Virtual Private Network (VPN)

A virtual private network uses secure paths, often called tunnels, to create a private network environment inside of public networks such as the Internet. Until the creation of VPNs, companies had to either lease dedicated lines or build and maintain their own lines to confidentially communicate information with business partners and associates. VPNs accomplish the same goal as private networks, but at a fraction of the cost.

Simply put, tunneling is the process of preparing a message to be sent, encapsulating the message, and then sending it over the common carrier network. The preparation process uses a special method called a passenger protocol, the encapsulation process uses an encapsulation protocol, and the sending process uses a carrier protocol common to that network. For example, TCP/IP is a common carrier protocol for the Internet.

VPNs are commonly used in businesses today to support confidential sharing of information through extranets and intranets and trusted mobile users and business affiliates. Consequently, the three most common types of VPNs are called remote access, or access, intranet based, and extranet based.

There are two common methods for configuring access VPNs. The first, the client-initiated method, requires the remote user to establish an encrypted tunnel from its machine, through the network and into the corporate network. This type of VPN provides a high level of data security from the client computer to the corporate network, but users need to take measures to ensure that remote equipment is protected. For example, notebook computers equipped with tunneling software should at the very least be password protected and should never be left on and unattended.

The second type of access VPN, called a network access server VPN, requires remote users to dial into a third party service provider, which in turn initiates a secure connection to the corporate network. The main advantage of this method is that the service provider can authenticate a user before giving it access to the corporate network. The disadvantage is that the data are only encrypted from the service provider to the corporate gateway.

Companies with two or more locations or branches often need to share information. Intranet-based VPNs are used to create secure connections among different corporate locations. Similarly, extranet-based VPNs are used to create secure communications channels between two or more business partners.

Benefits of VPNs include

• Improved security
• Assurance of data reliability
• Improved productivity via secure remote connectivity
• Relatively inexpensive mechanism for global networking
• Cost effectiveness over traditional wide area network configurations
• Scalability—it is much easier to add more users to a VPN than to a leased line

[Page 585]Additional investments that may be required to ensure proper functionality of a VPN include firewalls, dedicated VPN servers, network access servers, and client software for each remote user. Some companies, such as Cisco, offer complete turnkey solutions as an option for companies interested in VPNs.

VPNs can play a vital role in protecting confidential information including data, voice, and video that is commonly exchanged among hospitals, physician offices, insurance companies, pharmaceutical companies, and other health care-related organizations.