Tuesday, January 4, 2011

Virtual Private Network (VPN)

Virtual Private Network (VPN)

Virtual Private Network (VPN) is the technology that you can use to access the office or home network remotely and securely over the Internet, so that the data is protected from sniffing or hijacking by hackers
When the VPN connection is established between 2 parties (between a VPN client and VPN gateway or between 2 VPN gateways), a secured virtual tunnel will be created with capability to encrypt the data (so no hacker can see the data content), preserve data integrity (no data change during transmission) and ensure the communication only happen between that 2 authenticated parties.

There are 2 common types of virtual private network.

1. Remote access VPN
2. Site-to-site VPN

Remote Access VPN

Remote access VPN is very common VPN service that you can set up in your office or home network. It can be implemented by setting up a VPN gateway or server and you can connect to it by using VPN client from other locations.


Whenever the user computer sends the data, the VPN client software encrypts that data before sending it over the Internet to the VPN gateway at the edge of the destination network. Once the VPN gateway receives the data, it decrypts the data and sends the packet to the destination computer in its private network (office or home network), after that the destination computer will encrypt the returning data as well.

The remote access VPN is supported by L2F, PPTP, L2TP and IPsec tunneling protocols.
Sometimes if the user uses the web browser instead of VPN client to connect to VPN gateway, this type of VPN is called as SSL VPN.

Site-to-Site VPN

Site-to-site VPN is the VPN connection established between 2 VPN gateways that reside in 2 different networks over the Internet, so that both networks’ computers can exchange data securely. There is no VPN client needed on user computers. The VPN connection will be established between both VPN gateways. Both VPN gateways will encrypt and decrypt the communication data to ensure the security and integrity of data.
The site-to-site VPN can be supported by IPsec tunnel mode, PPTP, L2TP over IPSec tunneling protocols.