Different Types of VPN Providers

Your network is private and you work hard to keep it that way. What about when you connect to the outside world? Do you open your castle gate to let in everybody and everything festering on the Internet? Or, do you protect your network over long distances by using a private or virtually private network?

Before there were VPNs (Virtual Private Networks) there were private networks. There still are. Some situations require so much security that the only way to be sure you maintain control and avoid all intrusion is by using private line point to point connections. You might even go one step further and encrypt the data traveling on those private lines on the odd chance that someone has figured out how to tap in.

Private lines make the most sense when you have only two locations to connect. You can order order a “nailed up” T1 line from point to point. By “nailed up” I mean that the connection is hard wired and stays that way as long as you pay the monthly lease. There is no traffic other than yours on this circuit. Whatever you aren’t using to full capacity simply idles while waiting to be used day and night.

Need a lot more bandwidth? You can order DS3 private lines at 45 Mbps or move up to fiber optic service starting at 155 Mbps. An alternative is Carrier Ethernet over copper or fiber. With Ethernet you have many more bandwidth options and the cost is generally lower than with traditional telecom services.

Note that these circuits are dedicated to your locations, but your data may be multiplexed with data from other users while it is on the line. SONET fiber service and Ethernet over Fiber has so much bandwidth that it doesn’t make economic sense to use an entire strand or even a wavelength for 50 or 100 Mbps of traffic.

This is the beginning of virtual private networking. In this case, the provider divvies up the available bandwidth by TDM (Time Division Multiplexing) time slots or virtual private circuits. Since the network is privately operated, you have the protection that the general public has no outside access to any of this traffic and no way to snoop on your data stream or cause trouble.

If you need really massive amounts of bandwidth, you can rent wavelengths on fiber circuits at typically 5 Gbps or rent dark fiber strands themselves that can support nearly unlimited bandwidth. These offer an increased security in that only your traffic is on the wavelength or fiber strand.

Another VPN methodology is the MPLS network. MPLS or Multi Protocol Label Switching also runs on privately operated networks. It transports IP traffic as well as other protocols but doesn’t use IP labels for routing. Instead MPLS switches install special tags on each packet upon entry to the network and remove them before egress. This is where the virtual private designation comes in. You share the network with other users, but the proprietary MPLS technology protects the privacy of your data while it is on the network. You’ll hear this service referred to as MPLS VPN.

The most common application for VPN is when using the Internet as your connection from point to point or to the general public. If you do business on the Internet, you don’t really have a choice. You may also want to have home workers or traveling employees connect to your business systems without the expense of private lines. The challenge is how to make an inherently risky network like the Internet into something your can trust with sensitive date.

The answer is “tunneling.” This is a concept for creating private channels through a public network. The tunneling is accomplished by encrypting each packet so that it makes no sense to anyone but the intended parties. There are two software methods commonly used to accomplish this.

The legacy method is IPsec or Internet Protocol security. This requires special software to be installed on the company server and client computer. IPsec does the encryption and decryption and must be specially set up to create the virtually private tunnel. One installed, you have a VPN connection from wherever you want to use that particular computer. Other computers must have the same software installed or they won’t work on the VPN.

A competing method is called SLL or Secure Socket Layer. This is the technology you use when accessing your bank account or secure email. It’s become so standard that it is built into all Web browsers and many email programs. With SSL, you need a user account ID and a password to access your remote account. The nice feature is that you an access your account from just about any computer, private or public, and know that your data is securely encrypted.

Are you in need of a business-grade private or virtually private network connection? If so, check out the options and decide which works best for your applications.

Advantages of SSL VPN

Computer security is in the back, if not the front, of every Internet user’s mind right now. Hacking, security breaches, identity theft and malicious bots are terms that show up in national news reports as well as user forums. Everything moving to the cloud is adding to the anxiety of anyone who has sensitive data and wants to keep it personal and private. Little wonder the interest in virtual private networks is greater than ever before.

What is a virtual private network and why would you want that instead of an actual private network?

The answer revolves around our desire for universal connectivity. Most companies started connecting to other locations using private line services, such as T1, DS3 and OC3. These are point to point connections that are reserved for your private use. Only you and the network operators have access to those wires and the data they are transporting. It’s fairly difficult for third parties to tap a private line and examine the packets moving back and forth.

Private lines are defined as private, but that’s not really good enough for high risk companies such as banks and brokerages. To thwart even the most dedicated line “tapper,” they encrypted their data to ensure it stayed private. Encryption is a process that takes plain text and jumbles it in such a way that it appears to be indecipherable nonsense to anyone looking. At the far end of the link, the text is decrypted and returns to its original form.

Private lines are great for communicating within organizations or with a select few suppliers, vendors, consultants and so on. But what if you want to interact with the public at large? For that you need a public, not a private, network. That’s exactly what the Internet was created to do.

The advantage of the Internet is that it connects to nearly every place and every person on Earth. That’s also its weakness. The same universal connectivity that makes it easy for billions of potential customers to reach your website makes it equally easy to do mischief or outright crime. If there was only a way to make the connection between you and your customer secure while still using the public Internet.

That solution is called the VPN or Virtual Private Network. A public network connection can be made virtually private by encrypting the packets that travel between two locations. Your particular stream of traffic is scrambled while the rest of the traffic flowing through the same network connections could be transmitted in the clear.

SSL or Secure Socket Layer is a popular technique to provide the encryption between source and destination. What makes it so popular is that SSL is supported by all modern Web browsers and many other programs, such as Email clients. There is no need to buy or configure separate encryption software used in other VPN approaches.

Anyone with an Internet connection and browser can connect securely to any site that supports SSL. The resulting connection can be called a SSL VPN. It only persists for the length of the session, but can be established at any time. You know that you are on a secure link because the address starts with https: rather than http: The “s” means secure.

Adding SSL to a site involves buying a digital certificate from a trusted certificate authority. That certificate attests to the fact that the site in question is who it says it is and not some impostor. The secure site presents the certificate to the client to prove legitimacy. It may also ask the user for authentication, such as user ID and password, to prove that the user is also legitimate.

What sites use SSL? Most any site handling financial transactions, such as banks, online stores that accept credit cards, webmail providers, cloud storage providers, remote access services, most sites that store personal data and require user logins, and businesses using the Internet to connect remote locations and home workers.

Do you need to provide secure connections for your business? If so, look into the costs and features of Affordable Virtual Private Network solutions. One or more may be just right for your particular needs.