Using VPN for Secure Remote Access
This is a guest post by Nitin Vaghela who writes for Cyberoam.com:
Emergence of VPN or Virtual Private Network, like all other inventions, was born out a business necessity. Organizations wanted to securely transmit and share information across different geographical locations without the hassles and costs that come with using leased lines. Imagine businesses that have hundreds of their salespeople fanning out in the field. Obviously they would need to communicate from different locations with the same privacy as accorded by the private LAN. In such a dynamic business environment of ‘anytime, anywhere’ communication, VPNs have replaced dedicated, real-world connection such as leased lines. Thus VPN assures confidentiality, integrity and authenticated exchange of data, without which conducting business over the Internet would be far more dangerous, costly and less feasible.
How does Virtual Private Network secure remote access?
VPN, while using the public network ─ the Internet ─ secures and privatizes data link between two points by making a ‘tunnel’ for the data to travel. This tunnel is nothing but the technology of placing an entire packet within another packet and sending it over a network. That outer packet insulates the inner actual content from public view and makes sure that the packet moves within a virtual tunnel. Then there is encryption of the data before sending it and decryption at the delivery end. Additionally, not only the data is encrypted but also the originating and receiving network addresses so as to conceal the internal network addresses. Also, authentication allows VPN clients and servers to correctly establish the identity of people on the network.
Thus VPN ensures the following:
- Confidentiality: This means no unauthorized party can read the data in between as it is encrypted which can only be decrypted by someone who has the value of the secret key algorithm.
- Integrity: Generation of a message authentication (MAC) value, ensures that data cannot be changed while in and if data is altered the recalculated MAC will give away the difference between the old and new MACs.
- Authentication: VPNs require authentication at both endpoints to ensure that the network traffic and data is being sent from the expected host to the exact recipient.
VPN protocol options as per business needs
Based on the type of tunnels a VPN creates, there are several VPN protocols, most common of which are PPTP, L2TP, IPSec and SSL, to choose from. They all come with their own advantages. For example PPTP establishes the tunnel but does not provide encryption, IPSec is an industry standard for traffic encryption while SSL VPN does not need a client software. With the present generation of Unified Threat Management solutions, several types of VPN connectivity options are available through one single device. Most businesses with large variety of remote devices connecting to the network, choose to deploy such integrated security solutions that offer flexible VPN options that are standard and have maximum interoperability.
The way to go: VPN
A well-designed VPN empowers a business through the following:
- It provides easy access by connecting partners, employees, suppliers, etc across multiple geographic locations without the hassles and costs of leased lines
- Secure information exchange
- Convenient and flexible option for remote users to access the office Intranet as if they were in office
- Enhances productivity and is cost efficient