|
VPN
VPN
Motivation
Why is
it useful to employ virtual private networks for business
communication? After all, separate private networks have
been set up to serve the specific communication needs of
many businesses. What advantages do you gain by converting
the existing separate private networks to an Internet-based
VPN?
Ubiquitous
Coverage
The
Internet offers far wider coverage compared with the private
data network infrastructures offered by telecommunication
providers. Adding new destinations to a private network
means adding new circuits.
Unlike the Internet, which has public and private peering
points all over the world, few interconnection agreements
exist between the service providers. Thus, the coverage of a
private network is limited.
The
Internet, on the other hand, is a vast interconnection of
heterogeneous networks. Any host connected to a network that
is connected to the Internet is in turn connected to any
other host connected to a network connected to the Internet.
Cost
Reduction
Another advantage gained by using an Internet-based VPN is
cost reduction based on the system's economy of scale.
Simply put, it eliminates the need to purchase and maintain
several special-purpose infrastructures to serve the
different types of communication needs within a corporation.
Security
VPNs
use cryptographic technology to provide data confidentiality
and integrity for the data in transit. Authentication and
access control restrict access to corporate network
resources and services.
In
traditional private networks, the security of the data
during transit relies on the telecommunication service
provider's physical security practices for data
confidentiality. For example, frame relay networks have no
built-in provision for encrypting data frames. Consequently,
data frames, if intercepted, can be easily decoded. In VPNs,
you need not trust the perceived physical security of the
telecommunication service provider. Instead, data is
protected by cryptography.
E-Commerce
More
and more business is being conducted using the Internet.
Electronic commerce is not only a major new method of
retailing merchandise (called "B2C" for business-to-consumer
e-commerce), but it is also a way for businesses to trade
goods and services among themselves (called "B2B" for
business-to-business e-commerce). Interconnectivity of
businesses is essential, and the Internet is the logical
choice for the interconnection technology.
E-commerce must be secure. Private networks use physical
separation for security, but it is impractical to have a
separate infrastructure for each customer or B2B partner.
Therefore, a closed, inflexible private network is not well
suited for supporting e-commerce. A public infrastructure is
more flexible but lacks security. VPNs provide both
interconnectivity and security.
1.1 Business
Communication
There are many types of business communication. Broadly
speaking, business communication can be classified into
three categories:
·
Internal communication The message is limited to selected
internal audiences. For example, a corporation may
periodically distribute an updated company employee
directory to all its employees. Confidentiality is
essential.
·
Selected external communication The message is intended for
selected external audiences. For example, a retail store may
want to order a product from its supplier. Although not all
communications of this type are considered proprietary, one
company's business with another is generally confidential.
·
Communication with public and other external audiences The
message is intended for general public consumption.
Sometimes, the wider audience the message reaches, the
better. For example, a company may place a 30-second
commercial during a sporting event to reach a large
audience. At other times, a targeted message is designed to
cater to a specific audience to maximize its impact. This
type of communication is generally not confidential.
Businesses have traditionally used specialized technologies
for these different types of communication and have managed
them separately.
The
Convergence of Business Communication
Although businesses have a variety of communication
types—and hence the need for different modes of
communication—the digitization of information, and the
creation of computer networks to deliver it, has been a
unifying factor. Internal memos are now emails, and employee
directories are kept in databases. Orders can be placed
online. The World Wide Web provides a means for publishing
sophisticated product brochures. Although there will always
be the need for traditional forms of information
dissemination, much business communication is converging on
a digital network.
The
computer networking technologies are also converging. There
used to be many types and formats of computer networks, each
developed by a different vendor. IBM offered Systems
Networking Architecture (SNA) for its mainframe and
minicomputers. Digital had DECNET, used in the once-popular
VAX computing environment. In the PC environment, Novell's
Netware was dominant and still is fairly widely used for PC
interconnections. Nonetheless, with the development of the
Internet, most computer networks have migrated to an
IP-based infrastructure. IP—the Internet Protocol—serves as
the common format for all connected network devices on the
Internet.
Private Networks
To
meet their information infrastructure needs, corporations
have invested heavily in internal networks called intranets.
Intranets serve the employees at the corporate site, but not
employees on the road or telecommuting from home. To
accommodate the remote access needs of "road warriors" and
telecommuters, companies have set up remote access servers
to extend intranets into the field. Usually, a bank of
modems allows these users to dial in through public switched
telephone networks (PSTNs). Furthermore, employees at branch
offices require access to the same information and the same
resources, so private lines are used to interconnect the
various sites to make one corporatewide intranet.
Special arrangements are sometimes made to allow business
partners to have limited access to some part of the
corporate intranet.2 These networks, usually called
extranets, provide the means to improve the efficiency of
business information flow.
Each
form of access to the intranet, is a separate private
networking solution. This is true even when some aspects of
each solution, such as the underlying networking protocols
used, are the same. Each form of access also has its own
requirements for privacy—requirements that are met by
keeping data transmission on separate dedicated channels.
Public
Networks
t is
also imperative for a corporation to exchange information
outside the established private networks. This requires
access to a public networking infrastructure such as the
Internet.
In addition, the public network opens a new avenue of
commerce. It is now unthinkable for a corporation not to
have a presence in the World Wide Web. For many companies,
such as Amazon.com, there is no "brick and mortar"
storefront. The only place where they face customers is in
cyberspace.
Virtual Private Networks
Protection of private corporate information is of utmost
importance when designing an information infrastructure.
However, the separate private networking solutions are
expensive and cannot be updated quickly to adapt to changes
in business requirements.
The
Internet, on the other hand, is inexpensive but does not by
itself ensure privacy. Virtual private networking, is the
collection of technologies applied to a public network—the
Internet—to provide solutions for private networking needs.
VPNs use obfuscation through secure tunnels, rather than
physical separation, to keep communications private.
This introduction to VPNs covers the evolution of the VPN
market, and the latest technologies and solutions.
|