VPN (Vittual Private Network) is a private network of an organization built over a public network such as the Internet. Thus, the connections, protocols and services used in VPN are those of public networks, but it is so built that it would function as a private corporate network.
For companies, VPNs are very cost effective than a network provided by using modems, dedicated leased lines and toll-free numbers.
In VPNs, users enjoy the same security and privacy features as available in a real private network. It gives secure remote access to the corporate network over the internet.
The Internet Service Provider (ISP) can install a Remote Authentication Dial In User Service (RADIUS) proxy server and configure it to recognize and authenticate requests from the employees of the company using VPN, and forward it to the IAS (Internet Authentication Service) on the company's private network. In this way, the VPN customer would be able to keep control over the remote access permissions for all its employees.
VPNs use tunneling technologies to allow users to access private network resources through the Internet or any other public network.
Tunneling solutions are typically based on the Microsoft's Point-to-Point Tunneling Protocol (PPTP)
Once everthing is set-up and configured on the corporate network and at the ISP, remote employees can establish secure, local connections to their private corporate networks from anywhere in the world by dialing local numbers to their ISPs. The RADIUS proxy server at the ISP forwards their authentication request to IAS (Internet Authentication Service) on their corporate networks, which uses their corporate domain controllers to grant access to resources on the corporate network. With Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), secured connections are established between remote employees and the PPTP (Point-to-Point Tunneling Protocol) server on the corporate network. The entire process of connection on VPN is transparet to remote epmloyees. As far as the employees are concerned, they appear to have a local area network (LAN) connection to corporate World.
No comments:
Post a Comment