|
VPN one of the safest ways to connect from one computer to another
computer across the internet. |
VPN -
Virtual Personal Network is a special protocol (a protocol is a set of
parameters that define how a network will send and receive data) that allows you
to connect from one location to another location and no one else can use it.
But wait there's more! How do you use a Virtual Personal Network, who would use
it, how do you
secure a Virtual Personal Network? Loads of questions for me to give you answers on.
First a little theory - (got ya huh?) ok, a story will work just as
well.
You travel a lot for your business, while you are 'on the road' you connect
to your company with a dial up to get email and send in reports, what a pain
because it is slow.
So your company IT
department had this great idea, use Virtual Personal Network to connect to the business network from
anywhere there is a connection, dial up, WiFi, cable, you connect to the WWW
(World Wide Web) and vola' you have high speed access to the company network.
Oppps, the
hackers came in your back door while you weren't looking. Back to the IT
department for some security.
Dial up connections are very slow although they tend to be more secure because
of the method that the connection uses. A dial up connection will be short term
and each time you connect you will be issued a different IP. Now this is not to
say that you can not pick up a virus because the protocol of dial up will not
stop a virus from being downloaded.
The 5 Steps to high quality and cheap
DIY Computer Repairs
Get It Today...
|
|
When high speed networking became widely available along came a new threat,
that is the fact that once you connect you leave your connection on all the
time, 24/7. What a haven for the unscrupulous it gives them the time they need
to hack in to a computer.
Along with the high speed networking came the need for
a way to connect from one computer to another with out broadcasting your
data to the www.
In simple terms you connect to the www and then to your final
destination, think of it as a pipe inside a pipe. The main pipe is the www, the
private pipe is your VPN. The problem arises when you connect with out security.
You must have a way to secure your data from theft and the insertion of
unwanted data such as a virus, spyware, or a trojan that would compromise your
business network.
So where do you get a VPN?
You can get a Virtual Personal
Network for free, it is one of the protocols that come with the
network when your Windows Operating System is installed.
How hard is it to setup?
Setting up the Virtual Personal
Network is not difficult,
although time consuming and tedious but not hard.
Is it expensive?
No the actual Virtual Personal Network is free, the security is a different matter. The built in
security at this time is what is know as 16 bit encryption and is part of the
network installation. The encryption keys are generated when the VPN is setup.
(With Windows XP SP3 and newer Operating Systems Microsoft has increased the
encryption to 128 bit, stronger but still hackable).
The encryption generator is available for anyone with the knowledge of
programming can figure out all the available keys for all the Virtual Personal
Network's for the
version of the Operating System you are using.
Not very secure, you need a stronger encryption program. These are not cheap
but then how much would it cost you to restore your Identity and credit? In
other words how much is your data worth to a thief?
Why is the encryption expensive?
The Virtual Personal Network encryption program comes with two parts, the Host, and the Client.
The Host is the software for the business network or server that hosts the
Virtual Personal Network
for all the local network. The Client is on your computer and is the software
that encrypts your data for transmission to the Host.
Once the host has the data it will decrypt it and send it where it needs to
go. On the return the Host will encrypt the data then transmit it to your
client, then your client will decrypt the data for you to use.
These encryption processes can be either software or hardware, and are known
as
appliances. The hardware appliance is the more expensive solution but it would be harder
for a criminal to hack in to and even if they could manage to hack in to it they
could not change anything, that is the nature of hardware. Software would be
easier to hack and change but with the proper safe guards it would be hard to
hack also.
In my research for this article I found solutions that run from a base price
of just over $300 for a single client / host setup to $15 per client per month
to over $10,000 for a hardware appliance solution.
Consider this, if cost is an issue then the cheaper solution may work if you
do not stay connected for long periods of time.
Say your company sends out reps once a month and they are in the field for
only a day or two at the most. While they are in the field they only connect to
the business network to get email and send in reports. A short term session,
this would not allow a hacker time to find the Virtual Personal Network, grab enough data and decrypt
it before the rep signed off the VPN.
If your company allows it's employees to work from home then cheap will not
do. Because an employee will connect in the morning and stay connected all day,
that is long enough for a hacker to find the VPN, collect some data, then begin
the cracking process to find the key to the VPN. So your solution would have to
have more safeguards and these cost money.
A company I worked for allowed it's employees to work from home. The security
had three levels. The Client had a key that was created when the encryption
software was installed. Then the user had a device that was called a 'Secure
ID', then the user had a special password.
The process worked like this:
I want to connect to the company network across the internet, I open the Virtual Personal Network, the VPN software
asks for a password (this is not the password to log on to the computer), then
the VPN will connect to a host that is not part of the company network, this
host will ask for the Secure ID number, then you log on to the company network.
A Secure ID is a special device that has a radio receiver and an encryption
device built in to it. The host company will broadcast an encrypted signal every
minute.
The receiver takes this signal and sends it to the encryption device, then it
will decrypt the signal and then display the numbers on the display. You have
one minute to use that number, if it changes while your are typing it in
the system will not let you log on and then you have to start all over again.
Once you enter the correct number from the Secure ID then you are allowed to go
to the log on for the company network. Secure not easy to hack, hard to setup.
It is your data and how long you keep it yours
depends on how you protect it.
Happy VPNing!
If you would like to learn more about the VPN - Virtual
Personal Network world have a look at my
E-Course on
VPN or Virtual Computing.
Once you complete the short e-course you will want to setup a Virtual Personal Network Server,
here is how.
|
Proudly Made in The U. S. A.
www.diy-computer-repair.net