VPN Definition Benefits and Types

VPN Definition Benefits and Types

This Article define what is VPN virtual private network its Benefits and Types. Security is a concern when public Internet is used to conduct business. Private virtual networks (VPNs) are used to ensure data security over the Internet. Data security can be provided by using encryption in this tunnel over the Internet and with authentication to protect data against unauthorized access.
Organizations need secure, reliable and cost-effective networks to interconnect several networks, for example, to allow branches and suppliers to connect to the network of a company's headquarters.
In addition, with the increase in the number of remote workers , there is a growing need for companies to have safe, reliable and profitable ways for employees working in small offices and domestic offices (SOHO), and in other remote locations connect to resources in business sites.

What Is A VPN Definition ?

A VPN is a private network created by tunneling through a public network, usually the Internet. A VPN is a communications environment in which access is strictly controlled to allow peer connections within a community of defined interest.
The first VPNs were exclusively IP tunnels that did not include authentication or data encryption. For example, generic routing encapsulation (GRE) is a tunneling protocol developed by Cisco that can encapsulate a wide variety of types of network layer protocol packets within IP tunnels. This creates a virtual point-to-point link to Cisco routers at remote points through an IP internetwork.
Currently, virtual private networks generally refer to the secure implementation of VPN with encryption, such as VPNs with IPsec.
To implement VPNs, a VPN gateway is required. The VPN gateway can be a Cisco router, firewall or adaptive security device (ASA). An ASA is an independent firewall device that combines the functionality of a firewall, VPN hub and intrusion prevention in a software image.

BENEFITS OF VPNS

As shown in the illustration, a VPN uses virtual connections that are routed over the Internet from an organization's private network to the remote site or the employee's host. Information from a private network is transported securely through the public network to form a virtual network.

The benefits of a VPN include the following:

• Cost savings : VPNs allow organizations to use cost-effective external Internet transport to connect remote offices and remote users to the main site; therefore, expensive dedicated WAN links and modem banks are eliminated. In addition, with the advent of cost-effective high bandwidth technologies, such as DSL, organizations can use VPN to reduce connectivity costs and, at the same time, increase the bandwidth of the remote connection.
• Scalability : VPNs allow organizations to use the Internet infrastructure within ISPs and devices, making it easy to add new users. Therefore, organizations can add a large amount of capacity without significantly increasing infrastructure.
• Compatibility with broadband technology : VPN networks allow mobile workers and remote employees to take advantage of high-speed broadband connectivity, such as DSL and cable, to access their organizations' networks. Broadband connectivity provides flexibility and efficiency. High-speed broadband connections also provide a cost-effective solution for connecting remote offices.
• Security : VPNs can include security mechanisms that provide the highest level of security through advanced encryption and authentication protocols that protect data against unauthorized access.

VPN Types

There are two types of VPN networks:

1. Site to site VPN
2. Remote access VPN

SITE TO SITE VPN

A site-to-site VPN is created when devices on both sides of the VPN connection know the VPN configuration in advance, as shown in the illustration.

The VPN remains static, and internal hosts do not know that a VPN exists. In a site-to-site VPN , terminal hosts send and receive normal TCP / IP traffic through a VPN gateway.
The VPN gateway is responsible for encapsulating and encrypting outbound traffic for all traffic from a particular site. The VPN gateway then sends it through a VPN tunnel over the Internet to a peer VPN gateway at the destination site. Upon receipt, the peer VPN gateway removes the headers, decrypts the content and transmits the packet to the destination host within its private network.
A site-to-site VPN is an extension of a classic WAN network . Site-to-site VPNs connect entire networks to each other, for example, they can connect a branch's network to a company's central office network. In the past, a leased line or Frame Relay connection was required to connect sites, but since most companies now have access to the Internet, these connections can be replaced by site-to-site VPN.

REMOTE ACCESS VPN

If a site-to-site VPN is used to connect entire networks, the remote access VPN supports the needs of remote employees, mobile users and client-to-business extranet traffic.
A remote access VPN is created when the VPN information is not configured statically, but allows dynamic information exchange and can be enabled and disabled. Remote access VPNs support a client / server architecture , in which the VPN client (remote host) obtains secure access to the enterprise network through a device on the VPN server at the perimeter of the network.

Remote access VPNs are used to connect individual hosts that must access your company's network securely through the Internet. The Internet connectivity used by remote workers is usually a broadband, DSL, cable or wireless connection, as shown in the illustration.
A VPN client software may have to be installed in the mobile user's terminal; For example, each host may have Cisco AnyConnect Secure Mobility Client software installed. When the host tries to send any type of traffic, the Cisco AnyConnect VPN Client software encapsulates and encrypts this traffic. Then, the encrypted data is sent over the Internet to the VPN gateway at the perimeter of the destination network. Upon receipt, the VPN gateway behaves as it does for site-to-site VPNs.