In This Chapter

A VPN enables organizations to provide secured access to the services and resources provided on a local network to authenticated remote users over the public Internet.

A VPN is an encrypted link between two networks that offers the security of a private network at a much lower cost than paying for a dedicated phone line to the remote user. It's a virtual private network in the sense that it uses a low-cost shared network to create a secured link by using encryption, often described as a tunnel that the encrypted traffic passes through.

In addition to supporting individual remote users, a VPN can also be used to establish secure communications between two remote sites, enabling both sides to use their existing Internet access to set up a secure link between the two locations without needing a secondary and expensive dedicated line.

VPNs solve a range of security problems for remote users. Although a firewall can be used to limit access to specific services to outside users, the traffic allowed to pass through the firewall to a remote user must then travel over a public network, where it may be possible to either snoop on the traffic or modify it before it reaches the intended user. False transmissions may also be forged to appear to come from a trusted, known user.

Transport-level authentication, such as SSL/TLS, can be used to secure specific network communications, ...