Virtual Private Networks

In modern business settings, there is a growing need to connect to local corporate networks from a variety of backgrounds (Natarajan, Muthiah, & Nachiappan, 2010). It is a common requirement for employees to connect to private networks online from home, field stations, or while on the way to an airport, or to external networks. The type of internet is not secure (Stewart, 2013; Lim et al., 2001). Therefore, security is a major issue of concern for companies where employees, customers, and business partners are often connected to internal networks from far and wide. Virtual private networks provide technology that protects that data transmitted online. VPNs allow users to set up a private tunnel where they can access data, resources and connections to internal networks over the Internet (Paul, 2000). This article provides an overview of VPNs and key tunnel processes used to improve security, with a focus on Layer 2 Tunneling Protocol.

Introduction

Virtual Private Network (VPN) is a type of private network that uses social media, such as the Internet, rather than rented lines, communication (Natarajan, Muthiah, & Nachiappan, 2010). Virtual private networks are famous for the increase in the number of employees working in remote areas. Physical means are not physical, independent and not social, any network is an electronic communication system between two or more devices. The Internet is the backbone of the virtual private network. The driving force behind the introduction of VPNs by firms is that virtual private networks save significantly and reduce the cost of repair and equipment (Rubin, 2003). The two most important features of VPNs are security and expansion. Modern private private networks overcome security threats through special pull-out agreements.

How VPNs work

Virtual private networks require an internet connection as a basic platform for sharing resources, communication and data (Stewart, 2013). Virtual Private Network transmits data through a machine called tunneling. Prior to transfer, the package is wrapped or packed in a new package with a new title. Header has information lanes that allow you to disconnect a social or shared network before reaching the end of the tunnel. The tunnel is a logical route or the way in which packets are connected.

Packets are removed when they reach the end of the tunnel, and then transferred to their destination (Stewart, 2013). The ends of both tunnels should support the sequence of rotation channels. Tunneling protocols apply to or apply to any of the Open System Interconnection (OSI) layers, e.g. There are four frequently used tunnel protocols, namely PPTP, IPsec, L2TP, and SSL. A package with a standalone IP address can be shipped and packaged with a package with a unique IP address worldwide, which is why it extends the private Internet network.

In relation to security, VPN applies encryption to ensure the confidentiality of data (Bacon et al., 2002). The virtual private network applies the tunneling mechanism to wrap or encapsulate encrypted data into a secure tunnel with open headers that have the potential to cross public networks. Packets of data passed communicated through a public network through this method cannot be read without proper decryption keys. Hence, the mechanism ensures that data is not changed or disclosed amid transit through the public network.

Virtual private networks also provide data integrity check (Stewart, 2013). Typically, the check is performed in the form of a message-digest that ensures that data has not been altered or tampered within the process of transmission. The default nature of virtual private networks is that it does not enforce or provide a strong user authentication. Hence, users can use simple usernames and passwords to gain entry into internal networks from different geographically dispersed locations or other networks. However, virtual private networks support add-on authentication such as tokens, smart cards, etc.

Deployment of VPNs

Businesses and organizations use VPNs using Remote Access VPN, Intranet VPN, Extranet VPN, or WAP Replacement (Bacon et al., 2002).
Remote access VPN

Remote VPN is a user-to-network connection for a home or mobile user who connects to corporate networks from a remote location. Allows the encrypted connection between remote users and the company’s private network.

Intranet VPN

Intranet VPN is communication between scheduled locations. Intranet VPN is a LAN-to-LAN VPN connection that connects remote locations such as branch offices into a single private network. LAN stands for Local Area Network.

Extranet VPN

Extranet VPN is a type of connection that connects business partners as customers and providers, allowing different groups to work, communicate, or share information within a shared space.

WAN switching

In WAN switching, VPNs offer the option of Wide Area Networks (WAN) (Bacon et al., 2002). However, maintaining WANs is expensive, especially in cases where networks are geographically disbanded. The use of VPNs reduces costs and removes top management. In addition, it offers improved improvements compared to traditional private networks. However, the functionality and reliability of networks can be a problem, especially when data communication is connected to the Internet.

Tunneling Protocols

Four-channel technology is widely used in virtual private networks. In this discussion, a broad definition of L2TP is provided.

Tunneling Transmission System 2 (L2TP)

Layer 2 Tunneling Protocol is an old protocol modified by SSL / TSL and IPSec VPNs in production environments (Stewart, 2013). However, the law may still apply in some areas where backwardness can be a problem. Therefore, it is possible to find it in textbooks. L2TP has been widely used in traditional VPN solutions but has lost its popularity as some protocols have become more effective as industry standards are improved. For the first time, L2TP is installed on a Microsoft server product with the launch of the Windows 2000 server (Ibid).

L2TP combines Protocol-to-Point Tunneling Protocol with Layer 2 Forwarding (Popescu, 2010). L2TP can include the PPP required to be sent via IP, ATM networks, or Frame Relay. In this protocol, multiple connections are allowed through a single channel. Similar to PPTP and L2F, Layer-Two protocol tunneling operates in OSI layer two. A layer of two VPN protocols wrapped in data in PPP frames and can transmit non-IP agreements over an IP network.

Layer-two tunneling protocol applies the same mechanisms of authentication as PPP connections, such as PAP, EAP, and others (Bacon et al., 2002). Tunneling that applies L2TP is realized through multiple levels of encapsulation. PPP data is wrapped or encapsulated in an L2TP header and a PPP header (Stewart, 2013). The L2TP wrapped packet is additionally encapsulated within a UDP header with the source port and destination port set to 1701. The final packet is wrapped with an IP header with the server and client’s source and destination IP addresses (Bacon et al., 2002). There is always a lack of confidentiality with the use of L2TP. L2TP only provides a mechanism for creating tunnels via IP network, but does not provide a mechanism for the encryption of data being channeled. Hence, L2TP is typically used together with IPSec and, hence, referred to as L2TP/IPSec. Security services are offered by IPSec, ESP, and AH, when L2TP is operating over IPSec. L2TP data and controls appear as homogeneous data packets to the IPSec system.

Risks and limitations of VPNs

Risks associated with the use of VPNs are related to viral or malware infection, peripheral risks, user verification and hacking attacks (Bacon et al., 2002).

Hacking: Customer equipment can be the victims of attacks or stage points of attack from within the stage network. Attackers can use malicious programs or bugs on client machines, as well as other hacking tools to launch various types of attacks such as VPN hijacking.

User Verification: VPN does not force or provide authentication. A VPN connection is established only by the client. Weak authentication may allow unauthorized groups to access the connected network.

Side risks for customers: VPN client devices can be connected to the Internet via a broadband connection while, at the same time, connected to a VPN connection on a private network, via a separate tunneling. Such connections pose a risk to the private networks involved.

Add a Comment

Your email address will not be published.