Virtual Private Network
Several types of computer network protocols are there that have being developed to be used with VPN tunnels. Three popular tunneling protocols continue to compete with each other in the VPN industry. These protocols are PPTP, Layer 2 tunneling protocol (L2TP) and the Internet Protocol Security (IPsec). PPTP is mostly associated with Microsoft Windows based software even though several organizations were involved in developing them. At the same time, Microsoft continues to develop on them (Michael 2006, pp. 121 – 122). L2TP – original competitor for PPTP that was developed by Cisco was the L2F.
In improving the quality of L2F, its best features were combined with those from PPTP and gave birth to L2TP. Both PPTP and L2TP exist in the Layer 2 in the OSI model, which is a data link layer hence the name. IPsec is a collection of multiple and in the same time related protocols. It can be used completely as a complete VPN protocol solution, or used as an encryption within PPTP or L2TP. In the OSI model, it exists in Layer 3, which is the network layer. When the tunnel is ready, tunneled data can be sent. The server or tunnel client uses a tunnel data transfer protocol to process the data for transfer.
This means that the payload is first encapsulated, and then sent through the internetwork, which is routed to the tunnel server. The tunnel server accepts the frame and removes the data transfer header. It then forwards it – payload, to the targeted network (Geoffrey 2006, pp. 120 – 123). There are two types of tunnels: ? Voluntary tunnels ? Compulsory tunnels Voluntary tunneling takes place when a routing server uses tunneling client software so as be able to create a virtual connection to the targeted tunnel server. If this method should succeed, appropriate protocol that is associated must be installed on the client computer.
An example is the IP connection e. g. dial-up or LAN. Vendors who sell the dial-up access servers on behalf of the dial-up client create compulsory tunneling. The network or computer device that provides such services is called a Front End Processor (FEP) in PPTP, and an IP Security Gateway in IPOSec or in L2TP is L2tp Access Concentrator (LAC) (Ordianm 2006, pp. 40 – 41). Point-to-Point protocol (PPP) PPP is designed to send information through a dedicated point-to-point connection. This means, it encapsulates IPX, NetBEUI, and IP packets within the frames of PPP, and then it is transmitted across a point-to-point link.
Hence, it is used between a NAS and a dial-up client. Usually four phases are involved in a PPP dial up session. This means all the phases have to be complete before it is able for PPP to transfer the user data (Macklin 2007, pp. 34 – 37). Phase 1 – PPP Link Establishment The PPP uses the Link Control Protocol (LCP) to create, maintain and terminate the physical connection. In this phase, authentication protocols are selected but are not used. In this stage, a decision is made on whether the two peers will compress or encrypt the data but the actual decision is made in Phase 4.
Phase 2 – User Authentication The client PC at this stage presents its credentials to remote access server. This makes it possible to have a secure authentication, hence provides protection against impersonation and replay attacks. There are various authentication methods like Challenge Handshake Authentication Protocol (CHAP) and Password Authentication Protocol (PAP). At this phase also, NAS collects the authentication data, compares the data with the ones from the database or the central authentication database (Kevin 2006, pp. 13 – 15).
Phase 3 – PPP Callback Control This phase is usually optional in which PPP uses a Callback Control Protocol. This means that the remote client and the NAS disconnect after authentication. NAS then calls remote client through a specified number. This works also as an extra security for dial-up networking. Phase 4 – Invoking Network Layer Protocols The various network control protocols that were selected in phase 1 are called upon. An example in this phase is when the IP control protocol (IPCP) assigns a dynamic address to the dial-in user (James 2007, pp.12 – 17).
Data Transfer Phase After the four phases are complete, PPP begins to transfer and receive data from the two peers. Each data that is transmitted is wrapped with a PPP header that is removed after the system receives it. If other certain conditions were negotiated in phase 1 they are applied here e. g. compression and encryption. When to use VPN; • When users or workers who are outside the LAN e. g. at home or traveling be able to connect to the remote corporate server in a secure way through the shared network e. g. internet.
• A corporation or organization is able to connect to different branches or other related companies in a secure manner over a public network. • When it is required to reduce operational expenditure by outsourcing facilities and the required support is needed. • When customization of quality of service is required and at the same time security is priority in specified situation. Impacts of VPN VPN is a solution in establishing long distance and at the same time secured network connections. Organizations or businesses rather than individuals normally deploy them, but they can be accessed from inside a home network.
When VPN is compared with other technologies, they offer various benefits for wireless networking. Implementation of VPN in an organization usually offers two benefits as compared to the alternate technologies – network scalability and cost savings, and benefit of ease to the users. Cost Savings with a VPN There are various situations that VPN can save organization money: • In reducing long distance charges that are associated with telephones • Offloading support cost • Elimination of expensive long distance leased lines Leased lines vs. VPNs – Historically organizations rent network capacity e.
g. T1 lines to acquire secured connectivity between the offices. With the help of VPN, public network infrastructure and internet connections are employed. This means the organization can tap in cheaper local leased lines or even the broadband that is offered by Internet Service Provider (ISP) (David 2006, pp. 60 – 63). Phone charges – this technology can replace dialup network and remote access servers, which were frequently used in the past. This is most common when a client retrieves or access information from the service provider’s access point.
Support Cost – With the use of VPNs, the cost that is associated with maintaining the servers is greatly reduced, since outsourcing is employed. These method also results into lower cost structure due to economy of scale. The idea of scalability is simple when only two branches are talked on, but when the business continues to expand the cost exponentially increases also. For example, a company that has two branches will use only one line, but when it comes to four branches requires six lines. VPN avoids the scalability problem by using the available network and public lines.
In the case of international and remote locations, it is easy and convenient to apply this method. However, even though their popularity, they have limitations and are not perfect same as any type of technology. Common issues that are associated with VPN during deploying and when it is used includes (Geoffrey 2006 pp. 120 – 123): • VPN technology requires a detailed understanding of network security issues and requires careful configuration or installation to ensure that there is sufficient protection on the different networks e.g. Internet.
• The performance and reliability of the Internet based VPN usually is not under the organization’s direct control. This means that it rely on the solutions of ISP and the quality of their service. • From time memorial, the products and solutions that are associated with VPN from different vendors are not compatible with the VPN technological standards. In attempting to match and mix, different equipments may cause technical problems and are expensive to implement. Future of VPN
The virtual private network has grown in popularity in organization and business in solving the issue of remote network access for employees and the associated different branches. Various organizations and corporations have adopted the idea of VPNs as a solution for security for private Wi-Fi wireless networks. There is a prediction that in the future, the use of VPN will greatly expand (Michael 2006, pp. 121 – 122). VPN allows corporations or users to connect to the remote servers, branch departments or offices, or other companies over a public internet work, in the same time maintaining secure communications.
In these cases, the secure connection usually appears to the user as a private network communication, but in fact this communication occurs over a public internetwork e. g. internet. Virtual Private Network technology is designed such that it addresses issues that surrounds current business trends towards increase in telecommuting and widely distributed operations, where workers have to connect to central resources and communicate with each other confidentially.
David, J. (2006). Information System and Business Telecommunication, New York: Barron’s Educational Series, pp. 60 – 63 Dickson, H. (2005). Project Implementation and Information Technology, London: Oxford University Publishers, pp 80 – 86 Geoffrey, M. (2006). Industrial Innovations and Development, New York: Cambridge University Publishers, pp. 120 – 123 James, B. (2007). Physical Instrumentation and Information Developments, New York: Prentice Hall, pp. 15 – 17Sample Essay of Edusson.com