Why to Deploy a VPN

by Krelle Xijao.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on network security  

You are here: Categories » Electronics and communication » Network security

The motivation behind building VPNs is spread along different sectors of human nature, be it cost reduction or privacy of the communication. The common part lies in virtualization of communications by using modern means of secure data transfer.

The basic advantage for VPN communication lies in a cost reduction for interconnecting remote sites. The current alternative to VPN solutions is purchase of a leased line or introduction of a Remote Access Server (RAS). Dedicated lines are usually installed for mission-critical applications that require a lot of guaranteed throughput between the nodes, when data transfer over the public data networks (PDNs) is seen as unreliable and their service availability can not be guaranteed. Installation of a point-to-point wireless link can provide another cheap alternative, but would it be sufficiently secure?

Modern communication systems exhibit a high fixed-cost component such as installation and maintenance, with the variable cost component (e.g., bandwidth) accounting for a much smaller proportion of the total cost of ownership. A properly designed and implemented VPN might become a more attractive solution involving one "fat pipe" accommodating all the communication needs of an organization with VPNs running through it. A sufficiently wide radio frequency data carrier can constitute such a fat pipe.

On the other hand, the second major motivator for VPN deployment is the increased need for privacy of data communications. All externally transmitted internal communications must be separated from the external observer through the use of strong cryptography and authenticity.

The traditional secure solution that enables external clients to access internal resources is the deployment of RAS. However, affiliated costs of maintaining the equipment and the associated costs of telephone calls can aggravate the attractiveness of such a tactic.

With respect to wireless networks, at least until the final 802.11i draft is out, the main motivator for wireless VPN deployment lies in the price–performance ratio of adding an extra layer of protection to otherwise vulnerable wireless communications. The traditional 802.11a/b/g authentication and encryption mechanisms on their own cannot offer sufficient protection against experienced attackers. Whereas 802.11x with a RADIUS server is way out of reach for the standard SOHO wireless network, most of the marketed network security devices can run a decent VPN, achieving a similar level of protection.

Share
Leave a comment or ask a question
Total comments: 0

Network security Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Suspicious Events on WLAN - Once a sufficient number of network behavior statistics are gathered, a proper wireless IDS can start looking for the suspicious events indicating the possibility of malicious attack. These eve (more...)
Reasons why Wirelwss Networks are hacked - In the "good old days," Internet access was a privilege of the few and many used to try getting access by all means possible. A common way to achieve unauthorized access was wardialing, or call (more...)
Wireless Crackers: Who Are They - Knowing what kind of individual might launch an attack against your wireless network is just as important as being aware of his or her motivations. From the motivations already outlined, it is (more...)
Wireless Security Policy - The first thing to start from when deploying and securing a corporate wireless network is a design of a proper wireless security policy. The best source of information on writing a detailed a (more...)
The Usefulness of WEP Closed ESSIDs MAC Filtering and SSH Port Forwarding - This brings us to the topic of enabling WEP, closed ESSIDs, and MAC filtering as protective measures. Such defenses are "bypassable", you know how to do it. However, there are still sound reaso (more...)
Layer 1 Wireless Security Basics - Let's build on the more technical aspects of the discussed policy considerations. We'll start from physical layer security. The physical layer security of wireless networks encompasses avoiding (more...)
Network Vulnerability Analysis - Vulnerability analysis, sometimes called vulnerability scanning, is the act of determining which security holes and vulnerabilities may be applicable to the target network. In order to do this, (more...)
Wireless attacks at Corporations Small Companies and Home Users - There is a general misconception that only large enterprises are at risk from cracking, wireless cracking included. This is a myth, but it is very prevalent. Large corporations are where the mo (more...)
Practical Use of Asymmetric Cryptography: Key distribution Authentication and Digital signatures - The basic idea of using asymmetric cryptography is distributing public keys while keeping the private keys private and using a person's public key to encrypt data sent to this particular indivi (more...)
Deploying a Linux Based Custom Built Hardened Wireless Gateway - We have to ensure the security of the gateway that separates our AP or bridge or wireless-connected VLAN from the wired side. Such gateways are nothing more (or less) than a flexible stat (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.