Evaluate

Determining efficient VPN solutions, encryption options

Various virtual private network solutions based on different network protocols are outlined for easy comparison in determining the most efficient solution and encryption scheme.

Lisa Phifer

Core Competence

Follow:

There are many definitions of "virtual private network," and not all VPNs use end-to-end encryption. For examp...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

le:

VPNs based on Multi-Protocol Label Switching (MPLS) carve virtual switched paths out of the provider's network to carry customer traffic between edge routers. MPLS does not provide data encryption, but can be used in conjunction with IPsec when encryption is required.

VPNs based on the Layer Two Tunneling Protocol (L2TP) relay dial-up (PPP) sessions terminated by an ISP's Network Access Server to an L2TP Gateway at the customer's network. L2TP does not provide data encryption, but is commonly used over IPsec transport mode to provide confidentiality (for example, within Windows XP/2000).

Network-based IPsec VPN services often use a carrier-class VPN switch at the provider's point of presence (POP) to initiate and terminate VPN tunnels across the provider's backbone. The "tail circuit" between the customer's premises and the provider's POP (for example, a dedicated T1 link or a Frame Relay PVC) may or may not be encrypted.

If you require end-to-end confidentiality from your VPN service -- that is, encryption from customer premises to customer premises, without any point in the middle at which your data is cleartext -- then it's important to explicitly look for a secure VPN service that provides this. For example, most managed IPsec VPN services can deliver end-to-end encryption. But whether or not they actually do encrypt end-to-end is determined by the VPN's security policy configuration.

This question was asked at Ask the Experts on SearchNetworking.com.

About the author: Lisa Phifer is president and co-owner of Core Competence, a consulting firm focused on business use of emerging network and security technologies. At Core Competence, Lisa draws upon her 27 years of network design, implementation and testing experience to provide a range of services, from vulnerability assessment and product evaluation to user education and white paper development. She has advised companies large and small regarding the use of network technologies and security best practices to manage risk and meet business needs. Lisa teaches and writes extensively about a wide range of technologies, from wireless/mobile security and intrusion prevention to virtual private networking and network access control. She is also a site expert to SearchMobileComputing.com and SearchNetworking.com.

This was last published in June 2009

The best VPNs for enterprise use

What's the best type of VPN for connecting an acquired company?

5 connectivity tar pits you can avoid with a strong VPN

What WAN connectivity options are better than MPLS VPNs, overall?

5 connectivity tar pits you can avoid with a strong VPN

Site-to-site SSL VPN: Only when IPsec VPN isn't possible

Enterprises move to hybrid WANs with Ethernet services and MPLS IP VPNs

As legislation passes, enterprises need to get VPN ready

Layer 3 VPN architectures

MPLS VPN basics

Building VPNs around Windows 2003

How to set up a VPN: A step-by-step guide

The best VPNs for enterprise use

Hardware vs. software VPNs: Choose the right enterprise solution

How to find a VPN firewall solution for your enterprise

Certes Networks offers 10 Gbps variable speed network encryptor CEP10G

How to calculate the cost of VPN links

How to find a VPN firewall solution for your enterprise

How will SSL VPNs evolve in order to address security concerns?

Using a VPN is crucial for WAN managers trying to secure road warriors

What's the best type of VPN for connecting an acquired company?

What WAN connectivity options are better than MPLS VPNs, overall?

How to calculate the cost of VPN links

Hardware vs. software VPNs: Choose the right enterprise solution

Please create a username to comment.

Router security options advised following U.S. hacker alert

Analyst balks at blockchain distributed ledger in networking

Network-as-a-service market blossoms as demands grow

Twilio SIM cards simplify IoT connectivity

Cisco Webex Teams to replace Spark platform

Google Cloud speech-to-text service gets revamp

5G service lifecycle automation may be key to business cases

Operators invest billions, hope in 5G wireless technology

Three-step network strategy sells big changes as more doable

128 Technology delivers routing software, SD-WAN on white box

SD-WAN benefits the changing network connectivity landscape

MEF launches SDN certification and specs for Presto APIs

Related Resources

Dig Deeper on VPN design

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.