What is DMZ Network ?

by

  DMZ (Network) How a network DMZ works In computer networks, a demilitarized zone (DMZ), sometimes also known as a …

Read more

What is RAID?

by

What is RAID? RAID is a stands for Redundant Array of Independence disks. In fact, RAID is a way that …

Read more

How to Install DHCP Server on Windows 2012 R2

by

DHCP is known as the Dynamic Host Configuration Protocol. It is used to assign dynamic IP address to computers. For example, in your organization you have about 5000 desktops to manage. How do you track all computers? How can you track the IP address of all computers, if you assign a static IP address. Managing and tracking records will not be a daunting task for the system administrator.

What is VPN and how it works?

by
What is VPN and how it works?

 What is VPN and how it works?

A virtual private network (VPN) is programming that creates a safe and encrypted connection over a less secure network, such as the public internet. A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols.

In any Organization that uses the global internet as both intranet & internet organization, but required privacy in their communication.
To achieve privacy, organization can use three strategies

      1. Private Networks
      2. Hybrid Networks
      3. VPN (Virtual Private Network)

Private Networks

     An organization that needs privacy when outing information inside the organization can use a private networks. A small organization with one single site can use an isolated LAN, people inside the organization can send data to one another that totally remain inside the organization secure from outsiders.

     A large organization with several sites can create a private internet. The LAN at different sites can be connected to each other using routers and leased lines.

Hybrid Networks

 Today most organization need to have privacy in intra-organization data exchange, but at the same time, they need to be connected to the global internet for data exchange with other organizations. A hybrid network allow an organization to have its own private network and at the same time, access to the global internet. Intra-organization data is routed through the private internet, inter-organization data is routed through the global internet.

Virtual Private Network

     Both private and hybrid networks have a major drawback – COST. Private wide area network expensive. One solution is to use the global internet for both private and public communication that technology called Virtual Private Network (VPN), VPN allows organizations to use the global internet for both purpose.

     VPN creates a network that is private but virtual. It is private because it guarantees privacy inside the organization. It is virtual because it does not use real private WAN, network is physically public but virtually private. VPN provide remote access to private networks across public connections. That is using the internet client can dial into an Internet Service Provider (ISP) and connect to your private networks

Differees of VPNsnt Typ

VPN is a virtual private network that allows a user to connect to a private network through the Internet in a secure and private way. VPN creates an encrypted connection, known as the VPN tunnel, and all traffic and Internet communication pass through this secure tunnel. Therefore, keep user data safe and private

There are two basic types of VPN that are explained below.

 VPN remote access

VPN remote access allows a user to connect to a private network and access their services and resources remotely. The connection between the user and the private network is made through the Internet and the connection is secure and private.

Remote Access VPN is useful for both commercial and home users.

A corporate employee, while traveling, uses a VPN to connect to his company’s private network and remotely access files and resources on the private network.

Home users, or private VPN users, primarily use VPN services to bypass regional restrictions on the Internet and access blocked websites. Users aware of Internet security also use VPN services to improve their security and privacy on the Internet.

SSL VPN

 VPN from site to site

A site-to-site VPN is also called a router-to-router VPN and is primarily used in businesses. Companies, with offices in different geographic locations, use site-to-site VPNs to connect the network from one office location to the network in another office location. When several offices of the same company are connected using the type of site-to-site VPN, it is called Intranet-based VPN. When companies use the site-to-site type of VPN to connect to another company’s office, it is called an Extranet-based VPN. Basically, the site-to-site VPN creates a virtual bridge between networks in geographically distant offices and connects them over the Internet and maintains secure and private communication between networks.

Since the site-to-site VPN relies on router-to-router communication, in this type of VPN a router acts as a VPN client and another router as a VPN server. Communication between the two routers begins only after authentication between the two is validated.

Types of VPN protocols

The two types of VPN above are based on different VPN security protocols. Each of these VPN protocols offers different features and security levels, and are explained below:

1) Internet or IPSec security protocol: Internet Protocol Security or IPSec is used to protect Internet communication through an IP network. IPSec ensures communication of the Internet Protocol by authenticating the session and encrypting each data packet during the connection.

IPSec works in two modes, transport mode and tunnel mode, to protect data transfer between two different networks. The transport mode encrypts the message in the data packet and the tunnel mode encrypts the entire data packet. IPSec can also be used with other security protocols to improve the security system.

2) Layer 2 tunnel protocol (L2TP): L2TP or Layer 2 Tunneling Protocol is a tunnel protocol that is usually combined with another VPN security protocol such as IPSec to create a highly secure VPN connection. L2TP creates a tunnel between two L2TP connection points and the IPSec protocol encrypts the data and handles secure communication between the tunnel.

3) Point-to-point tunnel protocol (PPTP): PPTP or Point-to-Point Tunnel Protocol creates a tunnel and encapsulates the data packet. It uses a point-to-point protocol (PPP) to encrypt the data between the connection. PPTP is one of the most used VPN protocols and has been in use since the time of Windows 95. In addition to Windows, PPTP is also compatible with Mac and Linux.

4) Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL (Secure Sockets Layer) and TLS (Transport Layer Security) create a VPN connection where the web browser acts as the client and user access is restricted to specific applications instead of the entire network. The SSL and TLS protocol is the most used by online shopping websites and service providers. Web browsers switch to SSL with ease and almost no need for user action, since web browsers are integrated with SSL and TLS. SSL connections have https at the beginning of the URL instead of http.

5) OpenVPN: OpenVPN is an open source VPN that is useful for creating point-to-point and site-to-site connections. It uses a custom security protocol based on the SSL and TLS protocol.

6) Secure Shell (SSH): Secure Shell or SSH creates the VPN tunnel through which data transfer occurs and also ensures that the tunnel is encrypted. L

Note: If you find this article helpful, then you should not forget to comment and share it. This will encourage me and my team to write more good technical articles. Thanks !!!!!!

Read more