A virtual private network (VPN) is a network that is completely isolated from the rest of the Internet. VPN provides a functionality to people, businesses, military and governmental organizations to remotely use network resources in a secured manner. Virtual private networks use site-to-site as well as remote access methods to function and are free to use for the most part. VPNs consist of an array of encryption services that allow a secured connection to be formed. A virtual private network (VPN) extends a private network across a public network and enables the users to send and receive the data across shared or public networks as if their computing devices were directly connected to the private network. As a result of this, Applications running across VPN benefit hugely from the functionality, security and management of the private network.
VPNs are extremely beneficial to organizations that are especially situated across multiple geographical locations. VPNs also allow employees to securely access a corporate intranet while they are located outside the office. This feature could be extremely beneficial to Road-warriors who are always moving. Additionally, VPNs are used to securely connect geographically separated offices of an organization, to create one cohesive network.
A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, traffic encryption or virtual tunneling protocols. If we consider a user’s perspective, the resources available within the private network can be accessed remotely. VPN facilitates privacy because the user's initial IP address is replaced with the one from the VPN provider. This process allows the subscribers to attain an IP address from any gateway city that the VPN service provides. For instance, you may be situated in San Francisco, but with a VPN, you can appear to live in Mumbai, New York, or anywhere.
Security with VPN
Security is the main reason why corporations have preferred the use of VPNs for years. There are increasingly simple methods to intercept data traveling to a network. VPNs use advanced encryption protocols and secure tunneling techniques to encapsulate all online data transfers. Most savvy computer users wouldn't dream of connecting to the Internet without a firewall and up-to-date antivirus. Evolving security threats and ever increasing reliance on the Internet makes VPN an essential part of well-rounded security
PPTP - The main selling point of PPTP is that it can be simple to setup. PPTP tunnels form a point-to-point connection over the GRE protocol. Unfortunately, the security of the PPTP protocol has been called into question in recent years. It is strong, but not the most secure.
L2TP/IPsec - L2TP over IPsec is more secure than PPTP and offers more security features. L2TP/IPsec is a way of implementing two protocols together in order to gain the best features of each. In this case, the L2TP protocol is used to create a tunnel and IPsec provides a secure channel. This makes for an impressively secure package. It is a client to site VPN.
Ipsec: IPSec is a site to site VPN and IPSec suite enables advance VPN features. IPSec acts at the network layer, protecting and authenticating IP packets between a Firewall and other participating IPSec devices (peers), such as other Firewalls, routers, the Secure VPN Client and other IPSec-compliant products.
VPN WITH GAJSHIELD
GajShield provides Industry Standard IPSec, L2TP and PPTP VPN along with High Availability for IPSec. GajShield incorporates Strong Authentication with RSA SecureID, VASCO tokens, Radius, LDAP and Active Directory to avoid any kind of interception in the network and the communication. Besides this, a lot of emphasize is given on the Encryption of the data and Authentication of the users aiming to access or transfer the data. GajShield uses DES, 3DES, AES encryption and Hash Algorithms like MD5, SHA1 and SHA2 for encryption purposes and Pre-shared key and Digital Certificates for secured Authentication. Gajshield also supports Internet Key Exchange that is, IKEv1 or IKEv2, (depending on the version) which is the protocol used to setup a security association (SA) in IPSec protocol suite
GajShield aims to further secure the network by providing additional features in VPN like IPSec NAT traversal, Dead Peer detection and PFS support.
IPSec VPN tunnel up/down logs and Active VPN user logs are provided to monitor the details such as IP Address, Status of the VPN and the type of VPN by the users who are connected to the VPN.
- VPN Supported: IPSec, L2TP, PPTP, SSL VPN
- Encryption - 3DES, DES, AES
- Hash Algorithms - MD5, SHA-1, SHA-2
- Authentication - Preshared key, Digital certificates, Xauth
- IPSec NAT Traversal
- Site-Site, Client-Site support
- Dead peer detection and PFS support
- Diffie Hellman Groups - 1,2,5,14,15,16
- External Certificate Authority support
- Export Road Warrior connection configuration
- Domain name support for tunnel end points
- Hardware Token: RSA, Vasco
- VPN connection failover
- In-depth reporting with real time VPN link status
- UserSense authentication support for VPN traffic
- Cloud based policy enforcement for enterprise traffic