The figure below illustrates typical VPN applications with three categories of users requiring access to shared data
The need for a VPN is most evident when a company's internal network requires remote access by a secure link over the Internet. Access may be by a single user, for example a traveling sales person, or by another multiple user network such as a branch office.
Traditionally, access would have been by an 800 number dial-up, leased line or private line. These are expensive and limiting since they do not allow secure transfer between a private network and a member of the organization unless the connection is made through a dedicated leased or private line. download ultrasurf The solution that offers the most advantage and provides secure information interchange in all circumstances is a Virtual Private Network (VPN). A VPN allows members of a distributed private network to communicate freely and securely through an un-trusted public Internet network.
A VPN is created by installing security gateways (for example, Virtualfiler's VSUä series) at the interface between the private and public Internet network. A gateway is an intermediate device that acts on behalf of the private network that it protects. Gateways for remote users such as traveling salespeople are conveniently implemented as "client" software thus making additional hardware unnecessary.
HOW A VPN PROTECTS DATA
IP SECURITY (IPSEC) STANDARDS
SECURITY ASSOCIATIONS (SA)
UNIQUE SESSION KEYS BETWEEN COMMUNICATING PARTIES
THE KEY MANAGEMENT PROCESS
IKE MAIN MODE
COOKIE AND SA PROPOSAL EXCHANGE
DETERMINING THE RATE OF CHANGING KEYS
ENCRYPTION KEY GENERATION