Table of Contents
What is a VPN and what does it do
A virtual private network (VPN) is a private network that uses a public telecommunication infrastructure such as the internet to provide remote offices or individual users with secure access to their organization’s system. One key feature of a VPN is that it allows the organization’s employees to appear as if they are working from the office even if they are really working from home.
In order to do this, a VPN uses a public network (the internet) and creates a secure private network on top of that. The end result is that the data sent by employees is encrypted and integrity is maintained as it travels across this private network.
This feature provides security advantages when the organization has remote offices and employees located all over the world, sometimes in countries with less than extremist level security. The employees can work with documents that are sensitive to the organization, even when they are on a public network such as the internet. The only thing that is exposed to the public network is the connection from the remote employee’s home computer to the private network.
How is data transmitted in a VPN
The VPN encrypts all data that is sent over the internet and does not allow anyone but the intended recipient to read them. The data is transmitted in a way that depends on a key that is negotiated between the client (such as a computer) and the server. The client and server then use this key to create a “secure channel” through which the data is transmitted.
The keys vary from system to system, but in general the process is as follows:
When a vpn is installed on client and server systems, they must agree on a “secret key” that they will use to encrypt and decrypt the data that they are sending over the internet. This secret key is the only way that the client or server can decrypt data that was previously sent unprotected. It also prevents someone who gained access to one of these systems from being able to read any previously sent data.
The different methods used to protect transmitted data in a VPN
The VPN uses 4 different methods to protect the transmitted data. (1) Tunneling: Enables the client and server to create a virtual point-to-point link through the use of tunneling. This is useful for connecting networks or linking offices over long distances. (2) Protocols: The VPN protocol that is used to transmit the data creates a secure channel through which all the data is transmitted. The VPN protocol is negotiated between the client and the server. (3) Encryption: The data that is transmitted from the client to the server is encrypted using an encryption method such as Secure Sockets Layer (SSL) or with a secret key that is shared by both parties. (4) Compression: The data that is sent from the server to the client may be compressed before it is sent so that it takes less time to transmit.
This article will discuss these methods in more detail and describe their uses so that you can decide which method to use for your VPN.
Tunneling (1)
The VPN uses tunneling to create a virtual point-to-point connection. This is useful for connecting networks or linking offices over long distances. Tunneling enables the client and the server, who are not on the same subnet, to create a point-to-point link using IP addresses and other techniques. Tunneling is used by the VPN protocol, which is negotiated between the client and the server.
The tunneling process begins with a series of messages between the client and server. These messages establish a virtual connection between the client and server over an unsecured, best effort route known as an IP connection. To do this, both sides must agree on a new type of connection using port numbers and UDP usage on all data packets. The tunneling process works by replacing the IP address and UDP port number of each packet with the new connection’s virtual IP address and port number. The VPN protocol supports automatic switching among secure encrypted tunnelling protocols.
Which process is most effective at protecting transmitted data in a VPN
The VPN is most effective at protecting transmitted data if it uses a tunneling protocol to create a virtual link between the client and the server. If the VPN uses a protocol, such as IPsec or SSL, then the data is not protected. The connection that is created by tunneling is more secure than an unencrypted Internet connection. The tunneling protocol allows the data to be transmitted in a way that makes it very difficult for another person to intercept it. This is why a vendor, such as Symantec, can encrypt your data and still allow you to view it from a remote location over the Internet.
To protect data during transmission, a VPN uses tunneling. The two most common tunneling protocols are Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP). PPTP is a proprietary protocol developed by Microsoft and until recently was used with Windows servers. L2TP is an open source standard that is supported by any vendor who offers VPN services.
When the data is sent over the Internet, it travels in packets. With PPTP, only the packets are encrypted. L2TP encrypts only the data within a packet. L2TP also allows you to use authentication methods such as a four-digit code or an entry that you type in on your computer.
The next three sections explain the tunneling process in detail.
Wired Security and Internet Connections
