A Virtual Private Network, or VPN, is a communications network used within a company, or by several different companies or organisations. VPN message traffic is carried on public networking infrastucture (ie, the Internet) using standard (possibly insecure) protocols. VPNs use cryptographic protocols to provide the necessary confidentiality (preventing snooping), sender authentication (preventing identity spoofing), and message integrity (preventing undetectable message alteration) to achieve the privacy intended. When properly chosen, implemented, and used, such techniques can indeed provide secure communications over insecure networks.
Note that such choice, implementation, and use are not trivial and there are many insecure VPN schemes on the market. Users are cautioned to investigate products they propose to use very carefully. 'VPN' is a label which, by itself, provides little except a marketing tag.
VPN technologies may also be used to enhance security as a 'security overlay' within dedicated networking infrastructures.
VPN protocols include IPSec (an obligatory part of IPv6), Microsoft's point-to-point tunneling protocol (PPTP), and L2TP (including work by both Microsoft and Cisco). Multi-protocol label switching can be used to build VPNs.
Search Encyclopedia
|
Featured Article
|