VPN

VPN - Virtual private Networking, an overview

A VPN is a secure, private communication tunnel between `two or more devices across a public network (like the Internet). These VPN devices can be either a computer running VPN software or a special device like a VPN enabled router. It allows your home computer to be connected to your office network or can allow two home computers in different locations to connect to each over the Internet.

Network diagrams were made with
SmartDraw - click for SmartDraw info.

Even though a VPN’s data travels across a public network like the Internet, it is secure because of very strong encryption. If anyone ‘listens’ to the VPN communications, they will not understand it because all the data is encrypted. In addition, VPN’s monitor their traffic in very sophisticated ways that ensure packets never get altered while traveling across the public network. Encryption and data verification is very CPU intensive.

Clients and Servers

A VPN server is a piece of hardware or software that can acts as a gateway into a whole network or a single computer. It is generally ‘always on’ and listening for VPN clients to connect to it.

A VPN Client is most often a piece of software but can be hardware too. A client initiates a ‘call’ to the server and logs on. Then the client computer can server network can communicate. They are on the same ‘virtual’ network.  Many broadband routers can 'pass' one or more VPN sessions from your LAN to the Internet. Each router handles this differently.

Network diagrams were made with
SmartDraw - click for SmartDraw info.

VPN Software

VPN ‘server’ software is rather rare. Windows Server level operating systems like ‘Windows 2000 Server’ have a ‘VPN server’ built in. I know if no software products priced for home or small business that allows you to set up a VPN server.

VPN ‘client’ software is much more common. When loaded on your computer, this software allows you create a secure VPN tunnel across the Internet and into another network fronted by a VPN server.

VPN Languages

There are two major 'languages' or protocols that VPN's speak. Microsoft uses PPTP or Point to Point Tunneling Protocol and most everyone else uses IPSec - Internet Protocol Security. Most broadband routers can pass PPTP traffic by forwarding port 1723 but IPSec is more complex. If your router does not explicitly support IPSEC pass through, then even placing your computer in the DMZ might not work.

PPTP has 'good' encryption and also features 'authentication' for verifying a user ID and password. IPSec is pureley an encryption model and is mutch safer but does not include authentication routines.  A third standard, L2TP is IPSec with authentication built in.

VPN Reviews

2/18/2002: SnapGear Lite+ VPN Router (read)

2/12/2002: ZyWall 1 - Firewall and Router with VPN (read)

1/24/2002: Multitech RouteFinder RF550VPN (read)

1/3/2002: Draytek Vigor2200E & USB VPN Routers (read)

Broadband Routers with VPN Servers

Until recently, VPN server hardware was VERY expensive. As home networks become more sophisticated, the demand for home level VPN’s increase.  At the end of 2001, the home network industry responded by adding VPN servers into some broadband routers. These products are often priced at under $300 (us) and some are as inexpensive as $170.

VPN functionality is very processor intensive and most broadband routers have somewhat slow processors in them. Broadband router based VPN servers are often limited in throughput because of their microprocessors. Most have a maximum VPN throughput of around .6Mbps or 600Kbps.

To build Network VPN Access IndosatIM2-Indonesia

VPN Express adalah layanan akses VPN dengan menggunakan koneksi via 3G atau CDMA baik starone dan fren. Product ini memberikan flexibilitas kepada pelanggan korporat atau SME yang sudah berlangganan IP VPN (IM2 Link)  untuk dapat mengkases VPN secara aman dan ekonomis selama pelanggan masih berada di dalam area 3G indosat.

SLA yang diberikan kepada pelanggan VPN Express terbagi menjadi 2 yaitu:

• SLA koneksi dari LNS hingga ke VPN pelanggan yang menggunakan link dedicated.
  • Jika pelanggan complain, disebabkan link LNS ke VPN pelanggan bermasalah, maka pelanggan berhak untuk mendapatkan kompensasi sesuai dengan klausul pada SLA tersebut.

• SLA koneksi dari modem pelanggan ke LNS melalui jaringan 3G atau CDMA
  • Jika pelanggan complain disebabkan link dari modem ke LNS melalui jaringan 3G atau CDMA, maka pelanggan tidak berhak mendapatkan kompensasi.