Virtual Private Network (VPN) in Network Security
Virtual Private Network:
Virtual Private Network (VPN) is a technology that is growing today for internal communication of a company through the Internet but in a secure way. VPN is private in the sense that it provides the privacy of the data but it is virtual in the sense that it uses a public network rather than a private network.
Private Network: In this system, the offices are connected via a leased line so that a network can be formed between them only. It remains isolated from the rest of the world. The main advantages are that it is highly secured as no external entity can enter the system.
Internet: With the progress of the Internet, It has become easier to communicate between the offices of a company via the Internet. It is the easiest one but it lags in privacy as the Internet is open to all and unless some special measure is taken data becomes accessible to all.
Implementation of Virtual Private Network (VPN):
To implement a VPN, each office of a company is equipped with a firewall and a tunnel is created between each pair of them. IPSec with ESP is used in the tunnel mode such that all traffic between any two pair of offices are aggregated onto a single authenticated, encrypted SA to provide integrity control, secrecy and immunity to the traffic.
Many firewalls have VPN capabilities built-in. Each pair of firewalls negotiates the parameters of its SA on system startup. Tunnels begin and end at the firewall, So, the company network has a clear separation from the Internet. Once SAs have been established traffic can begin flowing through the tunnel just as an ordinary data packet.
As the IPSec header is encapsulated within the IP header it does not affect forwarding them by the router. At the end of the tunnel, there remains a firewall which decapsulates the packet for getting the IPSec header and the payload to check the authenticity of the source and the integrity of the data. In this way, VPN implements privacy, authenticity and integrity.
The main advantages of VPN are that it is transparent from the application level software, and it uses the Internet as the communication network, which is why no leased line is required for internal communication of the company.