Types Of VPN
Types Of VPN
- Details
- Category: Network Technology
- Published on Friday, 26 September 2008 13:28
- Written by Administrator
- Hits: 6481
There are various types of VPN and some of them are mentioned here.
Leased Line VPN
One of the first types of VPN technology was the leased line. Simply put, two or more networks were connected using a dedicated line from the telephone company. These took the form of ISDN, T1, or frame relay lines. These type of connections are still used today, although they are rare because they are expensive, and other alternatives work just as well. The main strength of using a leased line is that is a circuit-based point-to-point connection. It does not use a public Internet link, so there is no latency caused by router hops, collisions, etc.These types of connection are expensive. This is because a physical "loop" of wire must be used to connect the destinations. Sometimes laying the loop is charged by the mile, or even by the foot. But because these are true point-to-point connections the maximum throughput is realistic. Meaning, a 128k ISDN line actually passes data at the rate all the time.
PPTP VPN
A commonly used method for VPN is PPTP. It is a software based VPN system that uses your existing Internet connection. By using your Internet connection, a secure "tunnel" is created between two points allowing remote users to connect to corporate offices and vice versa. You can setup this type of connection with various types of software, and you won't have to pay the teleco company any loop fees. See the diagram below:
Data must travel through the Internet. This means there is more room for collisions, latency, and packet loss. While PPTP is a cheap an easy solution, it does not work well for large networks, or bandwidth hungry applications. Another form of this is a L2TP VPN. L2TP performs the same functionality of PPTP, but is used to connect two or more networks and not just individual users.
ISP Managed VPN (MPLS)
The most popular type of VPNs today is managed by an ISP or other service provider. These VPNs operate on the same standards as the others, but the data is routed a little differently. See the diagram below:
These means that data is passed through these specific routers. These routers are controlled by the service provider and are part of a "private network." This means that normal Internet traffic will not pass through these routers making them less susceptible to collisions, latency and packet loss. This type of VPN is powered by a frame relay or MPLS technology. Frame relay is an older technology that is basically being phased out. It has several strengths, but MPLS is taking the VPN world by storm. MPLS (Multi-Protocol Label Switching) was originally designed to improve the store-and-forward speed of routers. MPLS was created as a team effort on the part of Ipsilon, Cisco, IBM, and Toshiba. These companies worked together as part of the IETF (Internet Engineering Task Force) and MPLS was born.
Remote Access (RAS) VPN
Under this application only a single VPN gateway is involved. The other party involved in negotiating the secure communication channel with the VPN Gateway is a PC or laptops that are connected to the Internet and running VPN Client software. The VPN Client allows telecommuters and traveling users to communicate on the central network and access servers from many different locations.
Benefit: Significant cost savings by reducing the burden of long distance charges associated with dial-up access. Also helps increase productivity and peace of mind by ensuring secure network access regardless of where an employee physically is.
Site-to-Site Intranet VPN
With Intranet VPN, gateways at various physical locations within the same business negotiate a secure communication channel across the Internet known as a VPN tunnel. An example would be a network that exists in several buildings connected to a data center or mainframe that has secure access through private lines. Users from the networks on either side of the tunnel can communicate with one another as if it were a single network. These may need strong encryption and strict performance and bandwidth requirements.
Benefit: Substantial cost savings over traditional leased-line or frame relay technologies through the use of Internet to bridge potentially long distances between sites.
Site-to-Site Extranet VPN
Almost identical to Intranets, except they are meant for external business partners. As such, firewall access restrictions are used in conjunction with VPN tunnels, so that business partners are only able to gain secure access to specific data / resources, while not gaining access to private corporate information.
Benefit: Businesses enjoy the same policies as a private network, including security, QoS, manageability, and reliability.