Creato da
Share My Page
My Social Accounts
Account FaceBook Account LinkedIn Account Twitter Account Google Plus Account Git Hub

VPN stands for virtual private network connectivity, and then calls on a shared infrastructure to deal with the network (virtual and distributed) as a private network.This makes it possible to adopt policies (routing, quality management, safety, reliability) of the private type.

A private network is a network where there are canals used only for that particular network: there are no channels then shared among multiple networks. VPNs create virtual channels directly between destinations that are not physically in the same private network. With VPN you can not have guarantees even on private networks. VPNs exist because the costs of running a real private network between physically distant hosts are too high.
VPNs are usually used on the Internet, so that hosts see some recipients as directed, even if in reality they are not really in the same network.
To manage the VPN are necessary additional equipment, but generally lead to a considerable saving in economic terms. Very often the router (upper-middle class) are used to manage their VPNs and firewalls required.

Create a VPN is not a simple problem, because you can have many complications. For example, you may be able to connect to a VPN also mobile users or remote users who do not have VPN router, or remote office far away.
All users, when you want to connect to the VPN are requesting access to a firewall, which, after consultation with a AAA server (Authenthication, Authorization, Accounting) does several things:
-Allows or denies access to the VPN.
-Defines the services to which the user is authorized.
-Measures the consumption of resources by users.

Types of VPN
-Access VPN, enable the connection of individual devices.Virtualize then dial-up networks. There are several management protocols PPTP, L2TP.
VPN site-to site, enabling the virtualization of dedicated channels. IPsec, GRE, MPLS.

VPN Functionality
Intranet-VPN allows connection of all resources within the VPN. (Site to Site). It requires secure connection (encryption), traffic prioritization (eg different priorities depending on the data that pass), scalability. And 'need a firewall that allows access to certain resources depending on the type of user.
Extranet-VPN allows the sharing of some features from several companies.
Remote-access VPN allows access to remote users. (VPN access).
Internet-access VPN allows a VPN connection to an external network. The connection can be of two types:
- Centralized access to the internet, in which access to the internet network takes place through a central server for the entire network. In this way you can filter traffic in a very careful and avoid unwanted access to the network.
- Internet access voluntary, where access is distributed among the network users.

Models of VPN
From the organizational point of view the VPN can be managed in two ways:
-Model is the overlay of virtual network overlay on the physical network. In this way the ISP does not know the existence of the VPN (unless snidi packets). In this way, but we must use some appliances (VPN gateway) that know each other. In addition, the routing within the VPN is against those who create the VPN. Some examples are L2TP, PPTP (VPN access), IPSec, GRE (VPN site to site).
-Peer model leaves the task to manage the VPN ISP, which then handles the routing also. Can not be done peer access networks as well, because users can not connect in a dynamic way. An example is given by MPLS VPN peers (VPN Site to site). Pears in the model there are two entities: The Provider Edge (PE), the first device on the network provider, and the Customer Edge (CE), the last router before the network user.

VPN Topologies
The choice depends on the topology of a network traffic (depending on whether the traffic is mainly between hosts or between hosts and the central server). Some typical topologies are:
Hub cops-and involves the implementation of a star topology, in which the hosts are connected to a set of servers to a central location. The routing is sub-optimal (each packet is always delivered in two steps), but not always be fast. Is there a minimum number of tunnels, but the gateway of the central office can often be blocked.
-Mesh does not require a particular topology: all hosts you can connect with other hosts. In this way one can optimize routing (although results onerous calculate the routing tables), but it can have a very high number of tunnels.

Average (1 Vote)
The average rating is 5.0 stars out of 5.