w

w



 w 



!"
"#!"$
#! !%&

[From Gartner Consulting]


w '
ð wirtual Private Network is a type of private
network that uses public telecommunication,
such as the Internet, instead of leased lines to
communicate.

ð Became popular as more employees worked in

remote locations.

ð Terminologies to understand how wPNs work.

 & (!
&)
w$& (!
¢ mployees can access the network (Intranet)
from remote locations.

¢ Secured networks.

¢ The Internet is used as the backbone for wPNs

¢ Saves cost tremendously from reduction of

equipment and maintenance costs.

¢ Scalability

*!%%w$&
(!

(From Gartner Consulting)

 +&&(!+,!(
!
uTwo connections ± one is made to the
Internet and the second is made to the
wPN.
uDatagrams ± contains data, destination
and source information.
uFirewalls ± wPNs allow authorized users
to pass through the firewalls.
uProtocols ± protocols create the wPN
tunnels.
 r!$ %r$%!
¢ [uthentication ± validates that the data was
sent from the sender.
¢ [ccess control ± limiting unauthorized users
from accessing the network.
¢ Confidentiality ± preventing the data to be
read or copied as the data is being
transported.
¢ Data Integrity ± ensuring that the data has not
been altered
 %-!
Œncryption -- is a method of ³scrambling´
data before transmitting it onto the
Internet.

ŒPublic Key ncryption Technique

ŒDigital signature ± for authentication

 $.
[ virtual point-
point-to
to--point connection
made through a public network. It transports
encapsulated datagrams.
Original Datagram

ncrypted Inner Datagram

Datagram Header Outer Datagram Data [rea

Data ncapsulation [From Comer]

(!-!+#-!
¢ Õemote [ccess
¢ Site-to-Site
 r!$!!%!$#w
ðPPTP -- Point-
Point-to
to--Point Tunneling Protocol

ðL2TP -- Layer 2 Tunneling Protocol

ðIPsec -- Internet Protocol Security

ðSOCKS ± is not used as much as the

ones above
w %-$!!+%
 -!+ *-*!
¢ hat does ³implementation´ mean in
wPNs?

¢ 3 types
¢ Intranet ± ithin an organization
¢  tranet ± Outside an organization
¢ Õemote [ccess ± mployee to Business
w

 

w

 
  

 Device Types
Ñ hat it means

Ñ 3 types
Ñ Hardware
Ñ Firewall
Ñ Software
 Device Types: Hardware
Ñ Usually a wPN type of router

! !
‰ Highest network throughput ‰ Cost
‰ Plug and Play ‰ Lack of fle ibility
‰ Dual-purpose
 Device Types: Firewall
Ñ More security?

! !
‰ ³Harden´ Operating System ‰ Still relatively costly
‰ Tri-purpose
‰ Cost-effective
 Device Types: Software
Ñ Ideal for 2 end points not in same org.
Ñ Great when different firewalls implemented

! !
‰ Fle ible ‰ Lack of efficiency
‰ Low relative cost ‰ More labor
training required
‰ Lower
productivity; higher
labor costs
 #&.
w )
#&.
 #&. ! &.
Ñ liminating the need for e pensive long
long--distance
leased lines
Ñ Õeducing the long-
long-distance telephone charges
for remote access.
Ñ Transferring the support burden to the service
providers
Ñ Operational costs

Ñ %!w  &. %$!

 #&. %/
ðFle ibility of growth

ðfficiency with broadband technology

 #&.
wPNs require an in-
in-depth understanding of
public network security issues and proper
deployment of precautions

[vailability and performance depends on factors

largely outside of their control

Immature standards

wPNs need to accommodate protocols other

than IP and e isting internal network technology
--%! 00!
--%!  !00 w 
Large-scale encryption between multiple
Large-
fi ed sites such as remote offices and
central offices

Network traffic is sent over the branch

office Internet connection

This saves the company hardware and

management e penses
 00!
 !00 w 
--%!
*!%%
Œncrypted connections between mobile or
remote users and their corporate networks
ŒÕemote user can make a local call to an ISP, as
opposed to a long distance call to the corporate
remote access server.
ŒIdeal for a telecommuter or mobile sales people.
ŒwPN allows mobile workers & telecommuters to
take advantage of broadband connectivity.
i.e. DSL, Cable
 #$"w
¢ ,%
,%enables
enables the transferring of confidential patient
information within the medical facilities & health care provider

¢ "$+%$.
"$+%$.:: allow suppliers to view inventory & allow
clients to purchase online safely

¢
 able to securely transfer sales data or customer info

between stores & the headquarters

¢ .1r% enables account information to be

transferred safely within departments & branches

¢ =$ communication between remote

employees can be securely e changed
 %r!*=
%r!*=00
!$.2
! 
"  $ 

#
! 
"  #" 

"$
&$
 
 


 
  å

  








! %

½
 



 !*$$.w
CwS Pharmaceutical Corporation upgraded their
frame relay network to an IP wPN

IT Foilmark secured remote location orders,

running reports, & internet/intranet
communications w/ a 168-
168-bit encryption by
switching to OpenÕeach wPN

Bacardi & Co. Implemented a 21-

21-country, 44
44--
location wPN

!
 w 
=!.r$$'
wPNs are continually being enhanced.

 quant Nw
[s the wPN market becomes larger, more
applications will be created along with
more wPN providers and new wPN types.
Networks are e pected to converge to
create an integrated wPN
Improved protocols are e pected, which
will also improve wPNs.
 !-3$45
3)6
w


a
a
 

 
a
a
 


a


a


 
 
 !-3$45
)6
w



a
a
 

w

w




w



 w
 


  

 
 
 



  
 w

 

 

 
 

 
   

  
 !-3$45

3)7



   w


  
 !-3$45
)7
   w

  


‰ 
‰ 
‰ 


! "# 

  $  
w
 
  %
   
 
w
  
 !-3$45

3)8
  

 !-3$45
)8








 !-3$45

3)9
    w
  
 
 
  & 


 
   '

(



 (   


(
  ( 


 !-3$45
)9
   w
 






   w
   

      
 

   
 
     
  

 

 
  !
 
 

w

 !-3$45

3):
!w

 

 

(  
 (    
 

   

    


    
  

 

 

(  (

 
  
  

   w



 

  
 


) 
 

  

 !-3$45
):
!w

 

 



aa

a


a



a


 

a
a

aa

a