A virtual private network (VPN) provides end users with a way to privately access information on their network (example an intranet) over a public network infrastructure such as internet. A VPN is a connection that has the appearance and many of the advantages of a dedicated link but occurs over a shared network. Using a technique called “Tunneling”, data packets are transmitted across a public routed network, such as internet or other commercially available network in a private “Tunnel”, that simulates a point-to-point connection. This approach enables network traffic from many sources to travel via separate tunnels across the same infrastructure.
VPN solutions can be built using multiple devices like routers, firewalls , and bandwidth managers or they can be implemented on an integrated VPN router that provides on board firewall and band width management capabilities . integrating all VPN functions on a router reduces network complexity and total cost of ownership of the VPN solution.
The advantage of a VPN are less expensive to operate than private networks from management, band width and capital perspectives. Consequently, the payback period for VPN equipment is generally measured in months instead of years. Perhaps the most important benefit of all, however is that VPN enable enterprises to focus on their core business objectives instead of running the corporate network.
ABOUT THE PROJECT:
The principle objective is to protect the privacy and integrity of messages traversing untrusted networks. Traffic between sites are vulnerable to attacks like forgery and eavesdropping. Users may be transmitting passwords or valuble transactions between sites, so the traffic needs protection from outsiders.
VPN not only used for protection but also used to prevent outsiders from interfering with messages sent among insiders and to block forged traffic from entering any of the network’s sites. Insiders are trusted not to mount sophisticated attacks on internal computing resources. There is no immediate need for controlled access by outsiders or across to external, untrusted internet sites.
The sites that require protection are already making extensive use of networking software and hardware protocols. It is necessary to support those capabilities. New security measures must not require extensive software replacement. Practically every widely used protocol today is either internet based or has a defined mechanism for using TCP/IP as its transport protocol.