encryption of data traversing over the Internet between the corporate LAN and remote users is much preferred and popular. There are diverse types of authentication mechanisms in VPN technology. Devices such as firewall, access gateways, and others have authentication implemented into their devices by VPNs. Methods such as cryptography, biometrics or passwords are used for authentication. In order to have strong authentication, cryptography is combined with another authentication mechanism and applied. Authentication mechanisms used in VPN solutions can be embedded in the VPN client or in the computer system, and requires explicit user action.
VPN Protocols
Virtual Private Networks maintain privacy in networks by using security procedures and tunneling protocols. The tunneling protocol or encapsulation protocol is a network technology, which establishes and maintains a network connection. Voluntary tunneling and Compulsory tunneling are the two types of tunneling supported by a VPN. Voluntary tunneling involves a VPN connection that is set up and managed by the VPN client. Compulsory tunneling involves a VPN connection set up is managed by the network provider. Data is transmitted using a WAN as a medium, in encrypted form so that only authorized users access the data. Encrypted data moves through a secure ‘tunnel’ and is received by the authorized who deciphers the data for use.
VPN solutions are sought after by large enterprises that run mission-critical applications over the public network (Internet). Business sensitive data has to be protected and VPN comes as a viable and optimal solution with its privacy and security features. Trusted VPNs and Secure VPNs are two VPN technologies that form the basis of the security mechanism adopted by different VPN protocols. In Trusted VPNs, cryptographic tunneling is not used. Instead the provider’s network security is relied upon for protecting the data traffic. Multiprotocol Label Switching (MPLS) and Layer 2 Tunneling Protocol (L2TP) are trusted VPNs. Secure VPNs provide security and privacy by using cryptographic tunneling methods, which provides sender authentication, confidentiality maintenance, and message integrity. The key secure VPN protocols include:
- IP Security (IP Sec)
- Point-to-Point Tunneling Protocol (PPTP)
- Secure Sockets Layer/Transport Layer Security (SSL/TS)
- Open VPN
- Layer 2 Tunneling Protocol version 3 (L2TPv3)
- VPN Quarantine
- Multi Path Virtual Private Network (MPVPN)
VPN Applications
Security and Privacy being the major factors, VPN solutions are used widely by enterprises that need a secure network to transmit crucial business information. VPNs are applied in many forms such as Internet VPNs (use of VPN protocols for security), Frame Relay VPNs from carriers, virtual IP VPNs from carriers, Ethernet VPNs from carriers, and so on. Internet VPNs can be best used for remote access to the corporate LAN through the Internet. It is flexible and mobile allowing people to stay connected. VPN solutions are used for Inter-networking wherein two networks can be bridged together. They are used in internal networks as well to implement controlled access to separate subnets within a private network. This type of Intranet / Local Network VPNs does not necessitate Internet Service Providers (ISPs) or network cabling. It is a popular method for protecting the WiFi local networks of businesses.
VPN solutions, however positive in all applications and features, pose certain major problems such as:
- Rejection of the VPN connection (Connectivity failures)
- Acceptance of unauthorized connection
- Inability to reach distant locations
- Failure to establish a VPN tunnel
It is crucial for enterprises to overcome these problems so that they can ensure business continuity. In the technology marketplace there is an ever-increasing demand for technology solutions that can offer security, privacy, and redundancy in networks. FatPipe Networks (www.fatpipe.com) offers a suite of WAN optimization and technology solutions, which includes security features. Its patented MPVPN technology provides reliable, redundant and secure WAN data transmissions. MPVPN is the ideal product, which can agnostically aggregate publically routed IP connections (ISDN, xDSL, Cable, T1, T3, Metro-E, OC-x, etc.). Furthermore, it is enhanced with seamless VPN failover by reconstruction of IP headers using FatPipe’s patented MPSEC tunneling technology that encapsulates IPSec tunnels.
MPVPN can also act as a VPN. It secures WAN data transmissions and dynamically load balances over multiple lines and ISPs without the need for BGP programming. The IPVPN technology is intended for the core network side through agnostic aggregation of multiple privately routed network connections such as point-to-point, frame relay, MPLS, etc. back to the core network. FatPipe also offers a wide array of features including Quality of Service (QoS), data compression, enhanced VPN security, and VPN encryption capabilities.