VPN is a technology used to setup a private network over the internet to share the resources of a corporate intranet with remote users and other office locations of the company. People can also use VPN to access their home network.
VPN is a personal network created over the internet The devices connected to a VPN can have a continuous communication, regardless of any physical or digital barriers in the mid-way.
A VPN is like your private lounge on the internet where you can hang out without interference from other people. It allows you access your home network or the corporate network of your company even if you’re in some other corner of the world.
Two Types of VPNs
Mainly, VPNs are of two kinds, namely, Remote Access VPN and Site-to-Site VPN. The second kind site-to-site virtual private networks have further sub-types.
Remote Access VPN
When we talk about Remote Access VPN, we are talking about giving someone access to an existing private network over the internet. The private network can be a network setup by some corporate organization equipped with database and network hardware related to the organization or any of their project.
Because of remote access VPN, there is no need for an employee to connect to his company’s network directly. He can do so with the help of necessary VPN client software and credentials given by the firm.
Remote Access VPNs aren’t the buzzwords for the corporate sector only. Home users can also leverage them. For instance, you can setup a virtual private network at your home and use the credentials to access it from somewhere else. This way, the websites you visit will see the IP address of your home network rather than your actual IP address.
Moreover, most of the VPN services you see in the market are an example of remote access VPN. These services mainly help people eliminate geographical restrictions on the internet. These limitations are probably there because of government-led blocking, or if a website or service is not accessible in a particular region.
Site-to-Site VPN
The word ‘site’ in this case refers to the physical location where a private network exists. It is also known as LAN-to-LAN or Router-to-Router VPN. In this type, two or more private networks in different parts of the world are connected to each other over the network, all serving as one single virtual private network on the internet. Now, there are two sub-kinds of site-to-site virtual private networks.
Intranet Site-to-Site VPN:
We call it intranet site-to-site VPN when different private networks of a single organization are clubbed together over the internet. The can be used to share resources across various office locations of the company. One other possible way would be laying separate cable across different office locations, but that won’t be feasible and might incur high costs.
Extranet Site-to-Site VPN:
There can be a need to connect the corporate networks belonging to different organizations. They might be collaborating on a project involving resources from both the organizations. Such virtual private networks created are known as extranet site-to-site VPNs.
How does a VPN work?
The working of VPN is not a terrible deal to understand, though it is. But, before that, you need to get an idea of the protocols, or set of rules in laymen terms, used by VPN in providing a secure personal network.
SSL (Secured Socket Layer): It uses a 3-way handshake method for assuring proper authentication between the client and server machines. The authentication process is based on cryptography where certificates, behaving as cryptographic keys already stored on the client and server sides, are used for initiating the connection.
IPSec (IP Security): This protocol can work in transport mode or tunneling mode so that it can do its job of securing the VPN connection. The two modes differ in the sense that the transport mode only encrypts the Payload in the data, i.e. only the message present in the data. The tunneling mode encrypts the entire data to be transmitted.
PPTP (Point-To-Point Transfer Protocol): It connects a user located at some remote location with a private server in a VPN network, and also uses the tunneling mode for its operations. Low maintenance and simple working make PPTP a widely adopted VPN protocol. Further credit goes to the inbuilt support provided by Microsoft Windows.
L2TP (Layer Two Tunnelling Protocol): It facilitates the tunneling of data between two geographical sites over the VPN network, often used in combination with the IPSec protocol which further aids to the security layer of the communication.
So, you have a rough idea about the various protocols used in a VPN. We shall proceed further and see how it works. When you connect to a public network, for example, free WiFi networks at airports, you can assume that all your data is flowing through a big tunnel along with the data of other users.
So, anyone who wants to spy on you can easily sniff your data packets from the network. When VPN comes into the scene, it provides you a secret tunnel inside that big tunnel. And all your data is transformed into garbage values so that no one can recognize it.
Setting up a VPN Connection involves Three Phases:
Authentication: In this step, data packets are first encapsulated, basically wrapped inside another packet along with some headers and other stuff are attached. All of this conceals the identity of the data packets. Now, your device initiates the connection by sending a Hello request to the VPN server, which replies with an acknowledgment and asks for the user credentials to clarify the authenticity of the user.
Tunneling: After the authentication phase is finished, what we can say, an imaginary tunnel is created which provides a direct point to point connection through the internet. We can send whatever data we want to via that tunnel.
Encryption: After we’ve successfully created the tunnel, it can transfer whatever information we want to, but that information is still not safe if we use a free VPN service. That’s because other people also use it. So, we encrypt the data packets before sending them over the tunnel, thus, barring any other user to peep into our packets, as he will only see some unrecognizable rubbish data flowing through the tunnel.
Now, if you want to access a website, your device will send the access request to the VPN server which will then forward the request to the website in its name and receive the data from it. Then this data will be sent to your device. And the website will think, the VPN server is the user and it will find no trace of your or your device as the actual user. Unless you transmit some personal information over the connection. For example, your identity can be known if you access a social networking website like Facebook or Twitter,
A VPN connection is used to provide direct access to a corporate network to a user who is not in the geographical coverage of the network. Logically, the remote user is connected just like a regular user who is using the network within the corporate premises.
VPN is also used to provide a homogenous network environment to a corporate firm having its office locations in different parts of the world. Thus, creating an uninterrupted sharing of resources bypassing the geographical hurdles.
Other uses include accessing those services on the internet which are not available in a particular country or region, accessing censored content or if a user only wants to remain anonymous on the web.
Pros and Cons:
The biggest advantage of using a VPN is the cost effectiveness it facilitates in providing a single private network in comparison to using separate leased lines which can burn the pockets of corporate firms. All credited goes to the internet, for acting as the medium for uninterrupted VPN connections.
Apart from all the right things VPN does for us, it has its weak sides too. Not having a streamlined procedure for ensuring Quality of Service (QoS) over the internet, is the biggest incapacity VPN technology has in its possession. Furthermore, the level of security and authenticity outside the private network is beyond the purview of VPN technology. The incompatibility between different vendors only adds to its bunch of drawbacks.
Popular VPN services:
HideMyAss, PureVPN, VyprVPN, all these are well known for their QoS and security they provide in their VPN connections.
Cyber Ghost, Surf Easy, Tunnel Bear are some free VPN services you can use if you don’t want to shell out your pocket. But you’ll have to satisfy yourself with fewer features, download limits, or advertisements. Also, these free services can’t beat the paid services, note that.
VPN on Android:
You can also setup a VPN connection on your smartphones running Android OS. It allows you to access your company’s private network right on your Android device. VPN also facilitates a network administrator to control your device, add or delete data and track your usage.
Winding Up:
VPN has so far equipped us with an extraordinary level of security and anonymity we can accomplish while sharing our confidential data over the internet. Corporate giants have always admired the ease and uniformity they can engineer in their network while using VPN. Though it has its limitations, but VPN has outperformed our expectations. We should praise VPN for the cost effectiveness it provides in its operations.