Chapter 7. Remote Access and VPNs

Remote access is an important element in enterprise network management. As more employees telecommute, and access to mission-critical services is required 24x7, VPNs are considered an integral part of a network infrastructure.

A VPN is generally defined as a network that uses the public Internet to transfer traffic in a secure manner, using various encryption protocols. That definition is somewhat limiting as a VPN can be run over private lines, wireless networks, and phone lines as well. A broader definition of VPN is the joining of two or more networks ”or parts of networks ”in different locations, to form a single network. This definition is more inclusive of the types of technologies that may constitute a VPN; it also takes into consideration that not all VPN technologies are encrypted.

From a security perspective, a VPN can be problematic . Network administrators have to go through great pains to keep the network as secure as possible. At the same time, employees have to be allowed remote access from anywhere in the world to the data the administrators are trying to protect. This presents quite a quandary : How do you secure your network from everyone but authorized users, and how do you ensure that the authorized users who access the network remotely are not introducing any potential security holes into the network.