Working Time: Middle East( Riyadh-Kuwait Time Zone) Saturday - Wednesday 9 am- 2pm, 4pm-7.30pm and Thursday 10am-2pm
Technical Support is 24x7x365
VIRTUAL PRIVATE NETWORK
Virtual Private Networking or VPN is a group of two or more computer systems connected to a private network with limited public-network access that communicates securely over a public network, such as the Internet.
VPNs may exist between an individual machine and a private network (client-to-server) or a remote
LAN and a private network (server-to-server). Most
VPNs include encryption, strong authentication of remote users or hosts, and mechanisms for hiding or masking information about the private network topology from potential attackers on the public network.
There are two basic ways to create a VPN connection: Gateway to gateway
Host to gateway
A gateway is a device that features
VPN server capabilities. An example of a gateway is the
Cable/DSL VPN Router. The Router functions as a
VPN server, creating a “tunnel” or channel between itself and a remote location, so that data transmissions between them are secure. A host is a device, such as a computer, with VPN host software installed. Microsoft 2000 and XP have built-in
VPN host software; other versions of Microsoft operating systems require additional, third-party software applications to be installed.
Gateway to Gateway
An example of a gateway-to-gateway VPN would be a
Cable/DSL VPN Router (gateway) linked to the central office's
VPN server (gateway). At home, a telecommuter uses his
Cable/DSL VPN Router for his always-on Internet connection. His Router has a built-in
VPN server configured with his office’s
VPN settings. He starts up the Router’s utility and connects to the
VPN server at the central office 40 miles* away. Using the
VPN, the telecommuter now has a secure connection to the central office’s network, as if he were physically connected.
Host to Gateway
An example of a host-to-gateway VPN would be a notebook computer (host) linked to the central office’s
VPN server (gateway). In her hotel room, a traveling business person dials up their ISP. Their notebook computer has
VPN host software configured with their office’s
VPN settings. The person starts up the
VPN host software and connects to the
VPN server at the central office 4000 miles* away. Using the
VPN, the business person now has a secure connection to the central office’s network, as if they were physically connected.
VPN TYPES
VPN TYPES
There are three broad categories of VPN products: • hardware-based systems.
• firewall-based VPNs.
• standalone VPN application packages. *Distances are examples only; VPNs have no distance limitations.
The majority of hardware-based VPN systems are encrypting routers. They are secure and easy to use, since they provide the nearest thing to "plug and play" encryption equipment available. Since they don't waste processor overhead in running an operating system or applications, they provide the highest network throughput of all VPN systems. However, they may not be as flexible as software-based systems.
The best hardware VPN packages offer software-only clients for remote installation, and incorporate some of the access control features more traditionally managed by firewalls or other perimeter security devices.
Firewall-based VPNs take advantage of the firewall's security mechanisms, including restricting access to the internal network. They also perform address translation; satisfy requirements for strong authentication; and serve up real-time alarms and extensive logging. Most commercial firewalls also "harden" the host operating system kernel by stripping out dangerous or unnecessary services, providing additional security for the VPN server. OS protection is a major plus, since very few
VPN application vendors supply guidance on OS security. Performance may be a concern, especially if the firewall is already loaded - however, some firewall vendors offer hardware-based encryption processors to minimize the impact of VPN management on the system.
Star
Mesh
Software-based VPNs are ideal in situations where both endpoints of the
VPN are not controlled by the same organization (typical for client support requirements or business partnerships), or when different firewalls and routers are implemented within the same organization. Currently, standalone
VPNs offer the most flexibility in network traffic management. Many software-based products allow traffic to be tunneled based on address or protocol, unlike hardware-based products, which generally tunnel all the traffic they handle, regardless of protocol. Tunneling specific traffic types is advantageous in situations where remote sites may see a mix of traffic - some that may need transport over a VPN (such as entries to a database at headquarters) and some that do not (such as Web surfing). In situations where performance requirements are modest (such as users connecting over dial-up links), software-based
VPNs may be the best choice.
In a summary, a VPN is a private connection between two machines or networks over a shared or public network. In practical terms,
VPN technology lets an organization securely extend its network services over the Internet to remote users, branch offices, and partner companies. In other words,
VPNs turn the Internet into a simulated private
WAN.
The Internet's appeal is its global presence, and its use is now standard practice for most users and organizations. As the need for communication links continue to grow, VPNs become increasingly relevant as they provide security, are cost-efficient and quick to implement.
