Logout

3.1.4

Identify the technologies required to provide a VPN.

 

Teaching Note:

 

Sample Question:


From Sample Paper 1 2014:

 

JSR Notes:

More on What VPNs Are

Refer to the diagram of various kinds of networks from the 3.1.1 notes. But the basic idea is that you use existing network infrastructure to make a "virtual" network running over top of it, and you do so by encrypting your data that is sent across it. So "virtual" means that it seems to be your own private network that others cannot see into, but yet it is actually not a separate, secure network. (Think of other uses of the word virtual: virtual reality, virtual high school, or best, virtual memory - it's not real RAM, it's actually the hard drive being used, but it seems to be real RAM.)

Here's a good, slick video about the basics of what a VPN is.

Examples of Remote Connection clients available using the Internet:

With any of these, you can set up an encrypted connection between your computer and another computer. *Though do note that some of the features of HideMyAss, for example, and as its name implies, are proxy services rather than VPN. When you use a service to hide your identity, i.e. to not pass on your computer's IP address, rather to pass on some random IP address of theirs, you are using them as a proxy to hide you identity.

 

 

(I'll actually start this time with the summary, and then go into more details.)
Summary of The Technologies Needed for VPNs (Virtual Private Networks)

You can - for your canned answer - simply identify (if that's all the question asks) the technologies needed for VPNs as:

- VPN Software Technologies:

- Hardware Technologies Needed for VPNs:

- Examples of Protocols Used for VPN connections:

(Do note that in terms of the assessment statement, this is what you need to focus in on, but, of course, if you don't know what VPNs are and how they are used in the first place, then this information is out of context. But another thing about the assessment statement is that it's an "identify", so there's no need to go into great detail about how any of these work and/or are implemented; rather you just need to be aware of them, and roughly what they mean.)

 

 

Details

We can break down the technologies needed for VPNs into three categories: Software/Algorithmic, Hardware, Protocols.

Software/Algorithmic:


Hardware:


(Don't worry about the details of this diagram, just get the general drift that a lot of stuff being sent is encrypted, including the data itself, and the IP address being sent from and to, and that there needs to be a PPTP server at the company/organization end of the connection.


Protocols:

(Firstly, what a "protocol is". It is an agreed upon set of things/policies/procedures, quite often internationally agreed. There are protocols for all sorts of things, not just technology. An example of an internationally agreed upon protocol for secure international travel through airports is as follows. Each international airport should follow the protocol of:

 

So now onto the protocols followed/used for VPN connections. There are two good examples of ones that are commonly used:

 

 

 

---------------------------------------------------------------------------------------------------------------------------------------------------

"Beyond the Basics" About VPNs - this is not necessary, buy you're welcome to read on

There are two ways of grouping/describing VPNs, by how secure they are (Secure, Trusted, or Hybrid), and by whether it's whole networks being connected into one big virtual network (Site-to-Site VPN), or just an individual computer remotely connecting to another (Site-to-Site VPN).

Here, do refer directly to the St. Julian page on these two groupings.

But basically, if it's a Secure VPN set-up, you are not relying on a service provider to keep from accessing your data, whereas if it's a Trusted VPN, it is technically possible for them to unencrypt your data, and you are trusting them not to.

And Remote Connection VPN is used by individuals, whereas Site-to-Site VPNs are exactly what the name implies; by using the Internet, a company or organization with different locations around a city or the world, can seem to have one private network by setting up a VPN between the various LANs. Note that this is different from a Wide Area Network; in this case there are actual (non-Internet) physical connections (wired or wireless) between the various LANs. Obviously the Site-to-Site VPN has that major advantage of cost, but the WAN has the advantage of being much more secure.

 

 

A few last things:

Recall the in-class example of using LogMeIn.com to create a VPN from my laptop to my desktop computer. And then how I curiously used the school's LAN and the Remote Desktop application to connect to the Dublin computer (so that part of the demo was not using a VPN).

There's no need to get into tons of very difficult to understand details, but if a couple of you want to, this is a great video.

 

And, back to the assessment statement, remember that in terms of the overall structure of an answer on an exam regarding this assessment statement, it should be something like this:

- The technologies required to provide a VPN can be organized into software/algorithms, hardware, and protocols. Software/algorithms required include...., hardware includes... and protocols include... (with brief phrases demonstrating you know what each is, yet allowing you to answer within 7 minutes for a 5 mark question, for example.)

 

Jose: The difference between VPN and proxy:

Proxy: just routing through another server, for reasons such as: pretending to be in another country/location, or routing all your internet traffic through a proxy service with robust filtering of content and protection.

A VPN is just any network in which all traffic is encrypted.

A proxy server in another country could well be VPN server, but it does not have to be. A proxy can be used without an onion layer.

And a great video explaining Onion layer, TOR and darkweb: https://www.youtube.com/watch?v=mUP0tx7Ib2w

Difference between dark and deep web: dark, encrypted/VPN, deep, just not indexed to be publicly searched.