How can you connect two networks
in geographically separate locations without installing a private connection
between them? How can a software
development company provide remote services to allow users to access
corporate services that need to remain protected from the prying eyes of the
public Internet? The answer to both questions is to use a Virtual Private Network (VPN). VPNs provide
virtual network links based on encrypting and isolating traffic at the packet
level while using commodity Internet services for transport. The two most common uses of VPN are to link
branch offices or remote sites together (called LAN-to-LAN tunneling, or L2L)
and to provide remote access to office environments (called Remote Access [RA] VPN).
L2L tunnels are used widely for
private communications between corporate networks and other trusted networks,
which could be remote offices or other corporate-controlled networks, or third
parties (for example, for outsourcing or Business-to-Business
[B2B] data exchange). The L2L tunnel can be thought of as the
“industrial-strength” VPN approach, typically used in the same way that a
point-to-point circuit or private network link would be used. VPNs are a
default approach to secured communications between any two parties, because the
conditions and traffic allowed on the VPN can be strictly controlled from
either end of the tunnel. L2L VPNs typically require a device on both sides of
the connection that can support the same features and capabilities, as all
settings need to be identical on both endpoints of a VPN for a tunnel to be
created. While there is no way to provide Quality of Service (QoS) with
Internet-based VPNs, since the routing of the traffic is still at the
discretion of the layer three pathway, they are fast, convenient, and secure.
RA VPN services enable users to
work from a remote location as if they were physically in an office. For both
convenience and cost reasons, RA VPN services are becoming more prolific as
telecommuting and third-party system access become increasingly important to a
variety of businesses.
How a VPN
Works The goal of a VPN is to
provide a secured communication channel through a network, most commonly a
private tunnel through the Internet. To do this, the traffic is encapsulated
with a header that provides routing information that helps the traffic get to
the destination. The traffic is also encrypted, which provides integrity,
confidentiality, and authenticity. VPN has great importance to software development companies in
India.
A VPN is referred to as a tunnel
because the client does not know or care about the actual path between the two
endpoints. There are many types of non-encrypted tunnels available today, such
as Generic Routing Encapsulation (GRE)
tunnels, which make two places on a network appear closer together. While a VPN
topographically does the same thing, the private component of VPN refers to the
encryption. For example, suppose a branch office is linked to the corporate
network by a VPN. There might be a Border
Gateway Protocol (BGP) autonomous system (AS) path 15 hops over the
public Internet between the corporate VPN device and the branch office’s
endpoint device, but once the VPN is established, any clients using this
connection will only see the single hop between the VPN endpoints.
A trace route over a VPN can
neatly illustrate this concept. Figure demonstrates this logic. In the figure,
the Internet cloud represents all of the potential connections and transit
points that might actually be taken by packets traveling from the client to the
server. The path from client to server represents the logical tunnel—to the
client the connection looks like a direct path through the Internet.
Most VPN tunnels allow for the
encapsulation of all common types of network traffic over the VPN link.
IPv6 connections can also be transported across IPv4 networks using tunneling,
but these types of tunnels are not necessarily encrypted, and by themselves are
not a VPN (they are referred to as dual-stack tunnels, and there are a few different
methods for using them). The ultimate goal of VPN service is to allow clients
to have the same functional capabilities through the tunnel that they would
have if they were locally connected to their corporate network—in short, secure
remote access. Ref – custom software development companies