VPNs, or Virtual Private Networks, are secure virtual networks built atop physically connected networks. Generally, the physically connected network over which a VPN is implemented is a public network that is, one that is generally accessible and has less security than the organization implementing the VPN desires. It is also possible for an organization to implement a VPN over a private network to provide an additional level of confidentiality for its most sensitive communications, to ensure that information cannot be gained by sniffing the internal LAN143.
Each node participating in a VPN is (or is connected to) an endpoint that knows how to wrap the virtual networks traffic (which can be TCP/IP, Netwares IPX/SPX, AppleTalk, etc.) in packets understood by the public network carrying its traffic (usually TCP/IP), and then, unwrap the packets upon receipt by the destination network or host. This wrapping/unwrapping process is known as tunneling, since it takes what is normally a data link layer protocol, and wraps it within a tunnel of an outer protocol instead of placing it directly on the wire. Tunneling may be accomplished by a special hardware box that speaks the VPNs protocol, or, by client software installed on computers that are individual nodes.
VPNs usually perform user authentication (by means of certificates, user/password, etc.), and traffic encryption to create a private network. VPN protocols providing these features include PPTP, L2TP, SSH and IPSec, all of which are discussed later in this section. For more information, see the VPN topic in section 3.1.8 later in this book.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.