Definition of Virtual Private Network Model
According to Cisco Systems, Inc., a Virtual Private Network (VPN) is a private network that has been created over a public network such as the global Internet community that allows for communications between two or more segments. There are several reasons why a VPN may be needed, and there are also multiple ways that it can be constructed, but the overall benefits of a VPN model include data security and secure communications between two or more geographically separate locations.
Other People Are Reading
-
Purpose
-
VPNs are used so that separate computers or devices can access the main gateway or organization's network while still maintaining data security.
An employer may need to use a VPN model if it allows employees to work from home. In addition, companies that require travel of employees also can use a VPN model to allow for secure communications between an employee's laptop and the employer's servers given that a client-server relationship has been established between the two devices.
Company or organization branch locations are another reason for establishing a VPN model. A VPN can be set up between headquarters and branch locations to ensure private communications.
Function
-
VPN models generally work through the set up of secure data transmission lines between two or more segments. If using remote authentication to the network on a laptop, a client-server relationship will need to be established via software installed at both communication ends. The device or laptop accessing the main network uses authentication protocols via the software, and this authentication can take the form of the password authentication protocol (PAP), fingerprints or other methods.
On the other hand, a VPN model set up between two or more Local Area Networks (LANs) will generally not use client-server communication models but server-server models. These models involve special routers and gateways installed at physical locations at each entry point to network segments.
-
Encryption
-
By definition of a VPN model, the form of communication is reliable because it offers tight security and data encryption between two devices across the network. The major types of data encryption that VPN models use include Crypto IP Encapsulation (CIPE) and Internet Protocol security (IPSec). The CIPE form of data encryption uses protected data packets (IP packets) that are wrapped in separate layers called Datagram packets (UDP packets) and then sent across the VPN tunnel. In contrast, IPSec uses data encapsulation, transportation and verification to ensure secure data is only sent to privileged computers and devices.
Transportation
-
VPN models involve data transmission and transportation between two network segments or between a client and a server. This is mainly accomplished by tunneling, a major VPN protocol. Tunneling is the process of further encapsulating and protecting data that is sent across the network. New data information (called "headers") is placed around the data being transported and sent to the destination address, at which time the headers are stripped from the data and the information arrives at the destination.
Hardware and Software
-
Depending on the type of VPN model that will be used (that is, client-server or server-server), hardware and software will need to be installed so that the VPN can be established. For companies requiring the connection between two branches or locations, VPN routers are hooked up to company servers, which carry out most of the VPN functions. Cisco Systems is a major provider of these types of routers for business solutions.
In addition, VPN software needs to be installed and enabled on both client and server devices if the client-server VPN model is being used. Microsoft Server 2008 is the latest Microsoft operating system that contains VPN functions for servers, and Microsoft 7 can be used on client devices such as laptops.
-
References
Resources
- Photo Credit Image by Flickr.com, courtesy of Vivek Patankar
