VPN (Virtual private network) Connectivity

VPN technology allows businesses to use their existing Internet connections to connect to other offices (site-to-site VPNs) or allow telecommuting or mobile users to connect into the office network from their PCs (remote-access VPN).

VPN Connectivity

VPNs provide a variety of benefits over private-line connections:

  • Cost savings over private-line connections
  • Remote-access connections for telecommuting or mobile users
  • Scalability

At the same time, VPNs have some major drawbacks:

  • Higher overhead
  • Varying service levels
  • Additional security considerations

VPN connections come in two major genres: site-to-site and remote-access VPNs.

Site-to-site VPNs are the direct replacement for private-line WAN connections. They allow offices to maintain permanent or semipermanent connections between each other through the Internet.

Remote-access VPNs typically are used to allow telecommuting or mobile workers to connectto the corporate network from home or hotel-like locations. These remote-access VPNs comein a couple of styles: client-based (requires the installation of a VPN client) and clientless (also known as SSL or WebVPN; users connect through a secure web page).

The key protocol that drives VPN connections is IPsec. This is actually a suite of protocols that provide standards for encryption, authentication, and data integrity.

Three primary encryption standards are used with IPsec:

  • Data Encryption Standard (DES) algorithm was originally developed by IBM to support a 56-bit key.
  • Triple DES (3DES) algorithm uses three different DES keys to encrypt data, thus tripling the strength of DES.
  • Advanced Encryption Standard (AES) currently offers 128-, 192-, and 256-bit encryption.

Currently, two data-integrity standards are used with IPsec:

  • Message Digest 5 (MD5) uses a 128-bit hashing algorithm.
  • Secure Hash Algorithm 1 (SHA-1)uses a 160-bit hashing algorithm.

Copyright ©2010 -  2019 Ciscoforall.com | Privacy Policy