Introduction
In modern economies, businesses that previously used to handle local information now have to think of global markets. Multinational companies now have their branches and outlets spread all over the world. Simultaneously security concerns of their data and network from hackers, as well as sending data over the Internet have become more prevalent. This paper examines the nature of virtual private networks (VPN) as well as their secure establishments within public networks. The paper gives an understanding of VPNs, taking note of security mechanisms, paybacks and cost-saving rewards (Bates, 2000).
Regardless of whether organizations have a local or multinational presence, they need speedy, secure and reliable means of communication. By explaining how the various implementations of Virtual Private Networks help keep networks secure, we can understand the advantages and services that virtual private networks offer wireless networks (Kaseen, 2007). For a long time communication has been through leased landlines with a Wide Area Network (WAN). The WAN was more reliable, secure and enabled businesses to have communication beyond their geographical areas. Unfortunately, leased lines are expensive to maintain, especially where the distance between offices is large (APPLEBY, 2002, p24). With an increase in the popularity of the internet, many businesses turned to it to cut on running costs and expand their network which eventually has paved the way for the evolution of Virtual Private Networks (VPNs).
Amid an anticipated increase in the data flow, there is a growing need to scale up core networks regarding scalability, costs, flexibility and ease of management. This demand has led to the creation of optical networking technology which uses intelligent control plane protocols (LUO, 2005, p.71). A virtual private network involves a connection that enables the transmission of data securely within a public network such as the internet. The global presence of the internet has been a driving force in the growth of the VPN. With its invention communication and information, sharing has improved over large areas and reduced costs and increased efficiency among remote consumers e.g. travelling employees, through creating a private wide area network (WAN) via the Internet (Behrend, Frank, Erwee & Ronel. 1970, p.10).
What is a VPN?
Technology has transformed the way firms share information as well as the dissemination of feedback to customers and suppliers. Previously many companies were reluctant to publish information on the internet, for instance, product information. However, with the invention of VPNs, many businesses can now gain access to critical information. In layman’s language, a VPN is a point to point connection between an employee and the employer’s server where data is sent over a private link. Consequently, the secure link provides a private network communication, in the face of a public (Ciampa, 2006, p. 57).
A VPN has two core components. The first element is a VPN gateway with manifold network interfaces. The purpose of this component is to selectively encrypt and decrypt data as it flows through. In establishing a VPN between two remote offices, two gateways can be used. A VPN client on the other hand is the second component installed on a PC that moderately encrypts and decrypts data from a network protected by a VPN gateway. Since VPNs can be created from anywhere on the internet, strong security features are needed to avert malicious access to private networks and secure private data as it is transmitted over the public network. Companies of course have high expectations on the privacy of their data but sorry to say before information can reach its destination between remote offices, it may pass through numerous servers located around the world with loads of potentially snooping eyes, it is essential to secure the data through encryption (APPLEBY,2002). If there are no explicit means to offer data privacy, information travelling through the internet is transmitted in clear text and can be viewed through common data prying programs that monitor data within networks (GANGULY, 2008, p. 31).
Protocol analyzers and other network diagnostic tools in many operating systems e.g. UNIX and windows can see the clear text as it is transmitted. A concern is that some private data may not encrypt before first being transmitted through the public network. Hackers may capture Internet protocol addresses and target source devices for future attacks. To seal this loophole, the protection of valuable data should include techniques to transform the clear text into cypher text. Encryption jostles a message into cypher text which is sent to the recipient, the recipient decrypts the message back into clear text again. This method of encryption and decryption is called a cryptosystem.
Internet Security
With innovations such as wireless communications, wide-area networking, local area networking, as well as other types of networks, the cost of implementing such setups can get quite expensive (KIZZA, & KIZZA, 2008, 22). Another aspect part of the cost to a network is the implementation of a great security system. Improper security would ultimately lead to permanent disruption to a network (APPLEBY, 2002, p46). The cost to fix a network that has been attacked would be more than initially implementing a strong security package. Wireless networks, local area networks, and wide area networks have done a lot for the networking field. It is a fact that we are living in a time where wireless innovations are the way of the future. With the innovation of such great technologies comes a great threat as well. Internet Protocol Security (IPSec) provides a framework for data security and user authentication within a public network (Kessler, 1998). It is a vigorous standard that has stood the test of time and emerged as a strong standard for the internet industry. Given the advantage of individual deployment on the network and organizations can protect their networks handling application-by-application. Data authentication systems can be used to establish if the data has been modified on transit (KIZZA, & KIZZA, 2008, 22).
Authentication of all the remote users is of paramount importance before they are admitted to the organizations’ network. This process ensures that unauthorized persons are denied access to the private network, a process central to the VPN solution systems. User authentication methods may include Pre-shared secrets, given to users outside the VPN technology infrastructure. This provides an uncomplicated means to deploy VPNs rapidly to a restricted number of far-flung users (APPLEBY, 2002, p53). Alternatively, digital certificates are credible for checking user identity and can be installed on a remote computer.
The goals of VPN are to: provide remote workers with access to central network resources, securely interconnect satellite sites to enable office intranets s well as provide businesses with controlled access to chosen network resources. Nowadays, many network managers are establishing VPN-based remote-access solutions, to interconnect internal places of work (DAVISON, BELANGER, AHUJA, & WATSON-MANHEIM, 2006).
Types of VPNs
Because there are many types of networks that have been developed since the beginning of networking, various types of Virtual Private Networks have been developed to keep these networks safe as well as control access between users. Not only do the various topologies (setups) of virtual private networks control access but save money as well (APPLEBY, 2002, p28). Each type of virtual private network cost a various amount to build and maintain. With the proper implementation for the type of network that users are looking for, the maximum value can be obtained from any virtual private network.
Intranet-based VPNs
This is an IP-based, internal password-guarded network that companies use to disseminate information to employees and partners with authorization.
Extranet-based VPN
Extranets allow controlled access to networks from external networks e.g. customers, and business associates with whom the company has a close relationship. The business may want to connect to certain close contacts by way of a closely monitored extranet VPN (FINNERAN, 2008, p.17).
Remote-access VPNs
This type of VPN makes it possible for an organization’s distant employees to access company resources inexpensively through the Internet Service Provider’s (ISP’s) infrastructure. It is important to note that the same network can be used to establish the three different types of VPN namely: remote-access users, intranets, as well as extranets.
Besides encryption and decryption, a VPN must ensure that data is not modified in transit by authenticating senders which can be accomplished through a username and password. The process of proofing that data has not been tempered is called integrity checking and is done by executing a mathematical algorithm; to data before sending and figuring out the same hash at the recipient’s end (PENNSYLVANIA BAR INSTITUTE. 2000).
Benefits of using VPNs Technology
Virtual Private Networks have made it possible to connect remote office networks where employees can access intranet websites, work emails and file sharing from geographically separated networks. This happens mostly where an organization has a distant branch, a VPN creates a connection where transfer from one network is linked to a remote network through normal IP routing passing through the VPN gateway. On receiving encrypted data, the remote gateway verifies the dispatcher and authenticity, then decrypts the package and forwards the original unmodified packet to the intended recipient. This system is entirely transparent to every user and application (LIANG, 2003, p.26).
The process of configuring Remote User VPN is easy and entails the creation of client IP addresses and user accounts on the gateway (DAVIS, 2006, p.39). A new dial-up entry is established with the IP address of the gateway on the user’s system. Windows can connect to gateways when assigned a new IP address on the Local Area Network to permit network browsing. As an alternative to Point to Point Tunneling Protocol, remote users can use IPSec to gain remote access. The process needs Technologic’s Remote Office VPN feature as well as a third-party IPSec/SKIP client (SMARTT, 2001, p. 86).
VPNs provide direct cost reductions over other communication methods for instance the leased lines. Other cost benefits accrue as a result of low training requirements and equipment as well as their increased flexibility. Another way a VPN lowers costs is by doing away with the need for companies to purchase long distant leased lines. An organization requires only a dedicated connection to an ISP such as a local broadband connection or a cable service which are considerably less costly than long-distance leased lines. With the invention of international remote access VPNs, businesses have benefited from reduced International Calling rates. Characteristically, the cost to connect a European site to an American site is close to nine times more expensive when using data services or leased lines (DAVIS, 2006, p.39).
Conclusion
Virtual private networks (VPNs) have been paving the way for enterprises to return to the information superhighways of the Internet. The innovations of these technologies have made it possible to establish secure networks across the internet. The use of virtual private networks has proven to be cost effective versus other types of networks. Virtual Private Networks provide enterprises with a viable alternative to expensive private networks that rely upon leased lines, public data networks, or an Internet Service Provider (ISP). A lot of organizations that use networks implement the use of leased line telecommunication infrastructure. Ultimately, the long distance communications costs build up. The use of unnecessary remote access tools is also one of the things that incur costs for an organization. The costs from leased lines are not the only financial costs that organizations will suffer from. The implementation of a Virtual Private Network to an organization will bring noticeable financial savings.
References list
APPLEBY, J. 2002. Virtual private network: a replacement for an X.25 wide area network. Thesis (M.S.C.I.T.) Regis University, Denver, 2002.
Bates, R. J. 2000. Virtual private networks. Web.
Behrend, Frank D., Erwee, Ronel. 1970. Mapping knowledge flows in virtual teams with SNA. Emerald Group Publishing Limited 2009.
Ciampa, M. 2006. CWNA guide to wireless LANs / Uniform Title: Guide to wireless communications (2nd ed.). Boston, Mass.: Thomson Course Technology.
DAVISON, R., BELANGER, F., AHUJA, M., & WATSON-MANHEIM, M. B. 2006. Virtual work, teams and organizations. Bradford, England, Emerald Group Pub.
DAVIS, J. R. 2006. TECHNOLOGY WORKSHOP – Telecommute safely – Use virtual private network (VPN) technology to link telecommuters, clients or customers to your office network. It’s easy, inexpensive and, most important, it’s very secure. Journal of Accountancy. 202(2), pp39.
FINNERAN, M. 2008. Voice over WLANs the complete guide. Amsterdam, Elsevier/Newnes.
GANGULY, A. 2008. Self-managing virtual networks for wide-area distributed computing. [Gainesville, Fla.], University of Florida.
Kaseen, A. 2007. Asymmetric or Public Key Encryption. Web.
Kessler, G. 1998. An Overview of Cryptography 2006. Web.
KIZZA, J. M., & KIZZA, F. 2008. Securing the information infrastructure. Hershey PA, CyberTech Publ.
LIANG, H. 2003. Minimal cost design of virtual private network. Thesis (M.A.Sc.) — University of Ottawa, 2003.
LUO, W. 2005. Layer 2 VPN architectures. Indianapolis, Ind, Cisco Press.
PENNSYLVANIA BAR INSTITUTE. 2000. The virtual office & remote technology. [Mechanicsburg, Pa.], Pennsylvania Bar Institute.
SMARTT, H. 2001. Secure transfer of surveillance data over Internet using virtual private network technology: field trial between STUK and IAEA; report on task FIN A929 of the Finnish support program to IAEA safeguards. Helsinki, Radiation and Nuclear Safety Authority.