Introduction Virtual Private Network A way to connect to a private network through a public network such as the internet.
Governing Standards Body Virtual Private Networks are not governed by one specific body. Each Virtual Private Network is privately maintained and operated. Every private network has a Network Administrator who oversees the usage of the network.
History Companies spent massive resources to set up private networks known as Intranets. Intranets were costly and used leased line services, ATM, and Frame Relay to incorporate remote users. Companies used remote access servers or ISDN for small sites and mobile workers. SMEs were forced to use low speed switched services due to lack of money.
History The internet became easier to access and bandwidth grew in capacity. Companies put their Intranets on the web to make Extranets. ○ This linked internal and external users. Although this was cost effective and quick and easy to do, it raised the issue of security
Specifications The modern VPN covers the security factor. VPNs now use tunneling and complex encryption. Privacy and data security is maintained in what is much like a dedicated point-to-point connection. Because of the use of a public network, like the internet, VPNs are much less costly than Intranets.
Specifications Early VPNs were complex and needed experts on hand to maintain. Technology has come a long way, making it an easy and cheap solution for businesses. With VPNs, companies can unite workers in different branches, different project teams, customers, mobile workers, and even workers from home.
Specifications Workers and customers can connect securely by connecting to the POP or (point-of-presence) VPNs save money by reducing long distance charges, network support fees, equipment inventories, and leased line fees.
Specifications VPNs use security techniques such as tunneling and encryption to protect their data. Encryption is a way to scramble information. When the text is encrypted it is referred to as cipher-text. When the data is decrypted it is called clear- text.
Specifications Encryption Data gets encrypted at a gateway at the start of the VPN tunnel. The Gateway at the receiving end decrypts the information into clear-text. The encryption uses the Data Encryption Standard.
Specifications Encryption The Data Encryption Standard or DES uses 56-bit keys to encrypt data. Data is encrypted into 64-bit blocks. This provides 72,057,594,037,927,900 different possible combinations. 3DES encrypts data multiple times. ○ Encrypts using 56-bit key ○ Decrypts into completely different clear-text ○ Encrypts again
Specifications Keys Keys are what make encryption work. The length of the key determines security strength ○ 8-bit keys 256 (2 8 ) combinations ○ 16-bit keys 65,536 (2 16 ) combinations ○ 56-bit keys 72,057,594,037,927,900 (2 56 ) combinations Many VPNs today use 168-bit keys ○ That’s 374,144,419,156,711,000,000,000,000,000,000,0 00,000,000,000,000,000 combinations
Specifications Keys Symmetrical keys means using the same key at both ends of the tunnel. ○ Keys must be kept confidential by both parties because of security concerns. ○ Become difficult to distribute Asymmetrical keys easier to manage ○ Uses private and public keys. Private used on one end. Public given out to remote users
Specifications VPNs use IPSec or IP Security Protocol Internet standard protocol for tunneling, authentication, and encryption. Addresses issues ○ Access Control ○ Connection Integrity ○ Authentication of Data Origin ○ Protection Against Replays ○ Traffic Flow Confidentiality
Advantages/Drawbacks VPNs are secure Privacy is not a big issue VPNs are interoperable. They are useable on many different systems. They are easy to use and cost effective to maintain.
Application VPNs are used by many different companies. It can be on different systems to connect remote users to the company