In this article we will talk about Virtual Private Networks, and in previous article we already discussed about DNS Attacks.
To secure network traffic between sites and users, organizations use virtual private networks (VPNs) to create end-to-end private network connections. A VPN is virtual in that it carries information within a private network, but that information is actually transported over a public network. A VPN is private in that the traffic is encrypted to keep the data confidential while it is transported across the public network.
The figure shows a collection of various types of VPNs managed by an enterprise’s main site. The tunnel enables remote sites and users to access main site’s network resources securely.
The figure shows various types of V P Ns managed by an enterprises main site. The main site shows a Cisco A S A firewall connected to the Corporate network as well as connected through the Internet to a Business partner’s Cisco router, a Regional office’s Cisco A S A firewall, a small office/home office Cisco router and mobile worker remotely connecting through Cisco AnyConnect.Business Partner with a Cisco RouterRegional Office with a Cisco ASA FirewallSOHO with a Cisco RouterMobile Worker with Cisco AnyConnectCorporateMain SiteCisco ASA FirewallInternet
- A Cisco Adaptive Security Appliance (ASA) firewall helps organizations provide secure, high performance connectivity including VPNs and always-on access for remote branches and mobile users.
- SOHO stands for small office home office where a VPN-enabled router can provide VPN connectivity back to the corporate main site.
- Cisco AnyConnect is software that remote workers can use to establish client-based VPN connection with the main site.
The first types of VPNs were strictly IP tunnels that did not include authentication or encryption of the data. For example, Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco and which does not include encryption services. It is used to encapsulate IPv4 and IPv6 traffic inside an IP tunnel to create a virtual point-to-point link.