There are two characteristics that make Internet useful and popular as
the primary platform for business communication. Openness and ubiquity are its greatest
advantages and at the same time its greatest weaknesses. Organisations quite happily conduct business
over their LANs and
WANs because these
infrastructures are very well known entities of the corporate and they are very
tightly controlled. In essence privacy
is generally ensured and so are security and performance.
Today we talk about organisations using public Internet infrastructure
for mission critical applications. Lack
of performance would adversely affect the conduct of business and availability,
scalability and bandwidth remain the major concerns of Internet-based
infrastructures.
Another major concern to businesses is the security of their infrastructure.
Connectivity brings with it the inherent risk of
compromising the IT infrastructure.
In the age of doing business electronically, information is treated
as commodity and sensitive information such as credit card detail, username
and password, and strategic management information provides the hackers and
the intruders with the motive for attempting to compromise the system.
Furthermore, there is security threat to information when
it is travelling over the Internet. The truth is that Internet and in particular
Web was never designed for all the intuitive business applications that we
have in mind. Security was never a
major issue with the Web and it is due to this that in order to secure the
communication and the system we need to implement the security. Virtual Private Network (VPN) is a technological
attempt to use encryption and tunnelling technology to implement
the security requirements for:
There are three principles that one needs to ensure for secure
communication.
VPNs are used for the communication in order to ensure all the
above. The two major protocols of VPN
are IPSec tunnelling and point-to-point tunnelling.
IPSec or Internet Protocol security is a set of security protocols that
are designed to ensure authentication through encryption protocols. This suite of protocols is designed by the
Internet Engineering Task Force (IETF) to address security problems of IP-based
networks. IPSec is one of the protocols
within the Internet Protocol layer of the OSI stack and is
configured to ensure all three security requirements (authentication, privacy,
and integrity). In simple terms, IPSec adds
its own header to the packet that has arrived from the transport layer and
encrypts the packet to form a virtual and secure tunnel across the network from
one IP-based LAN to another IP-based LAN.
Remote users that may wish to dial into the corporate network through an
ISP may use Point-to-Point Tunnelling Protocol (PPTP). PPTP enables the remote user to access the
corporate networks by dialling into ISP's Point-Of-Presence (POP). A virtual
private network or a secure tunnel is created to the corporate server for each
of the remote users. This eliminates
many problems such as the previous need for implementing expensive Wide Area
Networks through proprietary connections.
Also there is no need for additional software at the client if the ISP supports
PPTP.
Now test yourself and find out more.
How
would you define a VPN? |
|
Security
mechanisms that are available in VPN are Authorisation, Authentication, and
Encryption. How would you describe
these? |
|