By RSVPs

What is a VPN?
A virtual network overlaid on top of the
ubiquitous interconnection of the Internet
and a private network for confidential
communications and exclusive usage.

VPNs
In a virtual private network (VPN), "virtual"
implies that there is no physical network
infrastructure dedicated to the private network.
Instead, a single physical network infrastructure
is shared among various logical networks
In VPNs, various networking technologies are
applied toward the goal of providing private
communications within the public Internet
infrastructure

Private Networks

Separate Private Networks.

Why VPNs?
Separate private networking solutions are
expensive and cannot be updated quickly
to adapt to changes in business
requirements.
The Internet is inexpensive but does not
by itself ensure privacy.

The Internet

Virtual Private Networking: the collection of

technologies applied to a public

networkthe Internetto provide
solutions for private networking needs.

VPN

Motivation

Ubiquitous Coverage - wider coverage

compared with the private data network
infrastructures offered by
telecommunication providers

Cost Reduction - based on the system's

economy of scale
Security using cryptographic technology
E-Commerce - VPNs provide both
interconnectivity and security.

The VPN MarketPlace

VPN Products: Hardware and Software that make
VPNs possible
A VPN gateway is a stand-alone device that
enables authorized access to the protected
network resources. The resources are not
located on the same physical device with
the VPN gateway
A VPN client, on the other hand, is installed
on the same network device it is supposed
to protect. Usually, the client is a software
package installed on the host computer.

The VPN MarketPlace

VPN SERVICES:
Contracted VPN service
Service level agreements (SLAs)

VPN

Barriers

Lack of interoperability of IPSec* implementations.

????????
Lack of widely used quality of service (QoS)
standards, as well as the sparse deployment of
QoS-capable infrastructures
Security services in support of VPNs must be
constructed from additional hardware and software
components as Internet infrastructure is still largely
focused on providing connectivity and does not yet
offer services beyond connectivity.
*IPSec: Internet Security standards established by IAB

VPN Technologies

Tunneling using encapsulation

Authentication
Access Control
Data Security

VPN Solutions
VPN solution consists of multiple, appropriately
configured VPN devices that are placed in the
appropriate locations within the network.
VPN Gateway Interface

The VPN client is software used for remote

access for a single computer or user.
VPN Network and Service Management.

VPN Vendors
Layer 2 Tunneling Protocol (L2TP): utilizing Cisco
Systems Layer-2 Forwarding and Microsofts
Point-o-Point Tunneling Protocol (PPTP)
Supports IP, IPX, AppleTalk, frame relay, ATM,
S.25 and Sonet
IBM Nways Multiprotocol Routing Services (MRS),
Nways Multiprotocol Access Services(MAS) and
Access Integration Services(AIS)
Supports IP, APPN,TN3270
And there are many more

Types of VPNs
Site to Site VPNs
Using ISDN, Frame Relay or ATM
Designed to replace a WAN

Remote Access VPNs

Using the Internet
Provide remote access to mobile or branch
employees

Site-to-Site VPN
VPNs Based on ISDN, Frame Relay or ATM

Site-to-Site VPN vs WAN

Remote Access VPN

VPNs Based on IP Tunnels/
Internet VPNs

What are the costs?

Cost Savings $$

Monthly Cost Savings for Site-to-Site

VPN
800000
700000
600000
500000
400000
300000
200000
100000
0

678255

134055
0
0

2000

4000

6000

Using the Cisco

website
calculator a
comparison of
three scenarios
was made.
Not for small
enterprises!!

Number of users

*
www.cisco.com/warp/public/779/largeent/learn/technologies/vpn/site2site.html

VPN

Directions

Integration of VPN and firewall functions into a

single device.
Incorporating routing and quality of service
features into the VPN device will make it even
more versatile and more attractive to businesses.
Adding intelligence to the network Currently the
routers and switches merely forward the packets
without knowing what is inside them or how to
process them accordingly. ??

Questions?????

Questions
What is L2TP? PPTP? IPSec?
What types of VPNs are there?
Name two advantages of VPNs?
Name two disadvantages of VPNs?
At which layer of the OSI model do
VPNs interact?

And Answers
What is
L2TP? Layer2 Tunneling Protocol from
Cisco and Microsoft.
PPTP? MS Point-to-Point Tunneling
Protocol
IPSec? IP Security, a set of standards for
the Internet security; also implementations
of VPN using the set of standards for
Internet security

What types of VPNs are there?

Two were described, remote access VPNs
and Site-to-Site VPNs

More Answers
Name two advantages of VPNs?
Cost savings and good way to handle
remote access are two

Name two disadvantages of VPNs?

Security risk and lack of QofS

At which layer of the OSI model do

VPNs interact?
Layer 2 or Layer 3