/dqweek/media/agency_attachments/JNb31gQnqJvAm0jqPxaV.png)
Follow UsA Virtual Private Network (VPN) is a connection that has the appearance and many of the advantages of a dedicated link, but occurs over a shared network. Using a technique called `tunneling', data packets are transmitted across a public routed network, such as the Internet or other commercially available network, in a private `tunnel' that simulates a point-to-point connection. This approach enables network traffic from many sources to travel via separate tunnels across the same infrastructure. It allows network protocols to traverse incompatible infrastructures. It also enables traffic from many sources to be differentiated, so that it can be directed to specific destinations and receive specific levels of service.
Tunnel initiation and termination can be performed by a variety of network devices and software. A tunnel could be started, for example, by an VPN-enabled access concentrator at an ISP Point of Presence
(PoP).
It could also be started by a VPN-enabled access router on an enterprise branch or home office LAN, or by an end user's laptop equipped with an analog PC modem card and VPN-enabled dial-up software. Basic tunneling and security capabilities are bundled into Windows 95 and Windows NT 4.0.
A tunnel could be ended by a VPN gateway on an ISP's or NSP's network access router or by a tunnel terminator or switch on an enterprise network. In addition, there will usually be one or more security servers. Along with the conventional application of firewalls and address translation, VPNs can provide for data encryption, authentication, and authorization.
Tunneling devices perform these functions by communicating with security servers. Such servers also usually provide information on bandwidth, tunnel-end points, and, in some cases, network policy information and service levels.
Step # 1
Assessing the needs
Assessing the requirements, of course, is the first step for VPN's planning as well. We can breakdown the requirement into two categories:
Remote access for road warriors or mobile workforce.
-
A list of locations which the mobile workforce is expected to travel to or the locations you would like to get covered in the
VPN. -
An approximate idea of the applications a mobile worker is likely to use and the bandwidth that he may require.
VPN as a leased-line alternate for the branch offices or partners.
-
A list of branch office locations and/or partners' location you may want to cover in the
VPN. -
An approximate idea of the processes that may run simultaneously and the bandwidth that would be required to support the same.
Step #2
Choosing the service provider
ISPs and some NSPs already own significant amount of infrastructure. However, a perfect VPN provider isone who addresses the following broad issues:
-
Cost: Optimizing communication expenditures
-
Security: Protecting the network and protecting data
-
Scalability: In terms of supporting large numbers of users as well as on the bandwidth since one may want to increase the bandwidth from time to time.
-
Quality of Service: Providing the ability to access reliably with acceptable performance, ease of deployment, management, and use. Making it easy for users and for managers to set up, maintain, and use.
-
Point of Presence: The service provider should either have a direct or indirect presence in all the locations where a mobile worker may travel and at the branch office/partner locations.
(To be continued)
Himanshu Goel is technical sales manager, Carrier
Networks, 3Com India Ltd
Source: www.voivendata.com