Understanding Virtual Private Networks
Let’s look at some real examples of VPNs.
Health Care Company Intranet Deployment
Here we have a health care company that's
deploying an intranet.
Well, why would they care so much about security? Your health
records are something that you want to be secure. This is
information that you don't want non-authorized personnel to
have access to.
So you can see on the figger, the company has a number of
In this case, these are like doc-in-the-box, those little
new medical clinics that are springing up. So those are relayed
back to a primary network and back to the association where
the primary hospital that these different medical centers
are associated with resides.
So a lot of more sophisticated databases, etc., can be back
at the hospital, and they can share the Internet and, with
confidence, share medical data that they don't want to have
published to the outside world.
Branch Office or Telecommuters
Another example would be branch offices or
So the challenge is getting a cost-effective means to connect
those small offices that maybe can't afford a leased line
or a leased line wouldn't be appropriate for. And so with
IPSec, you can encrypt the traffic from the remote sites to
It doesn't matter what applications the users are using.
This isn't just encrypting mail or just encrypting the database
or something like that. You can encrypt all traffic if you
want to. And so that's something that you can set up right
into the router in terms of what traffic you want to encrypt
right into your client.
So using this, telecommuters can have full access safely to
Traditional Dialup Versus Access VPN
To illustrate the savings an Access VPN can
provide, compare the cost of implementing one with that of
supporting a dial-up remote access application. Suppose a
small manufacturing firm must support 20 mobile users dialing
into the corporate network to access the company database
and e-mail for approximately 90 minutes per day (per user).
In the traditional dial-up model, the 20 mobile workers use
a modem to dial long distance directly into their corporate
remote access server. Most of the cost in this scenario comes
from the monthly toll chares and the time and effort required
to manage modem pools (access server) that accrue on an on-going
basis over the life of the application.
By using an access VPN, the manufacturing firm’s monthly
toll charges can be significantly reduced. The mobile users
will dial into a service provider’s local point of presence
(POP) and initiate a tunnel back to the corporate headquarters
over the Internet. Instead of paying long distance/800 toll
charges, users pay only the cost equivalent to making a local
call to the ISP. The initial investment in equipment and installation
of an access VPN may be recaptured quickly by the savings
in monthly toll charges.
How long will it take the manufacturing firm to realize a
payback of the initial capital investment, then realize recurring
This chart shows us the return on investment.
You can see that the payback is right about three months.
So you can see that VPNs save money in the long run.
- Summary -
- VPNs reduce costs
- VPNs improve connectivity
- VPNs maintain security
- VPNs offer flexibility
- VPNs are reliable
Lower cost: VPNs
save money because they use the Internet, not costly leased
lines, to transmit information to and from authorized users.
Prior to VPNs, many companies with remote offices communicated
through wide area networks (WANs), or by having remote workers
make long-distance calls to connect to the main-office server.
Both can be expensive propositions. WANs require establishing
dedicated and inflexible leased lines between various business
locations, which can be costly or impractical for smaller
Improved communications: A VPN provides
a robust level of connectivity comparable to a WAN. With increased
geographic coverage, remote offices, mobile employees, clients,
vendors, telecommuters, and even international business partners
can use a VPN to access information on a company's network.
This level of interconnectivity allows for a more effective
flow of information between a large number of people. The
VPN provides access to both extranets and wide-area intranets,
which opens the door for improved client service, vendor support,
and company communications.
Security: VPNs maintain privacy
through the use of tunneling protocols and standard security
procedures. A secure VPN encrypts data before it travels through
the public network and decrypts it at the receiving end. The
encrypted information travels through a secure "tunnel”
that connects to a company's gateway. The gateway then identifies
the remote user and lets the user access only the information
he or she is authorized to receive.
Increased flexibility: With a VPN,
customers, suppliers and remote users can be added to the
network easily and quickly. Some VPN solutions simplify the
process of administering the network by allowing the system's
manager to implement changes from any desktop computer. Once
the equipment is installed, the company simply signs up with
a service provider that activates the network by giving the
company a slice of its bandwidth. This is much easier than
establishing a WAN, which must be designed, built and managed
by the company that creates it. VPNs also easily adapt to
a company's growth. These systems can connect 2,000 people
as easily as 25.
Reliability: A secure VPN can be
used for the authorization of orders from suppliers, the forwarding
of revised legal documents, and many other confidential business
processes. Recent improvements in VPN technology have also
increased the system's reliability. Many service providers
will guarantee 99% VPN uptime and will offer credits for unanticipated