VPN,Service,Technology,Overvie computer VPN Service: Technology Overview
----------------------------------------------------------Permission is granted for the below article to forward,reprint, distribute, use for ezine, newsletter, website,offer as free bonus or part of a product for sale as longas no changes a Gone are those times when the companies and the organisations didn't need a hi-tech system to handle them. Owing to the considerable increase in the business sector and thus, an enormous increase in the complexity of the organisational struc
PPTPThe simplest and at the same time probably the oldest way of establishing an increased safety connection between a mobile client and a LAN (VPN client-to-site) is to use PPTP, also known as Windows VPN. In order to run it, you simply need to go to the "Connect to the network at work" option. Like IPSec, this technology is a combination of different protocols:PPTP - first connection initiating a TCP tunnel,GRE - the proper tunnel, through which the data is transmitted.Although PPTP is the easiest solution for setting up a tunnel, both on the client and the VPN server site, it is definitely not recommended for longer use, due to low level of security. VPN - SSL VPN Technologies As a compromise between flexibility (because obviously our boss must always have access to all data), and security, SSL VPN was brought to life. The idea was simple and brilliant. The customer trying to access internal resources, such as intranet ERP sites, first has to connect to the SSL VPN concentrator. Afterwards he goes through authentication, and only then gets access to internal corporate resources. At first glance, this solution seemed to be quite perfect: it does not require configuration on the client side, and it allows to monitor all access to internal resources. However, as it later turned out, the network administrator gains all the flexibility at the expense of controlling the client computer. Each PC is equipped with a Web browser which is usually sufficient to establish a connection to the VPN concentrator. Since accessing the network is possible from every computer, there is high chance that some of them are infected and can intercept SSL VPN user credentials.SSL VPN technology can be divided into three contract types:Web Access (Reverse Proxy)Full accesss (Port Redirect)True SSL VPN (Open VPN, TINA)VPN - IPSec TechnologiesThe most popular way to provide secure data transmission is the use of a set of protocols called IPSec, or Internet Protocol Security. Protocols that are part of IPSec are:Internet Key Exchange (IKE and IKEv2)Authentication Header (AH)Encapsulating Security Payload (ESP).The main objective pursued by IPSecs authors was to provide integrity and confidentiality of the data transmitted via IP.Each of the constituent protocols has been developed for a different purpose, and adds specific functions to the IPSec as a whole. For example, IKE is responsible for the creation of so-called Security Association (SA), which is characterized by the following:security protocol identifiersource and destination IP address,SPI, that is a 32-bit number that identifies the connection.For any VPN service, an unquestionable advantage of such modularity of the IPSec packet is that it is relatively easy to upgrade or expand. Even if in a few years the AES algorithm will be broken, it will not necessarily mean the end of the entire IPSec. Since AES is only one of the interchangeable modules, it will be easily replaced. The same modularity, however, can also be a nuisance for the administrator. Many elements are necessary for proper operation of encrypted transmission, all of which have to undergo a more or less complicated configuration. The complexity of IPSec can be a threat to the functioning of the VPN as a whole. Yet, from the very beginning of IPSec, attempts are made to improve this protocol by adding new functionalities. One such improvement is the ability to use NATed networks through IPSec NAT Traversal technology.
VPN,Service,Technology,Overvie