Logout

3.1.4

Identify the technologies required to provide a VPN.

 

Teaching Note:

 

Sample Question:


JSR Notes:

(For additional information, by way of an introduction, I can whip through a PowerPoint presentation on my hard drive: VPN_Technology.ppt on my hd.)

VPN Basics

Recall the various kinds of networks from the 3.1.1 notes and the diagram for VPN:

The basic idea is that you use existing network infrastructure to make a "virtual" network running over top of it, and you do so securely by encrypting your data that is sent across it. "Virtual" means that it seems to be your own private network that others cannot see into, but yet it is actually not a separate, secure network. There are no dedicated leased lines, i.e. cables, that are dedicated to this network alone; rather, the network is virtual. (Think of other uses of the word virtual: virtual reality, virtual high school, or a topic we covered recently, virtual memory - it's not real RAM, it's actually the hard drive being used, but it seems to be real RAM.)

Here's a good, slick video about the basics of what a VPN is.


Large Scale & Small Scale VPNs

Companies Use of VPNs

Often companies will use VPN technology to set up large scale VPN networks for their employees, so that they can work in various geographic locations, but still be sharing a safe, private network. These are referred to as Site-to-Site VPNs, and along with enabling remote connections for traveling employees, these are primarily set up to provide encrypted pathways between different LANs the company operates in different geographic locations. This gives the company the same capabilities as private leased lines at much lower cost by using the shared public infrastructure. (Note that this is not the same thing as WANs, in which dedicated communication lines are set up and/or leased. There are obvious cost benefits to the VPN option, but more security with the WAN option.)

Individuals' Use of VPNs

On a much smaller scale, individuals or small groups can use services to quickly set up small VPNs for a variety of purposes. We can categorize them as full VPN services, primarily remote connection services (otherwise know as "remote desktop"s), and primarily proxy services.

Full VPN services will offer all types of VPN advantages by making your computer seem to be part of a large network that has multiple resources. It will seem as if your computer is part of that network - so you can log into other computers on that network, take advantage of shared data and applications, use printers and other shared hardware resources, and anything else provided by that virtual network. Examples of subscription based (full) VPN services include:

Primarily Remote Desktop Apps - this is usually a one-computer-to-one-computer connection. Individuals will use these services for controlling one of their other devices remotely, so for example, controlling their home computer from work, or vice versa. Another common use of remote desktop applications is when a technician takes over your computer remotely to fix it. It seems like he/she is right there, managing your computer, as the mouse magically moves around while they control, and fix your computer. Examples include:

Primarily Proxy Services - use of a proxy server is simply routing your Internet activity through another server. A proxy server can be used for a variety of reasons, such as pretending to be connecting from a different country so you can access content blocked in your own country, taking advantage of the proxy server's more robust filtering and/or protection, or simply to disguise your identity by using the proxy server's IP address instead of your own. Examples include:

 

Also note that now, some browsers now support VPNs as part of their core functionality. For example, the browser Opera.

 

__________________________________________________

 

VPN Technologies

(For the technologies of VPNs, this time, I'll actually start with the summary, and then go into more details.)

Summary of The Technologies Needed for VPNs (Virtual Private Networks)

You can - for your canned answer - simply identify (if that's all the question asks) the technologies needed for VPNs as:

- VPN Software Technologies:

- Hardware Technologies Needed for VPNs:

- Examples of Protocols Used for VPN connections:

(Do note that in terms of the assessment statement, this is what you need to focus in on, but, of course, if you don't know what VPNs are and how they are used in the first place, then this information is out of context. But another thing about the assessment statement is that it's an "identify", so there's no need to go into great detail about how any of these work and/or are implemented; rather you just need to be aware of them, and roughly what they mean.)

 

 

Details

The prime feature of a VPN is that it is secure. The security is created on two levels. At the data level, the data itself is encrypted. And at the level of the network, a separate, secure "tunnel" is effectively made through another existing network. An analogy of this double protection could be a thief in disguise sneaking through a secret tunnel.

We can break down the technologies needed for VPNs into three categories: Software/Algorithmic, Hardware, Protocols.

Software/Algorithmic:


Hardware:



(Don't worry about the details of this diagram, just get the general drift that a lot of stuff being sent is encrypted, and that there needs to be a PPTP server (here labeled VPN Device) at both ends of the connection.)


Protocols:

Firstly, a reminder of what a "protocol is": it is an (often internationally) agreed upon set of policies and procedures, usually related to some sort of communication or interchange. There are protocols for all sorts of things, not just technology, like the way that visiting dignitaries to a foreign country inteact with various other leaders. The other main networking protocol we have looked at in this Topic 3 is TCP/IP protocol of Internet communication.

So now onto the protocols followed/used for VPN connections. There are three good examples of protocols commonly used:

 

* Note that Tor (from it's original name "The oninon router") is not a VPN service. There is no security/encryption involved. It simply provides anonymity for those who use it, via an "onion" layer made by volunteers who are part of the community and who supply and manage the 7000 or so relays of this "onion skin" over top of the Internet.

 

_____________________________________________________

 

And, back to the assessment statement, remember that in terms of the overall structure of an answer on an exam regarding this assessment statement, it should be something like this:

- The technologies required to provide a VPN can be organized into software/algorithms, hardware, and protocols. Software/algorithms required include...., hardware includes... and protocols include... (with brief phrases demonstrating you know what each is, yet allowing you to answer within 7 minutes for a 5 mark question, for example.)

 

Other Links:

What is a VPN?
VPN, An intro.
Reasons to use VPNs
How a VPN works.

Finally, there's no need to get into tons of very difficult to understand details, but if a couple of you want to, this is a great video.