A virtual area network connects the components and resources of one network over another network by allowing the user to tunnel through the Internet or another public network, giving the participants the same security and features as those available in private networks . VPNs allow telecommuters, remote employees, or even branch offices to connect in a secure fashion to a corporate server using the routing infrastructure provided by a public internetwork (such as the Internet). From the user’s perspective, the virtual area network is a point-to-point connection between the user’s computer and a corporate server
The secure connection across the internetwork appears to the user as a private network communication—despite the fact that this communication occurs over a public internetwork—hence the name.
Some of the common uses of VPN are listed as follows:
- Remote user access over the Internet: VPNs provide remote access to corporate resources over the public Internet, while maintaining privacy of information.
- Connecting networks over the Internet: The VPN software uses the connection to the local ISP to create a virtual private network between the branch office router and the corporate hub router across the Internet.
- Connecting computers over the Internet: VPNs allow the department’s LAN to be physically connected to the corporate internetwork but separated by a VPN server. The network administrator can ensure that only those users on the corporate internetwork who have appropriate credentials can establish a connection with the VPN server and gain access to the protected resources of the department. All communication across the VPN can be encrypted for data confidentiality.
The requirements for VPN are the following:
- User authentication: The solution must verify a user’s identity and restrict VPN access to authorized users. In addition, the solution must provide audit and accounting records to show who accessed what information and when.
- Address management: The solution must assign a client’s address on the private net, and must ensure that private addresses are kept private.
- Data encryption: Data carried on the public network must be rendered unreadable to unauthorized clients on the network.
- Key management: The solution must generate and refresh encryption keys for the client and server