Fwd: TechTip: What's a VPN, Anyway?

Tue Sep 19 15:26:16 EDT 2000

I found this on SearchSecurity.com's mailing list - thought it might
be a relevant reply to David Rudolph's "VPN disables access to local
corporate LAN" message.

>Subject: TechTip: What's a VPN, Anyway?
>Date: Tue, 19 Sep 2000 15:20:45 -0400
>
>------------------------------------------------
>SearchSecurity.com's Tech Tip
>------------------------------------------------
>
>TODAY'S TECH TIP: What's a VPN, Anyway?
>
>*************************************************************
>
>What's a VPN, Anyway?
>by David Gabel
>
>There is a lot of confusion and downright obfuscation about the
>subject of VPNs. They are, apparently, different things to different
>people, especially to vendors with their own VPN products to sell.
>This tip, excerpted from Microsoft Windows 2000 Security Handbook,
>by Jeff Schmidt and Dave Bixler (published by Que
><http://www.mcp.com/que>, ISBN 0789719991), defines a VPN and
>discusses some of the applications for one.
>
>*************************************************************
>A VPN is a mechanism for providing secure, encrypted communications
>in two configurations. First, a user to network configuration, where
>the remote user connects to the Internet and using a VPN is able to
>securely become a node on the company network. This is commonly
>referred to as the "Remote Access" model for a VPN. The other
>configuration is when a site/office uses the VPN coupled with an
>Internet connection to securely connect to the network at the other
>end of the VPN. This is commonly referred to as a "site to site"
>VPN. The remote access VPN is used to supplant the standard remote
>access of dial in or authenticated firewall access to the network.
>The site to site model is being used in places to remove the need
>for a Wide Area Network. Both configurations can offer significant
>cost savings over the more traditional access methods. One downside
>of the VPN model however, is during Internet backbone outages. When
>you are unable to connect to your office because one of the Tier 1
>networks has suffered a fiber cut, whom can you call? With a WAN or
>a remote access solution you always had a vendor you could call for
>a status, or to have a technician dispatched. There is no
>1-800-INTERNET number that you can call for technical support. This
>is the major tradeoff with a VPN solution versus a more traditional
>approach.
>
>These are two of the more common uses for a VPN, but they are not
>the only reasons to use VPN technologies. Without security, both
>public and private networks are susceptible to unauthorized
>monitoring and access. That's right...private networks are
>susceptible to security issues just like the public Internet is.
>Welcome to networking in the 90's. Do you think your internal
>security breaches are just the result of minimal or nonexistent
>internal network security? Are you convinced that the major risks to
>your network are from outside the private network; in other words
>from connections to the Internet and any extranets connecting your
>network to customers or vendors? Guess again. A disgruntled employee
>with an easily downloaded packet sniffer can be a much larger issue
>than any Internet connection. Password-secured systems cannot
>protect data transmitted across a network.
>
>To read more of this book, click to InformIT at:
>http://www.informit.com/product/0789719991/
>
>David Gabel is Executive Technology Editor at Techtarget.com.
>
>========================================================
>Site Editor's Note: Do you find the items we've researched in this
>newsletter helpful? Tell us about it. If you have suggestions or
>comments on other topics you would like to see covered on our
>SearchSecurity.com site or in an upcoming newsletter, we'd like to
>hear from you. Please send an e-mail to me directly: Cathleen Gagne,
>SearchSecurity.com site editor, at mailto:cgagne at techtarget.com.
>(NOTE: If you would like to be removed from this e-mail list, please
>follow the instructions below and reply directly to this e-mail from
>SearchSecurity.com.)
>=========================================================
>
>This message is being sent to you by http://www.SearchSecurity.com
>GET RELEVANT SEARCH RESULTS from 2000 security-specific websites chosen by our
>editorial team for quality and relevance.
>
>If you prefer not to receive further messages from this sender,
>"Reply" to this
>message with REMOVE in the subject line. You will receive a
>confirmation email.

VPN is sponsored by SecurityFocus.COM