Virtual private networks (VPNs) allow users to securely access an organization's intranet from remote locations using public networks like the internet. VPNs use encryption and tunneling protocols to securely transmit data and authenticate users, providing privacy and access similar to a private network. The main benefits of VPNs are reduced costs compared to dedicated private networks, as VPNs can leverage existing broadband internet connections instead of expensive leased lines. Common VPN protocols include PPTP, L2TP, and IPsec, with "tunneling" referring to the encapsulation of packets within other protocol packets to create and maintain virtual connections.

1. VIRTUAL PRIVATEVIRTUAL PRIVATE
NETWORKS (VPN)NETWORKS (VPN)
BY:BY:
Rahul KhatriRahul Khatri
10/FET/EC(s)/211110/FET/EC(s)/2111

2. Traditional ConnectivityTraditional Connectivity

3. What is VPN?What is VPN?
Virtual Private Network is a type of privateVirtual Private Network is a type of private
network that uses public telecommunication,network that uses public telecommunication,
such as the Internet, instead of leased lines tosuch as the Internet, instead of leased lines to
communicate.communicate.
Became popular as more employees worked inBecame popular as more employees worked in
remote locations.remote locations.
Terminologies to understand how VPNs work.Terminologies to understand how VPNs work.

4. Private NetworksPrivate Networks
vs.vs.
Virtual Private NetworksVirtual Private Networks
Employees can access the network (Intranet)Employees can access the network (Intranet)
from remote locations.from remote locations.
Secured networks.Secured networks.
The Internet is used as the backbone for VPNsThe Internet is used as the backbone for VPNs
Saves cost tremendously from reduction ofSaves cost tremendously from reduction of
equipment and maintenance costs.equipment and maintenance costs.
ScalabilityScalability

5. Remote Access Virtual PrivateRemote Access Virtual Private
NetworkNetwork

6. Brief Overview of How it WorksBrief Overview of How it Works
Two connections – one is made to theTwo connections – one is made to the
Internet and the second is made to theInternet and the second is made to the
VPN.VPN.
Datagrams – contains data, destinationDatagrams – contains data, destination
and source information.and source information.
Firewalls – VPNs allow authorized usersFirewalls – VPNs allow authorized users
to pass through the firewalls.to pass through the firewalls.
Protocols – protocols create the VPNProtocols – protocols create the VPN
tunnels.tunnels.

7. Four Critical FunctionsFour Critical Functions
AuthenticationAuthentication – validates that the data was– validates that the data was
sent from the sender.sent from the sender.
Access controlAccess control – limiting unauthorized users– limiting unauthorized users
from accessing the network.from accessing the network.
ConfidentialityConfidentiality – preventing the data to be– preventing the data to be
read or copied as the data is beingread or copied as the data is being
transported.transported.
Data IntegrityData Integrity – ensuring that the data has– ensuring that the data has
not been alterednot been altered

8. EncryptionEncryption
Encryption -- is a method of “scrambling”Encryption -- is a method of “scrambling”
data before transmitting it onto thedata before transmitting it onto the
Internet.Internet.
Public Key Encryption TechniquePublic Key Encryption Technique
Digital signature – for authenticationDigital signature – for authentication

9. TunnelingTunneling
A virtual point-to-point connectionA virtual point-to-point connection
made through a public network. It transportsmade through a public network. It transports
encapsulated datagrams.encapsulated datagrams.
Encrypted Inner Datagram
Datagram Header Outer Datagram Data Area
Original Datagram
Data Encapsulation [From Comer]
Two types of end points:
 Remote Access
 Site-to-Site

10. Four Protocols used in VPNFour Protocols used in VPN
PPTP -- Point-to-Point Tunneling ProtocolPPTP -- Point-to-Point Tunneling Protocol
L2TP -- Layer 2 Tunneling ProtocolL2TP -- Layer 2 Tunneling Protocol
IPsec -- Internet Protocol SecurityIPsec -- Internet Protocol Security
SOCKS – is not used as much as theSOCKS – is not used as much as the
ones aboveones above

11. VPN Encapsulation of PacketsVPN Encapsulation of Packets

12. Types of ImplementationsTypes of Implementations
What does “implementation” mean inWhat does “implementation” mean in
VPNs?VPNs?
3 types3 types
Intranet – Within an organizationIntranet – Within an organization
Extranet – Outside an organizationExtranet – Outside an organization
Remote Access – Employee to BusinessRemote Access – Employee to Business

13. Virtual Private Networks (VPN)
Basic Architecture

14. Device TypesDevice Types
 What it meansWhat it means
 3 types3 types
 HardwareHardware
 FirewallFirewall
 SoftwareSoftware

15. Device Types: HardwareDevice Types: Hardware
 Usually a VPN type of routerUsually a VPN type of router
Pros
• Highest network throughput
• Plug and Play
• Dual-purpose
Cons
• Cost
• Lack of flexibility

16. Device Types: FirewallDevice Types: Firewall
 More security?More security?
Pros
• “Harden” Operating System
• Tri-purpose
• Cost-effective
Cons
• Still relatively costly

17. Device Types: SoftwareDevice Types: Software
 Ideal for 2 end points not in same org.Ideal for 2 end points not in same org.
 Great when different firewallsGreat when different firewalls
implementedimplemented
Pros
• Flexible
• Low relative cost
Cons
• Lack of efficiency
• More labor
training required
• Lower
productivity; higher
labor costs

18. AdvantagesAdvantages
VS.VS.
DisadvantagesDisadvantages

19.  Eliminating the need for expensive long-distanceEliminating the need for expensive long-distance
leased linesleased lines
 Reducing the long-distance telephone chargesReducing the long-distance telephone charges
for remote access.for remote access.
 Transferring the support burden to the serviceTransferring the support burden to the service
providersproviders
 Operational costsOperational costs
Advantages: Cost SavingsAdvantages: Cost Savings

20. Flexibility of growthFlexibility of growth
Efficiency with broadband technologyEfficiency with broadband technology
Advantages: ScalabilityAdvantages: Scalability

21. VPNs require an in-depth understanding ofVPNs require an in-depth understanding of
public network security issues and properpublic network security issues and proper
deployment of precautionsdeployment of precautions
Availability and performance depends on factorsAvailability and performance depends on factors
largely outside of their controllargely outside of their control
Immature standardsImmature standards
VPNs need to accommodate protocols otherVPNs need to accommodate protocols other
than IP and existing internal network technologythan IP and existing internal network technology
DisadvantagesDisadvantages

22. Applications: Site-to-Site VPNsApplications: Site-to-Site VPNs
Large-scale encryption between multipleLarge-scale encryption between multiple
fixed sites such as remote offices andfixed sites such as remote offices and
central officescentral offices
Network traffic is sent over the branchNetwork traffic is sent over the branch
office Internet connectionoffice Internet connection
This saves the company hardware andThis saves the company hardware and
management expensesmanagement expenses

23. Site-to-Site VPNsSite-to-Site VPNs

24. Applications: Remote AccessApplications: Remote Access
Encrypted connections between mobile orEncrypted connections between mobile or
remote users and their corporate networksremote users and their corporate networks
Remote user can make a local call to an ISP, asRemote user can make a local call to an ISP, as
opposed to a long distance call to the corporateopposed to a long distance call to the corporate
remote access server.remote access server.
Ideal for a telecommuter or mobile sales people.Ideal for a telecommuter or mobile sales people.
VPN allows mobile workers & telecommuters toVPN allows mobile workers & telecommuters to
take advantage of broadband connectivity.take advantage of broadband connectivity.
i.e. DSL, Cablei.e. DSL, Cable

25. Industries That May Use a VPNIndustries That May Use a VPN
Healthcare:Healthcare: enables the transferring of confidential patientenables the transferring of confidential patient
information within the medical facilities & health care providerinformation within the medical facilities & health care provider
ManufacturingManufacturing: allow suppliers to view inventory & allow: allow suppliers to view inventory & allow
clients to purchase online safelyclients to purchase online safely
Retail:Retail: able to securely transfer sales data or customer infoable to securely transfer sales data or customer info
between stores & the headquartersbetween stores & the headquarters
Banking/Financial:Banking/Financial: enables account information to beenables account information to be
transferred safely within departments & branchestransferred safely within departments & branches
General Business:General Business: communication between remotecommunication between remote
employees can be securely exchangedemployees can be securely exchanged

26. Statistics From Gartner-Statistics From Gartner-
Consulting*Consulting*
50%
63%
79%
90%
0% 20% 40% 60% 80% 100%
Access to network for
business
partners/customers
Site-to-site connectivity
between offices
Remote access for
employees while
traveling
Remote access for
employees working out
of homes
% of Respondents
Percentages
*Source: www.cisco.com

27. Some Businesses using a VPNSome Businesses using a VPN
CVS Pharmaceutical Corporation upgraded theirCVS Pharmaceutical Corporation upgraded their
frame relay network to an IP VPNframe relay network to an IP VPN
ITW Foilmark secured remote location orders,ITW Foilmark secured remote location orders,
running reports, & internet/intranetrunning reports, & internet/intranet
communications w/ a 168-bit encryption bycommunications w/ a 168-bit encryption by
switching to OpenReach VPNswitching to OpenReach VPN
Bacardi & Co. Implemented a 21-country, 44-Bacardi & Co. Implemented a 21-country, 44-
location VPNlocation VPN

28. Where Do We See VPNsWhere Do We See VPNs
Going in the Future?Going in the Future?
VPNs are continually being enhanced.VPNs are continually being enhanced.
Example:Example: Equant NVEquant NV
As the VPN market becomes larger, moreAs the VPN market becomes larger, more
applications will be created along withapplications will be created along with
more VPN providers and new VPN types.more VPN providers and new VPN types.
Networks are expected to converge toNetworks are expected to converge to
create an integrated VPNcreate an integrated VPN
Improved protocols are expected, whichImproved protocols are expected, which
will also improve VPNs.will also improve VPNs.

29. Pop Quiz!Pop Quiz!
VPN stands for…
a) Virtual Public Network b) Virtual Private Network
c) Virtual Protocol Network
d)
Virtual Perimeter Network
Q.1Q.1

30. Pop Quiz!Pop Quiz!
A.1A.1
b) Virtual Private Network
VPN stands for…
VPN stands for "Virtual Private Network" or "Virtual Private Networking." A VPN is a
private network in the sense that it carries controlled information, protected by various
security mechanisms, between known parties. VPNs are only "virtually" private,
however, because this data actually travels over shared public networks instead of fully
dedicated private connections.

31. Pop Quiz!Pop Quiz!
What are the acronyms for the 3 most common VPN
protocols?
Q.2Q.2

32. Pop Quiz!Pop Quiz!
A.2A.2
• PPTP
• L2TP
• IPsec
3 most common VPN protocols are…
PPTP, IPsec, and L2TP are three of today's most popular VPN tunneling protocols. Each
one of these is capable of supporting a secure VPN connection.

33. Pop Quiz!Pop Quiz!
What does PPTP stand for?
Q.3Q.3

34. Pop Quiz!Pop Quiz!
A.3A.3
PPTP = Point-to-Point Tunneling Protocol !

35. Pop Quiz!Pop Quiz!
What is the main benefit of VPNs compared to
dedicated networks utilizing frame relay, leased
lines, and traditional dial-up?
Q.4Q.4
a) better network performance b) less downtime on average
c) reduced cost d) improved security

36. Pop Quiz!Pop Quiz!
A.4A.4
c) reduced cost
The main benefit of VPNs is…
The main benefit of a VPN is the potential for significant cost savings compared to
traditional leased lines or dial up networking. These savings come with a certain amount
of risk, however, particularly when using the public Internet as the delivery mechanism
for VPN data.

37. Pop Quiz!Pop Quiz!
In VPNs, the term "tunneling" refers to
Q.5Q.5
a) an optional feature
that increases network
performance if it is
turned on
b) the encapsulation of packets inside
packets of a different protocol to
create and maintain the virtual circuit
c) the method a system
administrator uses to
detect hackers on the
network
d) a marketing strategy that involves
selling VPN products for very low
prices in return for expensive service
contracts

38. Pop Quiz!Pop Quiz!
A.5A.5
b) the encapsulation of packets inside packets
of a different protocol to create and
maintain the virtual circuit
In VPNs, the term "tunneling" refers to…