So, what's this all about - VIRTUAL PRIVATE NETWORKS (VPN’s) are a common way to connect remotely to a network in a secure fashion. A VPN creates a private network connection over the Internet to connect remote sites or users to the private network. Security is accomplished by encrypting all the transmissions.
A VPN allows a remote user to have network access, just as if it was local to the network as if the user were local, but it also makes the connection secure. Since most organizations have many employees traveling and working from home, remote network access has become an important security concern. Users want access & administrators want security - VPN provides both. To accomplish this purpose, the VPN must emulate a direct network connection. This means it must provide both the same level of access & security as a direct connection. To emulate a dedicated point to point link, data is encapsulated or wrapped, with a header that provides routing information allowing it to transmit across the internet to reach its destination. This creates a virtual network connection between two points. The data being sent is also encrypted, making the virtual network - private.
A VPN do not require a separate technology or direct cabling. It is a virtual private network, which means it can use existing connections to provide a secure connection. In most cases it is used through normal internet connections.
A variety of methods are available for connecting one computer to another. Once upon a time, it was common to dial up to an ISP via a phone modem. Nowadays, cable modems, cellular devices, and other mechanisms are common: - not inherently secure. Any data that is sent back & forth is unencrypted - anyone can use a packet sniffer to intercept & view the data, and neither end is authenticated. This means we cannot be completely certain - who we are really sending data to or receiving from - VPN provides answers to all these issues.
The arrangement is generally acceptable for an ISP. The customers connecting simply want a channel to the Internet and do not need to connect directly or securely to a specific network. However, the setup is inadequate for remote users that attempt to connect to an organization's network.
In such cases - the private & secure connection that a VPN provides is critical.
Individual remote users are not only the users of VPN technology. Many larger organizations have offices in various locations. Achieving reliable and secure site to site connectivity for such organizations is an important issue. The various branch offices must be connected to the central corporate network through tunnels that transport traffic over the Internet.
Using VPN technology for the site to site connectivity enables a branch office with multiple links to move away from an expensive, dedicated data lines to simply utilize existing Internet connections.
There are various ways to achieve the encryption needs of a VPN. Certain network protocols are frequently used for VPN 's.
The two most commonly used protocols for this purpose are -
1.POINT TO POINT TUNNELLING PROTOCOL (PPTP)
2. LAYER 2 TUNNELLING PROTOCOL (L2TP)
But will talk about them in detail perhaps in another blog.
Till then stay home, stay safe and always remember - "One single Vulnerability is all an attacker needs "