ABSTRACT:
In today’s New Economy, small businesses that might have dealt with just local or regional concerns now have to consider global markets and logistics. At the same time security concerns of their network from hackers, Denial-of-Service (DoS) attacks and sending data over the Internet have become more widespread.
Until recently,communications were only available by using leased telephone lines to maintain a Wide Area Network (WAN). Leased lines enabled companies to expand their private network beyond their immediate geographic area. Moreover, WAN provided advantages over a public network like the Internet when it came to reliability, performance, and security.
. The continuing popularity with the Internet has led to the evolution of Virtual Private Networks (VPNs). A VPN is a connection that allows private data to be sent securely over a shared or public network, such as the Internet. In fact, one of the driving forces behind VPNs is the Internet and its global presence.
With VPNs, communication links between users and sites can be achieved quickly, inexpensively, and safely across the world. In this way, VPNs empower organizations to extend their network service to branch offices and remote users such as traveling employees, telecommuters, and strategic partners by creating a private WAN via the Internet. With all these benefits, small businesses are also eager to reap the advantages afforded by VPNs. This paper explains what a VPN is and how VPNs provide secure, private connections to network applications.
By reading this paper, you will gain a fundamental understanding of VPNs, including their security mechanisms, benefits, and cost-saving advantages.
Introduction:
What is a VPN?
Internet technologies have changed the way that companies disseminate information to their employees, customers, partners, and suppliers. Initially, companies were conservative with the information they published on the Internet – product information, product availability, and other less business-critical items. More recently, using VPNs across the Internet has gained wider acceptance as a way to provide more cost effective access to business-critical information.
A VPN is a combination of software and hardware that allows mobile employees, telecommuters, business partners, and remote sites to use a public or "unsecured" medium such as the Internet to establish a secure, private connection with a host network. With a VPN deployed across the Internet, virtual private connections can be established from almost anywhere in the world. From the user’s perspective, a VPN connection is a point-to-point connection between the user’s computer and the company’s server. The nature of the intermediate internetwork is irrelevant to the user because it appears as if the data is being sent over a dedicated private link. In this way, the secure connection across the internetwork appears to the user as a private network communication, despite the fact that this communication is occurring over a public internetwork- hence the name Virtual Private Network.
Figure 1 shows an example of a VPN.
VPN Security
Because the Internet facilitates the creation of VPNs from anywhere, networks need strong security features to prevent unwelcome access to private networks and to protect private data as it traverses the public network. After all, companies that have expectations of privacy over their own networks have the same expectation when the Internet is involved. Unfortunately, as data travels between users and their remote offices, it can pass through 25 or more different servers around the world before reaching its final destination. With so many potentially prying eyes, the data should be secured through some form of encryption.
Encryption
A key component of a VPN solution is providing data privacy. Without an explicit way to provide data privacy, information traveling over an unsecured channel like the Internet is Data transmitted in clear text can be viewed or even stolen through common “sniffing” programs and/or devices that monitor data traveling over a network. Tools such as a protocol analyzer or network diagnostic tools built into today’s operating systems can easily “see” the clear text information as it is transmitted. Companies are also concerned that some private data may not be encrypted by the VPN before it is transmitted on the public wire. IP headers, for example, will contain the IP addressees of both the client and the server. Hackers may capture these addresses and choose to target these devices for future attacks. To ensure data privacy and protect valuable transmitted data against “man-in-the-middle” attacks, encryption techniques are required to scramble clear text into cipher text. Encryption scrambles a message into cipher text. The cipher text is then sent to the recipient, who decrypts the message back into clear text again. This encryption/decryption process on the parts of the sender and receiver of the message combine to form a cryptosystem.
types of cryptosystems
* Private Key (Symmetric) Cryptosystems
* User Authentication and Access Control
* Internet Protocol Security
* Hybrid Mode Authentication
next post topic are above
0 comments:
Post a Comment
Thanks for your Valuable comment