VPN (Virtual Private Network)

VPN (Virtual Private Networking)

Virtual Private Network was started initially by Millitary Network. As the communication of Millitary network requires a  privatisation and separation from other network.

In todays internet world, the data has to be routed through Internet through various nodes. so that the information can be hampered by an hacker. The man in the middle attack can steal the confidentiality of the data, to prevent this we use Virtual Private Network.  

VPN allows to connect through different Networks Confidentially keeping the data Secure. It is a Virtual Tunnel which helps in securely transmitting data through two remote locations. In this tunnel the data is send encrypted and send, so even when hacker or intruder penetrate that tunnel and grab that data, the data  is encrypted and is garbage for them.

If VPN tunnel travels from A(Source) to B(Destination) through C as mid way path, but if hacker tries to penetrate the tunnel at node C, the entire tunnel shuts down at C. Tunnel then finds a different path to destination B.

Tunneling Protocol tries to protect the data, it encrypts the data going through tunnel. VPN is a Client-Server Technology. Server provides a Service and Client which gets this Service. In VPN, Client tries to communicate VPN Server for this Service. If credentials are correct (username and password) Clients connect to Server through VPN. VPN Server used in this has to be compatible to VPN Client.

A virtual private network (VPN) is a technology that creates an encrypted connection over a less secure network. The benefit of using a VPN is that it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using a VPN instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network (e.g., for a traveling sales rep) or it is too costly to do so. The most common types of VPNs are remote-access VPNs and site-to-site VPNs. 

A remote-access VPN uses a public telecommunication infrastructure like the Internet to provide remote users secure access to their organization's network. A VPN client on the remote user's computer or mobile device connects to a VPN gateway on the organization's network, which typically requires the device to authenticate its identity, then creates a network link back to the device that allows it to reach internal network resources (e.g., file servers, printers, intranets) as though it was on that network locally. A remote-access VPN usually relies on either IPsec or SSL to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application rather than to the whole internal network. Some VPNs provide Layer 2 access to the target network; these require a tunneling protocol like PPTP or L2TP running across the base IPsec connection. 

A site-to-site VPN uses a gateway device to connect the entire network in one location to the network in another, usually a small branch connecting to a data center. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the Internet use IPsec. It is also common to use carrier MPLS clouds rather than the public Internet as the transport for site VPNs. Here, too, it is possible to have either Layer 3 connectivity (MPLS IP VPN) or Layer 2 (Virtual Private LAN Service, or VPLS) running across the base transport.

VPNs can also be defined between specific computers, typically servers in separate data centers, when security requirements for their exchanges exceed what the enterprise network can deliver. Increasingly, enterprises also use VPNs in either remote-access mode or site-to-site mode to connect (or connect to) resources in a public infrastructure as a service environment. Newer hybrid-access scenarios put the VPN gateway itself in the cloud, with a secure link from the cloud service provider into the internal network.