What is a VPN

Definition of VPN

Fortunately with the advent of the Internet, companies, training centers, organizations of every kind and even individual users are able to create a virtual private network (VPN) to bring connection between different locations, bridging the gap between them with a moderate economic investment and using the Internet.

Virtual Private Networks using special security protocols allow access to private services only to authorized personnel of companies, training centers, organizations, etc. When a user connects via Internet, configuration of network VPN lets him connect to the private network with which the body works and access to resources with the same ease as if he was sitting in his office.

What is a VPN?

VPN is actually nothing more than a corporate network structure implemented on a network of public resources, but one which uses the same management system and abides by the same policies that are used in private networks; at the end of the day, it’s no more than creating a public network in an environment of confidentiality and privacy for the user, who will work as if he was in the same local network.

In most cases the public network is the Internet, but it can also be an ATM or Frame Relay network.

How a VPN works:

As mentioned in a previous section, from the viewpoint of the user who connects to it, the operation of a VPN is similar to any normal network; but to achieve a behavior that makes this perception possible, a large number of elements and factors are at work.

Communication between the two ends of the private network through the public one is done by establishing virtual tunnels between those two points, using encryption and authentication systems to ensure the confidentiality and integrity of data transmitted over the public network. Due to the use of these public networks (usually the Internet), you should pay special attention to security issues, i.e. to prevent unauthorized access.

Tunneling technology is a way of sending data encapsulated in a type of data packets located within the data packet used by any communications protocol; upon arrival at their destination, the original packet is unpacked back to its original state.

Authentication techniques are essential for the proper functioning of the VPNs, to ensure both transmitter and receiver are exchanging information with the correct user or device.

The virtual network authentication system is similar to login via username and password, only adapted to a greater need for validation and assurance of identity.
Most authentication systems used in VPN system are based on shared keys.

Authentication is normally done at the beginning of a session, and then randomly during the course of the session to ensure there was not a third participant able to intrude into the conversation.

All VPNs use some kind of encryption technology, which packs the data into a secure package to be sent by the public.

The encryption must be considered as essential as authentication, allowing data to be transported securely on the journey from one point to another.

There are two types of encryption techniques used in the VPN: secret or private key encryption, and public key encryption.

In secret key encryption, a secret password is made known to all participants who will make use of the encrypted information. The password is used for both encryption and decryption of information. This type of system has the problem that the password shared by all participants should be kept secret; but if it’s revealed, it has to be changed and distributed again to the participants, which can create security problems.

Public key encryption involves the use of two keys, one public and one secret. The first is sent to the other participants. Information is encrypted using its own private key and the public key of another participant in the conversation. Upon receiving the information, it is decrypted using the private key and public information generator. The big disadvantage of this type of encryption is that it is slower than the secret key.

In the virtual network, encryption should be done in real time, so that the flow of encrypted information over a network is using secret key encryption keys that are valid only for the session running at that moment.