VPN

What is VPN
An arrangement that provides connections between:
Offices remote workers and the Internet

Without requiring a dedicated Line

Also known as private networks between sites

VPNVPN-Remote Access, and Interoffice Connections

Rational for VPN Between Offices Productivity Away from the Office VPN Technology

Between Offices
Shared circuits within the carrier networks Adding capacity to a VPN is:
Simpler than adding a high-speed highCustomer needs only high-speed from its highbuilding to the carrier s network

Productivity Away from the Office

Overcomes dial up costs and slowness Access via a browser to corporate data bases is the same
at home or in the office

Newer VPN Technology

VPN Site-to-Site Site-toMPLS IP VPNs

Secure Access on VPNs for Remote Access

IPSec (Internet protocol security) SSL (Secure socket layer) security

Secure Access on VPNs for Remote Access

IPSec (Internet protocol security) - requires client software on computers
Established a secure, encrypted link to a security device at the carrier or the enterprise.
THIS IS TUNNELING

SSL (Secure socket layer) security method.

is a newer VPN

Access is embedded in browsers so the organizations are not required to install special client software in each users computer.

Rational for VPN Between Offices

Employees Branch Offices Business Partners

MPLS (Multiprotocol Label Switching)

VPNs Everyone-to-Everyone Link Everyone-toClasses of Service Prioritize Particular Traffic Electronic Tags on MPLS packets Service Components

VPNs Everyone-to-Everyone Link Everyone-to-

Customer provides to SP
A list of IP addresses for each site in the VPN

Carrier uses the list to define a closed group of users allowed to communicate with each other

Classes of Service Prioritize Particular Traffic

Customer chooses 4-5 classes of service 4Used to define priority Data, voice, video (low class high)

Electronic Tags on MPLS packets MPLS attached tags to packets Router reads tags and sets priority Bypass the routing table lookup Good VoIP feature

Service Components
T1 typical to carrier Separate access lines
MPLS (trusted sources) Internet (high levels of security)

VPNs Everyone-to-Everyone Link Everyone-toMess service MPLS VPN traffic is carried separately from public internet traffic to guarantee levels of service. IP VPNs site-to-site using the public Internet site-towith IPSec IPSec creates a tunnel for each packet Tunnel hides the destination IP address Scrambles data by encrypting it

VPNs for International Connectivity

IPSec VPNs Public internet-Based VPNs internetfor Intersite Connections NetworkNetwork-Based IPSec VPNs private IP Networks over carrier

IPSec VPNs Public internet-Based VPNs for internetIntersite Connections

The VPN provider manages the intercountry portion of the network Carrier s POP refers to the site where its equipment resides NTT, BT, AT&T, Infonet, MCI, Sprint, Equant all offer intercontinental service.

The End