VPN Details

What is VPN?   


A Virtual Private Network (VPN) is a network technology that creates a secure network connection over a public network such as the Internet or a private network owned by a service provider. Large corporations, educational institutions, and government agencies use VPN technology to enable remote users to securely connect to a private network.

A virtual private network (VPN) protects your data and identity over public networks, like the Internet and wireless hotspots. Various protocols are used to create an encrypted tunnel that transports data securely. While a firewall may protect the data on your computer, a VPN will protect your data on the Internet. The goal of a VPN is to implement the same level of security provided by private networks at substantially lower costs.





A VPN can connect multiple sites over a large distance just like a Wide Area Network (WAN). VPNs are often used to extend intranets worldwide to disseminate information and news to a wide user base. Educational institutions use VPNs to connect campuses that can be distributed across the country or around the world.

In order to gain access to the private network, a user must be authenticated using a unique identification and a password. An authentication token is often used to gain access to a private network through a personal identification number (PIN) that a user must enter. The PIN is a unique authentication code that changes according to a specific frequency, usually every 30 seconds or so.

Protocols

There are a number of VPN protocols in use that secure the transport of data traffic over a public network infrastructure. Each protocol varies slightly in the way that data is kept secure.

IP security (IPSec) is used to secure communications over the Internet. IPSec traffic can use either transport mode or tunneling to encrypt data traffic in a VPN. The difference between the two modes is that transport mode encrypts only the message within the data packet (also known as the payload) while tunneling encrypts the entire data packet. IPSec is often referred to as a "security overlay" because of its use as a security layer for other protocols.

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) use cryptography to secure communications over the Internet. Both protocols use a "handshake" method of authentication that involves a negotiation of network parameters between the client and server machines. To successfully initiate a connection, an authentication process involving certificates is used. Certificates are cryptographic keys that are stored on both the server and client.

Point-To-Point Tunneling Protocol (PPTP) is another tunneling protocol used to connect a remote client to a private server over the Internet. PPTP is one of the most widely used VPN protocols because of it's straightforward configuration and maintenance and also because it is included with the Windows operating system.

Layer 2 Tunneling Protocol (L2TP) is a protocol used to tunnel data communications traffic between two sites over the Internet. L2TP is often used in tandem with IPSec (which acts as a security layer) to secure the transfer of L2TP data packets over the Internet. Unlike PPTP, a VPN implementation using L2TP/IPSec requires a shared key or the use of certificates.

VPN technology employs sophisticated encryption to ensure security and prevent any unintentional interception of data between private sites. All traffic over a VPN is encrypted using algorithms to secure data integrity and privacy. VPN architecture is governed by a strict set of rules and standards to ensure a private communication channel between sites. Corporate network administrators are responsible for deciding the scope of a VPN, implementing and deploying a VPN, and ongoing monitoring of network traffic across the network firewall. A VPN requires administrators to be continually be aware of the overall architecture and scope of the VPN to ensure communications are kept private.


Advantages & Disadvantages

A VPN is a inexpensive effective way of building a private network. The use of the Internet as the main communications channel between sites is a cost effective alternative to expensive leased private lines. The costs to a corporation include the network authentication hardware and software used to authenticate users and any additional mechanisms such as authentication tokens or other secure devices. The relative ease, speed, and flexibility of VPN provisioning in comparison to leased lines makes VPNs an ideal choice for corporations who require flexibility. For example, a company can adjust the number of sites in the VPN according to changing requirements.


There are several potential disadvantages with VPN use. The lack of Quality of Service (QoS) management over the Internet can cause packet loss and other performance issues. Adverse network conditions that occur outside of the private network is beyond the control of the VPN administrator. For this reason, many large corporations pay for the use of trusted VPNs that use a private network to guarantee QoS. Vendor interoperability is another potential disadvantage as VPN technologies from one vendor may not be compatible with VPN technologies from another vendor. Neither of these disadvantages have prevented the widespread acceptance and deployment of VPN technology.

Why use a VPN?

Most VPN's are used to add security. Today's world is evolving quickly and the security pitfalls of modern conveniences are often ignored. Public WIFI hotspots, common in airports and coffee shops, are a hackers dream because they offer streams of visible data waiting to be mined. Using a VPN keeps your information secure.

Deep Packet inspection is another growing concern. Many ISPs would like to analyze statistics from your online activities for marketing and routing purposes. Using a VPN thwarts efforts to conduct deep packet inspections.

Similarly, search engines and social networking sites, like Google and Facebook, are storing information about your online habits indefinitely. Since a VPN provides the user with a different IP address, these privacy invasions are also thwarted.

VPN services provide different gateway cities where the IP address assigned to your computer is located. This allows users to access websites only available to users from a certain country. This application is particularly important for travelers who need to access websites from their home country and for people living in regions rife with censorship, like China and Iran.

Protocols

PPTP is the most common VPN protocol. It uses TCP port 1723 and Generic Routing Encapsulation (GRE) to secure packets. The main advantage of PPTP is that all major operating systems and many smartphones can natively use PPTP without any additional software.

IPsec is a protocol suite developed with IPv6 and often used in conjunction with L2TP tunneling. IPSec VPN services usually require third party software. Associated licensing costs are one of the largest cons of IPsec.

SSL/TLS is the most common encryption protocol on the Internet. Many SSL VPN plans use the OpenVPN client. This free, multi-platform client and the vibrant community that supports it have helped SSL VPNs rise to prominence.

SSTP is the newest popular protocol. It transports PPP or L2TP packets through an SSL 3.0 channel. Since SSTP uses the common HTTPS port 443, it is hard to block in highly censored regions, like the Middle East. Unfortunately, SSTP is only available on Windows Vista and Windows 7 computers.


Compare VPN Service Providers

VPN services offer up different "gateway" cities, allowing you to choose where the IP address assigned to your computer is located. This allows you to access websites typically only available to users from that country. It also allows you to access websites that may blocked/censored in your own country. This application is particularly important for travelers who need to access websites from their home country, as well as for people living in regions rife with Internet censorship, such as China and Iran.



Enemies of the Internet:


Bahrain, Belarus, Burma, China, Cuba, Iran, North Korea, Saudi Arabia, Syria, Turkmenistan, Uzbekistan, and Vietnam.

Countries Under Surveillance:

Australia, Egypt, Eritrea, France, India, Kazakhstan, Malaysia, Russia, South Korea, Sri Lanka, Thailand, Tunisia, Turkey, and United Arab Emirates.

The OpenNet Initiative classifies the magnitude of censorship and/or filtering in a country in four areas.
The level of censorship is classified as below:

Pervasive: A large portion of content in several categories is blocked.
Substantial: A number of categories are subject to a medium level of filtering or many categories are subject to a low level of filtering.
Selective: A small number of specific sites are blocked or filtering targets a small number of categories or issues.
Suspected: It is suspected, but not confirmed, that Web sites are being blocked.
No evidence: No evidence of blocked Web sites, although other forms of controls may exist.
The classifications of the following areas:
Political: Views and information in opposition to those of the current government or related to human rights, freedom of expression, minority rights, and religious movements.
Social: Views and information perceived as offensive or as socially sensitive, often related to sexuality, gambling, or illegal drugs and alcohol.
Conflict/security: Views and information related to armed conflicts, border disputes, separatist movements, and militant groups.
Internet tools: e-mail, Internet hosting, search, translation, and Voice-over Internet Protocol (VoIP) services, and censorship or filtering circumvention methods.

How to use 

Step 1



Step 2


In Smart Phones :-


Step 3 :-



Complete.....


0 comments: