Network Routing and its Protocols
Propose and Build by Tekeste Geremew Associated with Google AdSense
Virtual Private Networks
Introduction
Virtual Private Network (VPN) is a private communications network widely used by several
companies or organizations or within a particular company to communicate confidentially
over a non-private network. VPNs are implemented with a wide range of technologies and as
such can be self-implemented or managed by a service provider thus allowing the end
customers to realize the cost advantages of a shared network, while enjoying its benefits of
security, quality of service (QoS), reliability and manageability. A VPN uses virtual
connections routed through the internet from the company’s private network to the remote
site or employee. It is also worth knowing that VPN traffic can be carried over a public
networking infrastructure like the internet but has to be on top of standard protocols or over a
service provider’s private network with a defined service level agreement in place.
Virtual Private Networks using the internet have the potential to solve many of today’s
business networking problems e.g. businesses today are finding that past solutions to wide
are networking between the main corporate network and branch offices, such as dedicated
leased lines or frame relay circuits, do no provide the flexibility required for quickly creating
new partner links or supporting project teams in the field. VPNs therefore allow many
network managers to connect remote branch offices and project teams to the main corporate
network economically and provide remote access to employees while also reducing the
internal requirements for equipment and support. VPNs also offer direct cost savings over
other communications methods such as leased lines and long distance calls and also offer
other advantages including indirect cost savings as a result of reduced training requirements
and equipment, increased flexibility and scalability.
A well designed VPN should be able to have the following features in order to achieve its
aim: Security, Scalability, Policy management, network management and reliability. In
addition also, VPNs are mostly not limited to corporate sites and branch offices but it rather
has an advantage also of providing secure connectivity for mobile workers. There are various
types of VPN that will be discussed here and they include: Internet Protocol (IP VPN), IPSec
VPN, and Secure socket layer (SSL VPN), MPLS VPN etc
Internet Protocol VPNs (IP VPNs)
IP-based VPNs enable enterprises to take advantage to the flexibility of both the internet and
service provider IP networks to create-to-any WAN communications. IP VPNs require
publicly addressed IP routing across shared network infrastructures. The major goal of IP VPN is to adequately provide IP connectivity over a shared IP infrastructure while still
maintaining the security and service features of a dedicated private network.
There are a number of essential attributes of VPNs that can extend the capabilities of a
private network and they include:
1. Quality of Service (QoS): They typically allow the prioritization of voice, data and video
applications traveling across the networks.
2. Security: Privacy for network traffic moving across public networks both in the core and
network edges are provided by using such security technology as IP security (IPSec).
3. Scalability: provisioning times are decreased and access speed enhanced when there is
access to a variety of broadband network connection types such as point-to-point protocol
(PPP), ATM, Frame Relay, DSL etc.
4. Ease of Management: Service providers today, have more network management points and
IP visibility through which to monitor and report on data traversing their networks.
5. High availability: Network availability is increased because the carrier network contains
equipment and core link redundancy, broadband backbones, access links and a twenty four
hours everyday management.
There are three basic classes of IP VPNs and they include Access VPNs, Intranet VPNs and
Extranet VPNs.
Access Virtual Private networks (VPNs)
An access VPN can be defined as a scheme that allows secure remote access to an internal
corporate server. They allow remote corporate users to have on-demand connectivity into
their corporate intranets through ad hoc tunnels. Access VPNs actually allows companies to
take work to the worker, wherever they are. There are some certain requirements that need to
be fulfilled by such a scheme and they include:
a) User authentication and authorization: The scheme should be able to identify the user and
to verify that this user is authorized to access the contacted internal server.
b) Data Privacy: The scheme should be able to guarantee that the exchanged data is
encrypted and authentication at least when it is sent over the public internet.
c.) Private addressing: The access VPN scheme should be able to assign the remote user a
private IP address taken from the same range since many corporations use private IP
addresses in their intranets.
The main reason for the wide variety of access VPN solutions and their complexity is that up
to five entities can be actively involved as tunnel endpoints; the end host (i.e. the user’s PC),
the broadband modem, the operator access gateway, the ISP access gateway and the
corporate access gateway.
MPLS VPNs for Remote Access
MPLS VPN is a technology that allows service providers to have complete control over
parameters that are critical to offering its customers service guarantees with regard to
bandwidth throughputs, latencies and availability. The technology enables secure VPNs to be
built and allows scalability that will make it possible for service providers to offer assured
growth to its customers without having to make significant investments. Service providers
would now be geared to provide bandwidth on demand, video conferencing, Voice over IP
(VoIP), multimedia services and a host of other value added services that could revolutionize
the way a corporate business works.
MPLS based VPNs reduces customer networking complexity, costs and totally do away with
the requirement of in-house technical workforce. Rather than setting up and managing
individual point-to-point circuits between each office using a pair of leased lines, MPLS
VPN customers need to provide only one connection from their office router to a service
provider edge router. MPLS VPNs allows service providers to deploy scalable VPNs and
build the foundation to deliver value added services
Comments
Post a Comment