Virtual Private Network

Dr. Syed Shabih Ul Hasan

IT Department
University of Haripur
VPN
• The security of personal data and activities while using the Internet
has always been a matter of concern. It is precisely to address this
pain point that the concept of virtual private networks came about.
The ambit of the technology gradually grew to accommodate the
needs of businesses and corporates of varying sizes.

• A virtual private network is a computer network that gives online

privacy to a user by creating an encrypted connection from a device
to a network. It uses tunneling protocols to encrypt sensitive data
from a sender, transmit it, and then decrypt it at the receiver’s end.
VPN
• Because the user’s internet protocol (IP) address is masked and
untraceable during this process, it provides a high level of privacy. The
most common use of VPN technology is keeping all online
transactional activities of an individual untraceable, even when
accessed on a private Wi-Fi network.
• When used for businesses, a VPN only allows authorized personnel to
access data of the organization through the Internet. With the help of
a VPN, an organization with multiple offices globally can share its data
with its employees, irrespective of location. VPN significantly reduces
the threat of cyber-attacks and security breaches.
VPN
• VPNs work in three steps:
[Link] service encrypts the data that you are sending out.
[Link] data is placed in a secure capsule and sent through a private
tunnel created on the Internet that masks the origin IP address.
[Link] receiving address gets the capsules and decrypts the information
without seeing the origin address.
What Does a VPN Do?
• A virtual private network is a way to simulate a private network over a
public network, such as the Internet. It is called "virtual" because it
depends on the use of virtual connections that is, temporary
connections that have no real physical presence, but consist of
packets routed over various machines on the Internet on an ad hoc
basis. Secure virtual connections are created between two machines,
a machine and a network, or two networks.
• A VPN acts as your own personal tunnel that encircles you, masking
you in anonymity, and blocking anyone from seeing where you’re
going or what you’re doing.
Advantages
Enhanced security: The fundamental functioning of a VPN strengthens
the security of network traffic
• It keeps all communication between remotely-located employees
safe from the cybercriminals,
without disturbing the flow of work.
• A VPN uses a range of encryption technologies like IP security
(IPSec), layer 2 tunneling protocol (L2TP)/IPSec, as well as secure
sockets layer (SSL) and transport layer security (TLS). All of these come
together to create the tunnel through which encrypted data is passed
from origin to destination points via a server.
Advantages…
• Easy file sharing: VPNs pave the way for large networks to provide
easy access to the information within a private network. It makes the
management of multiple remote locations and employees easier, with
access that is similar to a local intra-network.
• Bypass geo-restrictions: Particularly in the case of personal use of a
VPN, geo-restrictions can be bypassed to gain access to sites. The case
in point being the scramble to access Netflix from other regions. VPN
also helps to bypass censorship impositions in case of restricted sites
while traveling.
Disadvantages
• Speed issues: The stronger the encryption for a VPN, the slower it
becomes. This especially holds true for free VPN providers (which
come with several other negative points). However, paid services can
deliver good levels of encryption at decent speeds. There are several
ways to boost speed, for instance, reducing the distance between the
device and the VPN server location.
• Increased network complexity: If you require a high-quality VPN, the
network that needs to be set up will be more complex. This comprises
several network topologies, protocols as well as hardware devices.
Types of
VPNs
Types..
1. Remote access VPNs
• Businesses utilize remote-access VPNs to create a secure connection
between corporate networks and personal or company devices used
by remote employees. Once connected, employees can access
information on the company network in the same way they would if
their devices were physically plugged in on office premises.
VPN Types
2. Site-to-site VPNs
• Site-to-site VPNs are ideal for enterprises and businesses. They
provide the ability to access and share information with a number of
users based in several fixed locations.
• Site-to-site VPNs are used in large-scale businesses where a multi-
departmental exchange of information needs to be carried out
securely and continuously. Such VPNs are not easily implemented and
require a great deal of specialized equipment and complex hardware
and resources.
Site-to-site VPNs….
Within site-to-site networks are:
• Intranet-based site-to-site VPNs
• Intranet-based site-to-site VPN connects an organization’s own
networks. For instance, if a company has its headquarters in Germany
and wants to set up an office in Australia. Employees in both locations
will want to collaborate during the process. So, a site-to-site VPN will
connect the German office local area networks (LANs) to the same
wide area network (WAN) as that of Australia, and share information
securely.
Site-to-site VPNs…
Extranet VPN site-to-site VPNs
• Extranet-based VPNs serve as a connection between two intranets
that need to be connected but don’t have a way of accessing each
other. If two different companies want to collaborate on a project, an
extranet-based VPN will be used.
VPN Types
3. Client-based VPNs
• Client-based VPNs allow users to be connected to a remote network
through an application/client that manages the connection and the
communication process of the VPN. For a safe connection, the
software is launched and authenticated with a username and
password. An encrypted link is then established between the device
and the remote network.
VPN Types
4. Network-based VPNs
• Network-based VPNs are virtual private networks that securely
connect two networks over an unsafe network. An IPsec-based WAN
is an example of a network-based VPN. In this VPN, all offices of a
business are connected with IPsec tunnels on the Internet.
• The three common types of network VPNs include:
• IPsec tunnels: This type of approach establishes a tunnel to exchange
the data between two networks in an encrypted form.
• Dynamic multipoint VPNs (DMVPN): This type of approach allows
IPsec point-to-point tunnels in a cloud of connected networks.
DMVPN allows any two networks to communicate directly across the
DMVPN cloud.
• MPLS-based L3VPNs: Multiprotocol label switched (MPLS) networks
allow virtualization of networks so that users can share physical
networks while staying logically separate.