About VPN

How this VPN is implemented in Corporate Networks and what is the advantage and disadvantage of this VPN when compared to other types of networks.

Let's say there is a company that has offices in different cities or countries. These offices need to communicate with each other in real time, to exchange sensitive data. Those data could be anything, from a phone call between two executives which passes through VoIP, to an ERP application that needs to collect or synchronize logistical data, such as receipts. Apparently there is no easy way to create a physical network between those distant offices, but there is already a universal network that could provide transportation for the information we want, the Internet.

The company could indeed use the Internet directly to exchange information among the offices.

However the Internet has some qualities that make it not ideal for that:

1) It is an insecure network. The company's data will pass from many third parties' networks, any of those parties could "take a peek" at the data. Besides that, every host in each of the offices, will be routable from the millions of internet's hosts.

In order to address the above facts, the company would have to implement encryption in it's services and packet filtering in all it's hosts. VPN handles those issues in a unified way: it encrypts transparently any data and makes sure that unauthorized hosts will not be able to contact company's hosts.

2) It has a limited supply of addresses. It wouldn't be efficient to lease an Internet address for each of the offices' hosts. For the Internet it would be a waste of addresses, since those hosts are not interested in communicating with hosts of the internet, only with each other, and for the company it would be a waste of money, since those addresses cost. NAT would be a possible alternative solution to this, however not a good one. NAT is complicated, incompatible with some applications and has some limitations, as a result of the fact that it's only a hack.

VPN handles that issue in the best way: As far as any of the company's networking application is concerned, the VPN is a local physical network. Addresses can be assigned freely, routing can be applied to other internal (physical or not) networks, it is even possible to pass broadcasts through it. As far as any internet host is concerned, the company's network does not exist.

There are many advantages in having your own secure network inside a public network, like the internet. Some examples:

- Employees can be part of the company's network from any part of the world, as long as they authenticate themselves.

- It is very easy to control what resources of the network each employee will be able to be access, based on his authentication ID.

- Access to services that have no authentication or encryption mechanism of their own, can be made secure, using VPN's authentication and encryption mechanisms.

Thank you very much for giving a better clarity on VPN.


I would like to add some more queries:

1. Where this Encryption mechanism is embedded whether it is on the ISP side or on the corporate network side.
2. Which physical device is responsible for this mechanism.
3. Is there any dedicated server employed to do this Mechanism.
4. Is there is any specific protocol assigned globally to accomplish this VPN in the internet cloud.

I once again thank you for valuable replies.

Is there any way i can chat with you......

Let me know your interest and inconvenience .

Thanks.

1. Where this Encryption mechanism is embedded whether it is on the ISP side or on the corporate network side.

The ISP is not involved at the VPN at all. Everything happens at the the corporate network's side. There are ISPs that can set and support VPN for their clients, however technically a VPN does not involve the ISP.

2. Which physical device is responsible for this mechanism.

VPNs are implemented using software, there are of course embedded routers from companies such as CISCO that support implementations of VPN, like IPsec, however it is perfectly possible and in some ways better to use a typical x86 computer for that role.

3. Is there any dedicated server employed to do this Mechanism.

Any server can do it, there is VPN software such as OpenVPN and IPsec support for all popular Operating Systems.

4. Is there is any specific protocol assigned globally to accomplish this VPN in the internet cloud.

There are various VPN protocols. The most comon are: PPTP, IPSec/L2TP and SSL implementations such as OpenVPN. You can find many information for each of them by quering a web-search engine for those names.

Is there any way i can chat with you......

You can contact me through the MSN messenger account that is mentioned in my profile page, however take notice that I have no experience with as complex and mission-critical networks as a corporate network would be nor with embedded solutions that are common in those environments, so I can only help in the theoretical part

Hi Comrades,

I viewed all these articles in this thread.I got the clear cut idea about VPN. Fine i want know more about what kind of major errors occurred while connecting the VPN connection or while in the middle of it. Anyone can give me the answers...................

Cheers. :roll: