Virtual privacy
- — 20 January, 2006 12:06
Out on the road and need to access your office LAN? Worried about security? Fear not, Roger Gann can show you the way.
Remote access is now more of a necessity than a luxury for business users who need to access files on an office network when they're on the road or working from home. If the remote PC has Internet connectivity via modem, broadband or through a LAN (local area network), and the office network has a permanent connection to the Internet, the most cost-effective way for remote users to connect is by creating a VPN (virtual private network).
So, rather than laying your own personal network cable across the globe, you use a public network - the Internet - as your connection medium. As the Internet is by its very nature insecure, you place your private network traffic inside a secure "wrapper" to stop eavesdroppers accessing your data. The result is a VPN inside a physical public network, a great solution to wide area networking requirements.
VPN technologies use "tunnelling" protocols to create the connection and encryption protocols to provide the privacy on the public network. This allows you to securely access a VPN server and the rest of the company network. Once a VPN tunnel has been established, any application (Web, e-mail, even Voice over IP) can use it as though it were using a normal network connection.
So, if you need remote access, the question isn't whether to use VPN, but which VPN technology to use. There are four main protocols and each has pros and cons.
VPN choices
Because a VPN creates a secure virtual pipeline through the public network, the protocols used to create this connection are called tunnelling protocols. The most common VPN technologies available are: • PPTP • L2TP • IPSec • SSL
Choosing which one to use is tricky. A lot depends on factors such as server and client OS, the network resources to which access is needed, the level of security required and performance issues.
Even inexpensive routers, such as Point-to-point
PPTP (point-to-point tunnelling protocol) is an extension of the Internet standard PPP (point-to-point protocol), the link layer protocol used to transmit IP packets over serial links. PPTP was developed by Microsoft and it's the only VPN protocol built-in to Windows as standard.
PPTP drills the tunnel but it doesn't provide encryption. It's used in conjunction with MPPE (Microsoft point-to-point encryption) to create a secure VPN. With good authentication, for example EAP (extensible authentication protocol), PPTP is secure. It carries a low overhead, making it faster than other methods.
