Types of VPN

VPN (Virtual Private Network) enables a specific group of users to

access private network data and resources securely over the Internet
or other networks. Although often using public networks, a VPN
inherits the characteristics of a private network, hence the acronym
of "Virtual" Private Network. It's the concurrent use of tunneling,
encryption, authentication and access control over a public network
that basically characterizes a VPN.

VPNs may connect an individual machine and a private network

(client -to-server) or a remote LAN (Local Area Network) and a private
network (server -to-server). To do so, VPNs need: a routed network (to transport data packets),
optionally a tunnel switch (to increase security and versatility) and tunnel terminators (acting like
virtual cable terminators).

VPNs create "virtual" point -to-point connections using a technique called 'tunneling'. As the name
suggests, tunneling acts like a 'pipe', which bores through a network cloud to connect two points.
Typically started by a remote user, the tunneling process encapsulates data and encrypts it into
standard TCP/IP packets, which can then safely travel across the Internet.

Types of VPN Technologies:

Point-to-Point Tunneling Protocol (PPTP)
Introduced in Windows NT 4.0, PPTP leverages Point -to-Point Protocol (PPP) user authentication
and Microsoft Point -to -Point Encryption (MPPE) to encapsulate and encrypt IP, IPX and NetBEUI
traffic. With version 2 of the Microsoft Challenge Handshake Authentication Protocol (MS -CHAP v2)
and strong passwords, PPTP is a secure VPN technology. For non password -based authentication,
Extensible Authentication Protocol -Transport Level Security (EAP-TLS) can be used in Windows 2000
to support smart cards. PPTP is widely supported, easily deployed, and can be used across network
address translators (NATs).

Layer Two Tunneling Protocol (L2TP)

L2TP leverages PPP user authentication and IP Security (IPSec) encryption to encapsulate and
encrypt IP, IPX, and NetBEUI traffic. This combination, known as L2TP/IPSec, uses certificate -based
computer identity authentication to create a secure and encrypted channel (an IPSec security
association), and then uses PPP -based user authentication to create the L2TP tunnel. L2TP/IPSec
provides data integrity and data authentication for each packet. However, L2TP/IPSec requires a
public key infrastructure (PKI) to allocate computer certificates and is only supported by Windows
2000 VPN clients.
IPSec tunnel mode
IPSec tunnel mode uses Encapsulating Security Payload (ESP) in tunnel mode to encapsulate and
encrypt unicast IP traffic. Windows 2000 IPSec tunnel mode is used only for router-to-router VPN
connections because the current IPSec standards do not specify a method for providing user
authentication and address assignment for remote access connections.

What types of VPN exist?

Intranet VPN : This type of VPN is "client transparent". It is usually implemented for networks
within a common network infrastructure but across various physical locations. For instance, several
buildings may be connected to a data center, or a common mainframe application that they can
access securely through private lines. Those VPNs need to be especially secure with strong
encryption and meet strict performance and bandwidth requirements. They must remain easily
upgradeable, since many users may be added to the load down the road (additional locations or
applications).

Remote Access VPN : Here, VPN is "client initiated". It is intended for remote users that need to
connect to their corporate LAN from various points of connections. It is intended for salesmen
equipped with laptops and telecommuters that will connect intermittently from vary diverse
locations (homes, hotels, conference halls...). The key factor here is flexibility, as performance
and bandwidth are usually minimal and less of an issue. More than encryption, authentication will
be the main security concern.

Extranet VPN: In this case VPN uses the Internet as main backbone. It usually addresses a wider
scale of users and locations, enabling customers, suppliers and branch offices to access corporate
resources across various network architectures. They rely on VPN standards such as IPSec to ensure
maximum compatibility while trying not to overly compromise security.

Product Code:
DXMP -801 / DXMP-1600 / DXMP-1700 / DXMP-2600 / DXMP-1761-DXMP1762/ DXMP -2691 -DXMP -
2692 / DXMP -3640B

Click the below links to view the Product Highlights of the above said Dax products.
DXMP -801: https://www.daxnetworks.com/Dax/Products/Router/DXMP-801.htm
DXMP -1600: https://www.daxnetworks.com/Dax/Products/router/dx1600.htm
DXMP -1700 : https://www.daxnetworks.com/Dax/Products/router/dx1704.htm
DXMP -2600: https://www.daxnetworks.com/Dax/Products/router/dx2600.htm
DXMP -1761 / DXMP -1762: https://www.daxnetworks.com/Dax/Products/router/DXMP -1760.htm
DXMP -2691 / DXMP -2692: https://www.daxnetworks.com/Dax/Products/router/dx2690.htm
DXMP -3640B-MF: https://www.daxnetworks.com/Dax/Products/router/DXMP%203640B.htm
Diva LAN Modem : https://www.eicon.com/worldwide/products/dsl/divalan.htm
DX -4044FW : https://www.daxnetworks.com/Dax/PFF/LAN_Extender/Dax%20DX-4044FW.htm

For complete Dax Product information, please visit: https://www.daxnetworks.com/PFF.htm

If you have been forwarded this e-mail and wish to recommend this Newsletter, please click here.

To unsubscribe to this Newsletter, please click here.

www.daxnetworks.com

© 2003 Dax Networks. All rights reserved.