|
A Virtual Private Network, or VPN, is a private communications network usually used within a company, or by several different companies or organisations, communicating over a public network. VPN message traffic is carried on public networking infrastructure (ie, the Internet) using standard (possibly unsecure) protocols.
Secure VPNs use cryptographic tunneling protocols to provide the necessary confidentiality (preventing snooping), sender authentication (preventing identity spoofing), and message integrity (preventing message alteration) to achieve the privacy intended. When properly chosen, implemented, and used, such techniques can indeed provide secure communications over unsecure networks.
Note that such choice, implementation, and use are not trivial and there are many insecure VPN schemes on the market. Users are cautioned to investigate products they propose to use very carefully. 'VPN' is a label which, by itself, provides little except a marketing tag.
Secure VPN technologies may also be used to enhance security as a 'security overlay' within dedicated networking infrastructures.
Secure VPN protocols include:
- IPsec (IP security), an obligatory part of IPv6.
- PPTP (point-to-point tunneling protocol), developed by Microsoft. (uses insecure RC4 for encryption).
- OpenVPN SSL based encryption available for many operating systems.
Trusted VPNs do not use cryptographic tunneling, and instead rely on the security of a single provider's network to protect the traffic. Multi-protocol label switching is commonly used to build trusted VPNs. Other protocols for trusted VPNs include:
- L2F (Layer 2 Forwarding), developed by Cisco.
- L2TP (Layer 2 Tunnelling Protocol), including work by both Microsoft and Cisco.
- L2TPv3 (Layer 2 Tunnelling Protocol version 3).
Related Topics
Adware, spyware and malware
Spyware and viruses
The Danger of Spyware
How To Choose A Fire Wall Software Program
Personal Firewalls for Home Users
|
|
|