What Is VPN?
VPN stands for virtual private network.To provide user security and privacy over the public network,vpn is one of the trusted mechanisms ,used by different users all over the world.To access private files or resources from remote network without disclosing sensitive information to hackers or third party agent ,vpn creates a non penetrable layer over the communication channel or pathway.
WHERE AND WHEN TO USE VPN:
When the client and the server system both are in LAN network then the probability of data theft is less compared to the WAN ,where one needs an internet connection to connect with the server resources. So there is a high chance that your data gets leaked by some hackers.
VPN was primarily used by different companies to securely access the server resources from the remote location over the internet.
VPN creates a virtual private network on the WAN. So when a client system, trying to fetch the data of remote server,it assumes that it is pulling data from a local server.
How Does VPN Work?
VPN uses tunnelling protocol to make the communication channel non-penetrable for hacker.More over the data travelling through the tunnel gets encrypted. In this way, this technology becomes more secure and make data more private. Though nothing is impossible to be completely impenetrable in this era but, somehow, one can get some security against identity theft over the public network using this tunnelling technology.Only the VPN service provider has the true knowledge about the VPN users identity.
There are mainly two types of VPN in networking.
Remote access VPN:
In this type of VPN, users get access to the LAN server from a remote system. It is mainly used when an employee wants to access the company’s secured file from a location, which is not near to the companies head office Or the person has to travel a lot for company’s business purposes; In that case, remote access vpn allow that person to connect with the Company’s Local Network.In this type of VPN only one user can access the Local Network through the VPN tunnel.
All that are required for this type of VPN connection a VPN client software and Network access Service(NAS) or Remote Access Service(RAS).
VPN client software needs to be installed at client software and it will be responsible for encapsulation and encryption of data to be sent.Then the data gets travelled through secured tunnel on the internet Then the NAS will validate the credential of the sent data .If its validated then the data gets into the VPN gateway and then it is sent towards the destination ip address. This mechanism is called IPSec Remote VPN.
Site to Site VPN:
Site to Site VPN is used to connect more than one user to a Remote Network.When there are multiple branch of an Office and multiple users, under one branch, want to access the Head Office Network, then Site to Site VPN is used to make the connection. In that case a router at the sending end is configured as a VPN gateway and another router is configured as another VPN gateway at the receiving end .That means at both ends (i.e at Head office terminal as well as Branch terminal) a router should be established . Whenever a data needs to be sent from one location to another location ,that data first goes to the router of that end and it is encrypted there .Then that cypher text data is encapsulated and then it is travelled through the internet. When the data hit the receiving end router (which is configured as VPN terminal) , it gets decrypted and then forwarded to the actual receiving ip address.
The above mechanism is called IPSec Mechanism, where the payload data (the data which is sent ) gets encrypted and then encapsulated with a virtual IP address, (provided by the VPN gateway of that terminal) destined to another virtual ip address.