VPN (Virtual Private Network)’s function is to set up a private network over a public network, to conduct encrypted communication, which in enterprise networks is widely used. VPN gateway realizes the remote access by the encryption of data packets and the conversion of data packets’ destination address. There are several classifications of VPN, mainly by protocol classification. VPN can be realized by server, hardware, software and many other means. VPN has the features of low cost and ease of use.
VPN belongs to the remote access technology, simply put, it is to set up a private network using the public network. For example, a company employee is on a business trip and he would like access to enterprise intranet server resources, so this access exactly belongs to remote access.
VPN technology has a very good economic practicality, compared with other WAN connection solutions. VPN can help you more quickly and economically achieve business "globalization", greatly reducing general costs and achieving rapid return on investment. By VPN technology, users can extend the mission-critical applications to remote offices, partner networks, traveling staff and home workers, making enterprises more competitive and improving the quality of customer service.
At present, many enterprises are faced with the challenge that branches, dealers, partners, customers and traveling staff require to be able through the public network to access the company's resources at any time, which include the company's internal information, office OA, ERP systems, CRM system, e-mail and project management systems, at the same time when accessing network resources, to establish a highly reliable secure link. In order to meet the application requirements of enterprise VPN, Raresoft’s VPN link solutions, in terms of the five VPN implementation elements of scalable platform, security, service, application and management, own standard-based open architecture and extended end-to-end network interconnection capability and provide enterprises users with a variety of VPN connection modes and safe and reliable encryption mode, to protect the enterprise's information resources.
VPN is not only a product but also a service
VPN through the public network establish private data transmission channel to connect up the remote branch offices, business partners and telecommuters, reducing the remote access costs burden on businesses, saving money, and providing secure end-to-end data communication. VPN haves many features of both public network and private network, combining the reliable performance, scalability and rich functionality of public network with the security, flexibility and high efficiency of private network together, which can bring the following benefits to enterprises:
1. Significantly reducing the user's investment in the access and lines of network equipment;
2. The company using remote access paid in advance the full cost of the purchase and support of the entire enterprise’s remote access infrastructure;
3. Reduce user’s cost of network operation and maintenance and personnel management;
4. The network is easy to use with the manageability and scalability;
5. The company can take advantage of ubiquitous INTERNET via a single network structure to provide seamless and secure connections to branch offices;
6. Being able to strengthen the contact with customers, business partners and suppliers; operators, ISP, and enterprise users can all benefit from it.
Common VPN techniques
1. MPLS VPN is a kind of MPLS-based IP VPN, which applies MPLS (Multiprotocol Label Switching) technology in the network routing and switching equipment to simplify the routing method of core routers, using the label switching combined with traditional routing technology to achieve IP virtual private network (IP VPN). MPLS’s advantage lies in the combination of L2 switching and L3 routing technology, which has a very good performance in solving VPN, service classification and traffic engineering these major problems of IP network. MPLS VPN can be divided into Second Layer MPLS VPN (ie, MPLS L2 VPN) and Third Layer MPLS VPN (ie, MPLS L3 VPN).
2. SSL VPN is a kind of VPN technology on the basis of HTTPS (Secure HTTP, namely HTTP protocol that supports SSL), working between the transport layer and application layer. SSL VPN takes full advantage of the certificate-based authentication, data encryption and message integrity verification mechanism provided by SSL protocol and can establish a secure connection for the communication between the application layers. SSL VPN is widely used in Web-based remote secure access, providing security assurance for users’ remote access to internal network.
3. IPSec VPN is a kind of VPN technology on the basis of IPSec protocol, which is provided tunnel security assurance by the IPSec protocol. IPSec is an end-to-end mechanism designed by the IETF to ensure data security based on IP communication, which provides a high-quality, interoperable and cryptology-based security assurance for Internet data transmission.