Virtual Private Network

Virtual private network: A secure connection between two parts of a private network that uses a public network such as the Internet to reduce costs.

You work even when you're out of the office. While you're on the road or working from home, you need access to your files, e-mail, and databases. Dialing directly into your office's server is one solution, but it's expensive and comes with perennial support problems. Sending files over the Internet is easy, but you never know who might be snooping. So why not take your network with you? You can have secure access to your business network for the cost of a local phone call, using the Internet and a virtual private network. And forget about installation headaches--you can just get an Internet service provider to manage the VPN for you. A VPN:

• Creates a secure connection to your business network for branch offices and telecommuters.
  
  
• Costs as much as 70 percent less than traditional dial-up and modem access.
  
  
• Can run over a variety of networks, including the Internet.
  
  

A VPN is a secure connection between two segments of a network, with one end being your office's network gateway (an entrance to the network, such as a router), and the other end being your PC or a gateway to another network, say, in a remote office. Those two segments connect over a public network, usually the Internet. A VPN requires two technologies to create such a secure connection: tunneling and encryption.

Tunneling lets the two ends of the VPN communicate across the Internet. Since the Internet doesn't speak the same language as your network does, a tunnel packages the data you're sending so that the Internet can understand it.

Make the Connection

When you make a VPN connection, software on your end contacts the VPN gateway, for example, your office's Ethernet router. The gateway typically verifies that you are an approved user by checking your password. Then the VPN software creates the tunnel and adds a header to your data packet that the Internet can understand. When the packet reaches the gateway endpoint, the gateway pulls off the Internet header and routes the packet to its final destination.

VPNs use one of three technologies to create a tunnel: PPTP, L2TP, and the newest standard, Internet Protocol Security (also known as IPSec).

While the tunnel creates the network, encryption makes it private, scrambling data so that only those who have the right digital key can decode it.

PPTP and L2TP can verify a user's ID and scramble data using basic cryptography, which encrypts an entire file at once. That level of security suffices for most businesses. (For more information, see "How It Works: Encryption.") The truly security-conscious will want to consider the IPSec standard, which takes the process much further, verifying and encrypting each packet of data to ensure maximum privacy.