330px-Virtual Private Network overview.svg

A VPN allows data to travel securely across an untrusted network. In the Internet age, this means that companies that formerly required leased lines to ensure security can now leverage the public Internet for private communications. It also means that corporate users who travel can connect to a local Internet service provider (ISP) and communicate securely with the corporate network.

he primary advantages of VPNs are reduced costs and improved privacy. Companies can reduce costs by maintaining only a single WAN connection for each remote office—a connection to an ISP. The ISP forwards the traffic across the public Internet, in much the same way that frame relay providers have operated for many years, except at a greatly reduced cost. The VPN technologies included in Windows 2000 ensure that this data cannot be read or modified on its journey to the destination network.

While different VPN technologies vary in their specifics, they have many things in common. All VPNs transport data through a tunnel, as illustrated in Figure 6-4. The tunnel is created between two tunnel endpoints, which agree upon a set of protocols for the tunnel before any payload is transmitted. As data is sent through the tunnel, the frame or packet is encapsulated within another packet. Once the data reaches the opposite endpoint, the data is unencapsulated and processed as if it had been sent from a system on the same LAN.

Community content is available under CC-BY-SA unless otherwise noted.