Virtual provide networks provide a way of communicating securely over an ordinary internet connection. For individuals using one of the many VPN subscription services means greater privacy and the ability to access websites that might be blocked for geographical or other reasons.
But VPNs have uses in business too, allowing remote workers secure access to corporate data, and the safe use of public Wi-Fi networks for example.
How VPNs work
In simple terms a VPN uses a public network, usually the internet, to connect private sites and users together. Although VPN connections are routed through the internet, they’re encrypted so that even if the data is intercepted it can’t be read.
The method of achieving this is generally known as ‘tunnelling’ this involves placing a network packet inside another packet before it’s sent over the internet. The outer packet shields the inner one from public view, so it moves through the internet in a virtual tunnel before being unwrapped when it reaches its destination. This process is called encapsulation, and is carried out using a tunnelling protocol.
The VPN relies on a protocol to encrypt data entering the tunnel and decrypt it at the other end. This is usually internet protocol security protocol (IPSec), point to point protocol (PPP), or generic routing encapsulation (GRE). There’s also the option of OpenVPN based on open source code.
The most common way of making secure connections is via a remote access VPN. This uses a network access server – sometimes referred to as a remote access server or media gateway. This can be a physical server or a virtual machine sharing hardware with other servers. The user connects to the network access server from the internet in order to establish a link to the VPN, the server will authenticate the user’s credentials before allowing access.
At the user end of things client software is required in order to connect. Windows and other popular operating systems have a built-in ability to handle remote access VPN connections, but depending on the chosen a VPN some specific client software may be needed. Remote access networks are best suited to the needs of field workers and individuals working from home.
Where a business has multiple offices each supporting groups of employees the VPN needs to provide a site to site connection. This effectively extends the business’ head office network to a remote location.
A site to site VPN uses similar hardware to a remote access VPN, but because the systems are connected at the network level it should eliminate the need for each user’s machine to run client software.
When it comes to setting up a VPN there are no common standards, the decision on which components and protocols to adopt is down to your business needs. There have, however, been attempts by bodies like the Virtual Private Network Consortium to promote greater interoperability between suppliers. Large companies may choose to have a service provider set up the whole thing and keep the network access server running smoothly. Smaller businesses may prefer to adopt one of the off-the shelf VPN packages similar to those aimed at consumers.
It’s also now possible to build a VPN in the cloud. Services like Microsoft’s Azure Virtual Network offer a choice of protocols and the ability to retain your own IP addresses among other features.
Advantages for business
VPN use is attractive for business in a number of ways. A business can extend all of its intranet's resources to employees working from remote offices or their homes for example. It can also cut costs by allowing wide area connections between multiple locations without the need for leased line connections between them. Using VPNs can cut travel costs too as there’s less need for field workers to return to their base if they can access systems remotely.
Other advantages are improved security for exchanging data so employees can take advantage of public networks. VPNs provide remote offices and employees with the ability to use a business intranet over an existing internet connection with the same access as if they were directly connected to the network.
What to look for
When considering implementing a VPN there are a number of things that businesses need to look for. The main consideration is security, as we’ve seen there are a number of different technologies and protocols available, so it’s important to choose the one that best meets your business needs. Of course your VPN needs protect data while it's en route via the public network. If intruders do to capture the data, they should be unable to read or use it.
If you’re relying on VPN for your business you need a reliable solution. Your remote locations and employees need to be able to connect at appropriate times and you need a consistent quality of connection regardless of the number of connections. The network also needs be scalable so that as your business grows you can increase the number of VPN connections without needing to replace the technology.
It is possible to set up your own VPN but if you’re sourcing an off-the-peg solution you need to look carefully at the supplier’s offering in light of the above considerations. Many low cost solutions will involve some sort of compromise which – whilst it might be acceptable for consumers – wouldn’t be suitable for business use. Whatever type of solution you choose it’s important to factor in the costs of ongoing management.
As more systems move to the cloud some people have begun to question the need for VPNs. As cloud applications often have their own encryption using technologies like SSL to protect data in transit, the only advantage VPN offers enterprises is protecting access to the company network.
As more corporate data moves to cloud services the need for VPNs is therefore likely to decline. For now though they still offer a valuable way for companies to take advantage of increased demand for remote access to systems without having to worry about keeping data safe.