Question: What Are the Key VPN Security Technologies?
Virtual private networks (VPNs) are generally considered to have very strong protection for data communications. What are the key
VPN security technologies?
Answer: So-called
secure VPNs provide both network
authentication and
encryption. Secure VPNs are most commonly implemented using
IPsec or
SSL.
Using IPsec for VPN Security
IPsec has been the traditional choice for implementing VPN security on corporate networks. Enterprise-class network appliances from companies like Cisco and Juniper implement the essential VPN server functions in hardware. Corresponding VPN client software is then used to log on to the network. IPsec operates at the layer 3 (the Network layer) of the OSI model.
Using SSL for VPN Security
SSL VPNs are an alternative to IPsec that rely on a Web browser instead of custom VPN clients to log on to the private network. By utilizing the SSL network protocols built into standard Web browsers and Web servers, SSL VPNs are intended to be cheaper to set up and maintain than IPsec VPNs. Additionally, SSL operates at a higher level than IPsec, giving administrators more options to control access to network resources. However, configuring SSL VPNs to interface with resources not normally accessed from a Web browser can be difficult.
Wi-Fi vs VPN Security
Some organizations use an IPsec (or sometimes SSL) VPN to protect a
Wi-Fi local area network. In fact, Wi-Fi security protocols like WPA2 and WPA-AES are designed to support the necessary authentication and encryption without the need for any VPN support.
