fredag, januar 16, 2004
- authenticationensuring that the data originates at the source that it claims
- access controlrestricting unauthorized users from gaining admission to the network
- confidentialitypreventing anyone from reading or copying data as it travels across the Internet
- data integrityensuring that no one tampers with data as it travels across the Internet
The privacy of corporate information as it travels through the VPN is guarded by encrypting the data.
Unlike the leased lines used in traditional corporate networks, VPNs do not maintain permanent links between the end points that make up the corporate network. Instead, when a connection between two sites is needed, it is created; when the connection is no longer needed, it is torn down, making the bandwidth and other network resources available for other uses. Thus the connections making up a VPN do not have the same physical characteristics as the hard-wired connections used on the LAN, for instance.
Tunnels can consist of two types of end points, either an individual computer or a LAN with a security gateway, which might be a router or firewall. Only two combinations of these end points, however, are usually considered in designing VPNs. In the first case, LAN-to-LAN tunneling, a security gateway at each end point serves as the interface between the tunnel and the private LAN. In such cases, users on either LAN can use the tunnel transparently to communicate with each other.
The second case, that of client-to-LAN tunnels, is the type usually set up for a mobile user who wants to connect to the corporate LAN. The client, i.e., the mobile user, initiates the creation of the tunnel on his end in order to exchange traffic with the corporate network. To do so, he runs special client software on his computer to communicate with the gateway protecting the destination LAN.
What kind of software would the mobile user use?
In addition, VPNs are not limited to corporate sites and branch offices. As an added advantage, a VPN can provide secure connectivity for mobile workers. These workers can connect to their company's VPN by dialing into the POP of a local ISP, which reduces the need for long-distance charges and outlays for installing and maintaining large banks of modems at corporate sites.
- vpn tutorial
- vpn introduction
- vpn deploy
- vpn deployment
- vpn implement
- vpn implementation
dette så ikke så vanseklig ut