2. What is a VPN?
A virtual network overlaid on top of the
ubiquitous interconnection of the Internet
and a private network for confidential
communications and exclusive usage.
3. VPNs
In a virtual private network (VPN), "virtual"
implies that there is no physical network
infrastructure dedicated to the private network.
Instead, a single physical network infrastructure
is shared among various logical networks
In VPNs, various networking technologies are
applied toward the goal of providing private
communications within the public Internet
infrastructure
5. Why VPNs?
Separate private networking solutions are
expensive and cannot be updated quickly
to adapt to changes in business
requirements.
The Internet is inexpensive but does not
by itself ensure privacy.
6. The Internet
Virtual Private Networking: the collection of
technologies applied to a public network
—the Internet—to provide solutions for
private networking needs.
7. VPN
Motivation
Ubiquitous Coverage - wider coverage
compared with the private data network
infrastructures offered by
telecommunication providers
Cost Reduction - based on the system's
economy of scale
Security – using cryptographic technology
E-Commerce - VPNs provide both
interconnectivity and security.
8. The VPN MarketPlace
VPN Products: Hardware and Software that make
VPNs possible
– A VPN gateway is a stand-alone device that
enables authorized access to the protected
network resources. The resources are not
located on the same physical device with
the VPN gateway
– A VPN client, on the other hand, is installed
on the same network device it is supposed
to protect. Usually, the client is a software
package installed on the host computer.
10. VPN
Barriers
Lack of interoperability of IPSec*
implementations.
????????
Lack of widely used quality of service (QoS)
standards, as well as the sparse
deployment of QoS-capable infrastructures
Security services in support of VPNs must
be constructed from additional hardware
and software components as Internet
infrastructure is still largely focused on
providing connectivity and does not yet
offer services beyond connectivity.
*IPSec: Internet Security standards established by IAB
12. VPN Solutions
VPN solution consists of multiple, appropriately
configured VPN devices that are placed in the
appropriate locations within the network.
VPN Gateway Interface
The VPN client is software used for remote
access for a single computer or user.
VPN Network and Service Management.
13. VPN Vendors
Layer 2 Tunneling Protocol (L2TP): utilizing Cisco
Systems” Layer-2 Forwarding and Microsoft’s
Point-o-Point Tunneling Protocol (PPTP)
– Supports IP, IPX, AppleTalk, frame relay, ATM,
S.25 and Sonet
IBM Nways Multiprotocol Routing Services (MRS),
Nways Multiprotocol Access Services(MAS) and
Access Integration Services(AIS)
– Supports IP, APPN,TN3270
And there are many more………
14. Types of VPNs
Site to Site VPNs
– Using ISDN, Frame Relay or ATM
– Designed to replace a WAN
Remote Access VPNs
– Using the Internet
– Provide remote access to mobile or branch
employees
18. What are the costs?
Cost Savings $$
Monthly Cost Savings for Site-to-Site
VPN
800000
700000
600000
500000
400000
300000
200000
100000
0
678255
134055
0
0
2000
4000
6000
Using the Cisco
website
calculator a
comparison of
three scenarios
was made.
Not for small
enterprises!!
Number of users
*
www.cisco.com/warp/public/779/largeent/learn/technologies/vpn/site2site.html
19. VPN
Directions
Integration of VPN and firewall functions into a
single device.
Incorporating routing and quality of service
features into the VPN device will make it even
more versatile and more attractive to businesses.
Adding intelligence to the network – Currently the
routers and switches merely forward the packets
without knowing what is inside them or how to
process them accordingly. ??