Skip to main content Accessibility help

We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.

Close cookie message
×
Hostname: page-component-5c6d5d7d68-wp2c8 Total loading time: 0 Render date: 2024-08-25T02:18:17.256Z Has data issue: false hasContentIssue false

12 - Virtual private networks

from IV - Protecting enterprises

Published online by Cambridge University Press:  11 September 2009

Mohammad Obaidat  and
Noureddine Boudriga
Mohammad Obaidat
Affiliation:
Monmouth University, New Jersey
Noureddine Boudriga
Affiliation:
Université du 7 Novembre à Carthage, Tunis
Get access

Summary

This chapter deals with virtual private networks (VPNs), which have become more and more important for all kinds of businesses with a wide spectrum of applications and configurations. This chapter presents the basics and techniques of virtual private networks. We also review VPN services that include Intranet, Extranet and Remote Access VPNs. Security concerns that arise when transmitting data over shared networks using VPN technology are also addressed in detail. The fundamental VPN models, namely the peer and the overlay model are treated as well. The protocols employed in VPNs such as PPTP and L2TP as well as security aspects are also discussed. It is expected that VPNs will be in a position to support a set of QoS levels. We treat this subject in a dedicated section. We conclude this chapter by summarizing the main advantages and challenges of VPNs.

Introduction

A Virtual Private Network (VPN) is a private network connecting different sites or corporate offices by using public telecommunication infrastructure (Internet) using encryption and tunneling protocol procedures for secured and reliable connectivity. One other definition states that a VPN is a private data network that makes use of the public telecommunications, maintaining privacy through the use of tunneling protocol and security procedures. Others have defined a virtual private network as a network that allows two or more private networks to be connected over a publicly accessed network (Papadimitriou et al., 2004; Metz, 2003; Ferguson and Huston, 1998; Hunt and Rodgers, 2004; Arora et al., 2001).

Type
Chapter
Information
Security of e-Systems and Computer Networks , pp. 274 - 297
Publisher: Cambridge University Press
Print publication year: 2007

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Arora, P., P. R. Vemuganti, and P. Allani (2001). Comparison of VPN Protocols – IPSec, PPTP, and L2TP, Project Report ECE 646, Fall 2001, available at http://ece.gmu.edu/courses/ECE543/reportsF01/arveal.pdf
Bova, R. (2001). VPNs: the time is now? available at: http://intranetjournal.com/articles/200110/vpn_10_03_01a.html
Brahim, H. O., G. Wright, B. Gleeson, R. Bach, T. Sloane, A. Young, R. Bubenik, L. Fang, C. Sargor, C. Weber, I. Negusse, and J. J. Yu (2003). Network based IP VPN architecture using virtual routers, Internet draft <draft-ietf-l3vpn-vpn-vr-00.txt>.
Braun, T., M. Günter, M. Kasumi, and I. Khalil (1999). Virtual Private Network Architecture, CATI Project Deliverable, January 1999, available at http://www.tik.ee.ethz.ch/~cati/deliverables.html
Braun, T., Guenter, M., and Khalil, I. (2001). Management of quality of service enabled VPNs. IEEE Communications Magazine, May 2001, 90–98.CrossRefGoogle Scholar
Cohen, R. (2003). On the establishment of an access VPN in broadband access networks. IEEE Communications Magazine, 156–63, February 2003.CrossRefGoogle Scholar
Ferguson, P. and G. Huston (1998). What is a vpn? White paper; available online at http://www.employees.org/~ferguson
Gleeson, B., Lin, A., Heinanen, J., Armitage, G., and Malis, A. (2000). A Framework for IP Based Virtual Private Networks. RFC 2764, February 2000.Google Scholar
Günter, M. (2001). Virtual private networks over the Internet, available at http://citeseer.nj.nec.com/480338.html
Hanks, S., Li, T., Farinacci, D., and Traina, P. (1994). Generic Routing Encapsulation (GRE). RFC 1701, October 1994.Google Scholar
Harding, A. (2003). SSL virtual private networks. Computers & Security, Volume 22, Issue 5, 416–20.CrossRefGoogle Scholar
Hunt, R. and C. Rodgers (2004). Virtual private networks: strong security at what cost? available at http://citeseer.nj.nec.com/555428.html
Metz, C. (2003). The latest in virtual private networks: part I. IEEE Internet Computing, 87–91, January/February 2003.CrossRefGoogle Scholar
Nicopolitidis, P., Obaidat, M. S., and Papadimitriou, G. I. (2003). Wireless Networks. Wiley.Google Scholar
Papadimitriou, G. I., Obaidat, M. S., Papazoglou, C., and Pomportis, A. S. (2004). Design alternative for virtual private networks. Proceedings of the 2004 Workshop on Electronic Government and Commerce: Design, Modeling, Analysis and Security, CDMA 2004, pp. 35–45, Setubal, Portugal, August 2004.Google Scholar
Papadimitriou, G. I. and Obaidat, M. S. (2006). Virtual private networks (VPNs) basics. In Handbook on Information Security, Vol. 3, Wiley, pp. 596–611.Google Scholar
Pall, G., Verthein, W., Taarud, J., Little, W., and Zorn, G. (1999). Point-to-Point Tunneling Protocol (PPTP), RFC 2637, July 1999.Google Scholar
Patel, B., Aboba, B., Dixon, W., Zorn, G., and Booth, S. (2001). Securing L2TP using IPSec. RFC 3193, November 2001.Google Scholar
Rekhter, Y., Watson, T. J., and Li, T. (1995). A Border Gateway Protocol 4 (BGP-4). RFC 1771, March 1995.Google Scholar
Ribeiro, S., Silva, F., and Zuquete, A. (2004). A Roaming Authentication Solution for WiFi using IPSec VPNs with client certificates. Proceedings of TERENA Networking Conference, June 2004.Google Scholar
Rosenbaum, G., Lau, W., and Jha, S. (2003). Recent directions in virtual private network solutions. Proceedings of the IEEE International Conference on Networks (ICON 2003), September 2003.Google Scholar
Simpson, W. (ed.) (1994). Network Working Group. The Point-to-Point Protocol (PPP), 1661, July 1994.Google Scholar
Srisuresh, P. and Holdrege, M. (1999). IP Network Address Translator (NAT) Terminology and Considerations, RFC 2663, August 1999.Google Scholar
Strayer, W. T. and R. Yuan (2001). Introduction to virtual private networks, available online at http://165.193.123.40/isapi/page~1/sort~6/dir~0/st~%7B62A1DC08-8A24-47CD-B772-E55E08C2D481%7D/articles/index.asp
Tomsu, P. and Wieser, G. (2002). MPLS-Based VPNs – Designing Advanced Virtual Networks. Prentice-Hall.
Townsley, W., Valencia, A., Rubens, A., Pall, G., Zorn, G., and Palter, B. (1999). Layer Two Tunneling Protocols. RFC 2661, August 1999.Google Scholar
Tyson, J. (2006). How virtual private networks work, available at: http://computer.howstuffworks.com/vpn.html.
Wright, M. A. (2000). Virtual private network security. Network Security, volume 2000, Number 7, 11–14.CrossRefGoogle Scholar
Younglove, R. (2000). Virtual private networks: secure access for e-business. IEEE Internet Computing, Volume 4, Number 4, 96.CrossRefGoogle Scholar
Yuan, R. (2002). The VPN client and the windows operating system, available online at: http://165.193.123.40/isapi/page~1/sort~6/dir~0/st~%7B62A1DC08-8A2447CD-B772-E55E08C2D481%7D/articles/index.asp.
Zeng, J. and Ansari, N. (2003). Toward IP virtual private network quality of service: a service provider perspective. IEEE Communications Magazine, April 2003, 113–119.Google Scholar

Save book to Kindle

To save this book to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

Available formats
×