WordType Designs
Driven To Distractions©
The Sound of One Hand Clapping©

A rchive Date
[ 01-11-2000 ]
Category
[ Information Technologies ]
sub-Categoy
[ Networking ]
      [VPN Primer
      Get inside the company firewall from home? A Virtual Public Network could offer you the chance to telecommute effectively. Find out if it's the right solution for your business
      By Jeremy Randall, Technology Analyst, Ziff-Davis, April 12, 1999


      DevHeadIt sounds so simple. Connect to the Internet from home, and boom, you're ready to be a telecommuter! After all, with access to the information superhighway, there's nothing you can't do, right? Well, if you're trying to work from home and you need to use your company's servers, there's a bit more to it. You'll need a Virtual Private Network (VPN) solution.

      After using a VPN for several months, I've found it's great when it works, and it can be a real headache when it doesn't. But before I get to that, a more detailed explanation of Virtual Private Networking is in order.

      Why use a VPN?
      To access your company's servers, you'll probably need to get "behind the firewall." What does that mean? To keep networks secure, companies isolate and protect their internal systems from the Internet with a network firewall. Even if you can surf the web from work, chances are you can't access machines on the corporate network from outside. Simply put, a firewall keeps certain outside connections from being allowed in.

      That's where a Virtual Private Network (VPN) comes in.

      A VPN acts as a "tunnel" through the Internet, connecting your computer to the corporate network. Tunneling encapsulates your data, with encryption, into standard TCP/IP packets, which can traverse the Internet. Because data is encrypted, third parties are unable to see your information.

      Today, most VPN systems are either "client transparent" or "client initiated."

      A Client transparent VPN is used to connect two points, such as company offices in two cities. A VPN server or device connects the office network to the Internet at each location. Because the two networks are permanently connected via VPN, the computer users at each location do not need any special software on their PCs. The VPN sends information back and forth between locations, and the activity of the VPN is transparent to the users.

      A Client initiated VPN, on the other hand, requires special software on each user's computer. To access the VPN, the user must launch the client software and login to the VPN after connecting to the Internet. While this requires an extra step on the part of the user, it offers greater flexibility overall. Users can connect to the VPN from any location with Internet access -- perfect for laptop carrying road warriors.

      Hardware or Software?
      The type of VPN solution that's right for you depends on your needs, network layout and where the VPN will be accessed. Some VPN products, especially those that are client transparent, use a dedicated hardware device at each endpoint. Several networking vendors include VPN capabilities in their routers and switches. The advantage of a hardware-based VPN is ease of use and setup for dedicated connections. Once everything is in place, no further setup is required. However, hardware VPN solutions from different vendors may not use compatible standards and may not work together.

      Client initiated VPN products require software on each user's computer, which opens a connection to a VPN server. The server moderates all VPN traffic between the Internet and the internal network. From a security standpoint, the VPN server is the most important link.

      Standards
      Responding to the early popularity of VPN technology, Microsoft and Cisco Systems each proposed VPN standards to allow products from different vendors to work together. Microsoft's Point to Point Tunneling Protocol (PPTP) works with client transparent and client initiated systems without requiring authentication at the ISP level. Cisco's Layer Two Forwarding (L2F) requires hardware support in routers and servers, which means ISPs must support it on their equipment. Security is enhanced, but flexibility is lost when using L2F.

      As VPN technology becomes more mainstream, expect standards to be hammered out, allowing interoperability between products from different vendors

      My experience with Virtual Private Networking so far has been more positive than not. In fact, the only thing that makes VPN setup difficult is the immaturity of the technology. AltaVista Tunnel, for example, works well, but only after applying several updates, patches and service packs to the VPN software and to Windows itself.

      Setting the encryption level, VPN server address, name resolution information and various IP settings is essential to make a VPN function. Once I worked out the kinks in my VPN setup, I could ping internal servers and access resources behind the firewall. Traceroutes showed direct hops from my Internet-connected computer to the internal network, making the system behave as if it was not going through multiple hops across the Internet.

      Sometimes my connection would mysteriously drop out, or I could not connect at all. Usually rebooting would solve the problem. Again, I expect issues of this nature to be worked out as the technology matures.

      So should you take the plunge? If you're trying to connect trusted clients to your secure network, or you'd like to save money by replacing expensive leased network connections, a VPN solution is the way to go. Just make sure you do your homework first. It may be a good idea to wait a bit longer to see how standards issues shake out, but this is definitely something to keep on the radar screen. I expect VPN systems to be widely deployed during the next couple of years.]
      Cross-Indexed:

      New document Icon


Some pages may require Adobe Acrobat Reader


Copyright and Fair Use Information: The contents of this web site is protected by international copyright laws and may not be reproduced in any form or manner whatsoever, if for the purpose of resale or solicitation of a donation. The essays included here, may be reproduced only if: 1)They are not altered in any way; 2) reproductions must be accompanied by this copyright page ; and 3) it is given freely and without charge.
Fair use: The fair use of copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified in above sections, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is fair use the factors to be considered include : (1) the purpose and character of the use, including whether the use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole, and; (4) the effect of the use upon the potential market value of the copyrighted work.
Home | About Narrative? |Contact
Copyright © 2025. All Rights Reserved
HAG122125 (1998 -2026)