What is a Virtual Private Network?
A virtual private network is a private network which encloses links across shared networks or public networks (such as the internet). Virtual Private Networks allow people to send data between computers connected via a public network that emulates a point-to-point private connection. “Virtual private networking” refers to the creation and configuration of a private network connection.
So how does a public network emulate a point-to-point link? When a public network encapsulates data with a header that contains routing information, the data will be able to be transmitted to the desired endpoint through the public network, without reaching another destination. Not only the data is encapsulated, it is also encrypted to preserve its confidentiality. If an intruder or attacker is able to intercept data packets during their transmission, they will be unable to understand the data content because the data is encrypted. When data is encrypted, one or more encryption keys will be required in order to decipher that data and these encryption keys should only be known by the sender and receiver. Note that the term “VPN connection” refers to the portion of the connection where the private data is encrypted, and the term “tunnel” refers to the portion of the connection where the data is encapsulated.
Virtual Private Networks are commonly used by medium to large organizations to connect remote sites together using a public network such as the internet. VPN connections are also being used to connect remote users together. In some instances, employees are granted VPN access into their company’s networks in situations when they need to work remotely, such as when they are deployed to remote sites, when they travel to a different city, or if they are sick and unable to travel to work, etc.
Features and Benefits of Virtual Private Networks
As mentioned above, the main purpose of virtual private networks is to provide a secure private connection over a public network, such as the internet, to interconnect computer devices and computer networks.
There are many benefits for VPN connections, some of them are listed below:
- Providing the ability to interconnect computer networks across multiple geographic locations without requiring a leased line;
- Providing a secure channel for data exchange between the two parties;
- Allowing employees and staff to work remotely in circumstances when they are unable to commute to the office (such as being sick, having flooded roads, etc.)
- Allowing remote employees to be more productive.
As for the features of the VPN connections, a business should demand the following essential VPN features from its VPN solution provider:
A virtual private network should be able to provide protection for the data traveling on the public network and ensure that if data is captured or stolen by an intruder, then the intruder will be unable to read or use that data.
A VPN service should also be reliable, so that an organization’s employees and remote offices are able to connect to the VPN without trouble at any time. The VPN is also expected to provide the same quality of connection for every user regardless of the number of users connected simultaneously to the VPN.
Most businesses have plans for growth and expansion; therefore it is important that any VPN solution implemented be capable of being extended to cater for any possible business growth and expansion without having to replace the whole VPN technology, redesign and implemented a newer technology.
Components of a remote access VPN
To setup VPN networks, there are no set standards that organizations need to follow. However, it is important that the appropriate network protocols, authentication protocols and security protocols are used in order to provide the VPN benefits and features explained above.
A remote access VPN is used to allow users to remotely connect to a computer network via a secure connection. Once the connection is established and the user is authenticated, they will be able to securely access network resources as if they were directly connected to that network. Companies that generally require the setup of virtual private networks are those who have a large number of employees such as salespeople in the field. These people will be able to connect to their company’s network while on-duty or even after hours and access network resources without having to travel back to the office and physically connect their computers to the network.
There are 2 main components in a remote access VPN: network access server (NAS) and client software.
A network access server (NAS) is also known as “media gateway” or remote access server (RAS). This might be a dedicated server or it might be running on a shared server. When a user connects to the network access server, they will be required to provide valid credentials before the user can be authenticated and allowed to connect to the network. User credentials include their username and password, and in some instances companies choose to apply a two-factor authentication method by supplying the users with a secure token that generates token numbers. Users can be either authenticated by the NAS server itself or by a separate authentication server on the company’s network (it all depends on how the systems administrators have setup the VPN authentication process.
The second component of remote access VPN is the client software that needs to be installed on the computer that the employees would be using to establish the VPN connection. Note that in most modern operating systems there is built-in software dedicated for VPN connections, although a lot of organizations might have their VPN setup to require the user to install specific client software on their computer otherwise they wouldn’t be able to establish a VPN connection.