Subject code: CNW101 VPN network

Here, scenario is two companies have internet facilities and wants to create a
communication between them. These companies just does not want to establish network between
them but also wants to full all the major security issue to get rid from threats. They want such
resource that would be for everyone to achieve which would conduct fewer prototypes of data.
Through these network they have security issue of VPN which also known as “Virtual Private
Network”.

These companies want to establish the VPN technology in their network. Functioning
procedure is excellence and also security of this technology is good. It has got different security
procedure which makes network protocol more secure so these companies require this
technology.

How its work, what are its properties, what are security issue it can handle, its drawbacks
and how can we overcome it. These are the issue to be discussed and to judge how much
applicable is this technology for this companies.

1. VPN:

This technology is known as VPN. It is also a private data communication that makes
advantage of people telecommunication architecture and balance privacy from the use of a tunnel
protocols and secure procedure.

Its goal is to remove very high budget in network protocol.

Virtual Private Network

1
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

This is connection in VPN network in tow different ways:

1. Shared public network: In this connection VPN protocol is made in public network or
internet.

2. Logical equivalent: in this connection VPN protocol is establish between tow servers.

Some major function of VPN:

• For long distance dial-up with internet service VPN can be applicable.

• VPN has got different types of properties to create a safe network protocol.

• VPN has got different techniques and methods to increase the speed of network in
internet services.

So these are some of function of VPN or advantages that is very useful to these
companies.

Components for VPN:

1. VPN server:

System which accepts a VPN service from client then these clients can be said as VPN
server. This is done so data coming in server will not be threatened.

2
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

2. Tunnel:

Tunnel is some part of connection in which data are encapsulated. This procedure
increases confidential of data through transmission.

3. VPN client:

VPN client are those which can have access to VPN network like server. So VPN server
can be said as VPN client and it can be a individual node in network or router.

4. VPN connection:

In network protocol where there is data encapsulation and encryption in any stage of
network then that is called VPN connections.

Properties of VPN network:

Above we have discussed about components, connection and functions of VPN network
and there are properties of VPN network which can be classified into four groups:

1. Encapsulation:

Encapsulation is procedure to enclose a data so it doesn’t get any external interference. In

VPN private data is encapsulated with a header that contains routing information which allows
data to travel transit network or encapsulates data passing in two or more network devices not on
same private network.

2. Authentication:

In VPN technology authentication task can be classified into 3 different stages and they are
listed below:

• User level authentication by using PPP authentication:

This procedure is to create a VPN connection, in which VPN server authenticates, clients
only which is connected through Point –to- Point network is user-level using acceptance methods
which also makes sure VPN clients has appropriate authorization.

In this process if mutual authentication is used, VPN clients also access VPN server in
which it protect computer and makes like VPN server.

3
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

• Authentication by Internet Key Exchanges:

Conducting Internet Protocol secure (IPs), VPN server, clients used IKE for interchange
electronic data or pre-distributed key or in cases VPN clients or server authenticates each other
in computer stage. Here computer certification authentication is important because it is strong
authentication process. Here, this computer stage authentication is only performing for L2TP/
IPSec connection.

• Data origin authentication and integrity:

This procedure identifies data transferred on VPN a connection which is originated at last
end of connection and not changed in transmits. Here data consist checksum base encryption key
which is represent by sender and receiver.

3. Data encryption:

For highly confidentiality of data while transmitting through network when data send by
sender it is encrypted and receiver decrypted it to see it.

So this encrypts and decrypt is done by sender and receiver base on encryption key. The
intercepted packets when is send through VPN they are not readable to anyone who doesn’t have
any common encryption key. For this it needs lot computing power and computing period as
encrypt key get larger.

4. Address allocation:

The process of assigning remote clients address dynamically or statically. Each clients are
given a address in network that address become part of VPN client network. Addressing
elements like Subnetting, Supernetting or Network Address Translation (NAT) which is applied
to obtained address of clients in VPN network. Here NAT only is not used only for assigning
address but also can be use for secure data transmission in network.

4
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

Addressing location in VPN network

Types of address allocation:

Dynamic Address Assignment:

In this address location IP address are assigned dynamically. For this assigning DHCP
server is required. DHCP server will automatically assign address in dynamic form.

Static Address Assignment:

In this location IP address is assigned form the mass of address. Here IP for network is
statically assign as assigned in internet.

2.

VPN technology can be use for secure premises of data transferring in network. It has lots
of security technique which is much applicable. So this VPN technology can be set up in both
internet based connection and intranet based connection.

5
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

Hybrid is a known as different kinds of protocol which are connected to establish a

information system. So in this kind of network protocol we can take a maximum efficiency using
VPN in hybrid network. Some of the benefit using hybrid internet VPN connection:

• Remote access VPN in internet:

VPN connection is also known as router-to-router connection. This connection

provides connection between local offices or connection between two nodes through
public network. This network point-to-point network between client node or organization
server but in internet is less used due to its appearance logical as data send towards
dedicated personal link.

• Site-to-site VPN:

It is also called router-to-router VPN connection or connecting between different offices or

connecting between hybrid and public network ensuring security of network. This kind of
network VPN are connected two portion of a personal network in which VPN server gives routed
link to those network that are attached to server of VPN.

6
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

• Connecting network over the internet:

When data is transferred in network a data chunks are send to next router through the VPN
link in this procedure VPN works as a data-link layer. The detail is shown in diagram.

Now for Intranet VPN connection:

Connection of network over an intranet:

The major factor of connecting VPN technology over an intranet is when human resource
department is physically unavailable from whole organization’s intranet in such case which
secure department’s data for those users who are physically linked to different part.

Here its server job is not to provide direct connection between the router and separate
network segments. Here client VPN can connect which server and can achieve access to protect
resource of delicate department. And data across VPN is encrypted for data confidentiality for
strong secure premises. To those who have no permission to access VPN network it is separate
network segment which is hidden from external viewers.

7
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

3. Security issue of VPN:

It has different kinds of security according which connections in VPN technology.

According to network protocol security is exist. Every connection of VPN network doesn’t have
same properties for security issues. Some of major security is listed below:

• User authentication:

Here authentication has two factors computer authentication and user authentication.

Computer authentication: In VPN client and server which established through

exchange of system or computer is certified IPSec phase 1 and Phase 2 then agreement
happens and IPSec is formed and accessible encryption form, hash algorithm and encryption
keys. These components are essential for computer authentication.

User- level authentication: It transfers to Point-to-Point network through PPTP

route then remote users or specified dial router which request VPN connection must be
authenticated.

• Tunnel authentication:

VPN technology provides tunnel authentication in network through L2TP. It

provides a path to authenticate at end point of an network tunnel create process which is
called tunnel authentication.

• Encryption procedure:

Encryption procedure is determined by creating of IPSec.

This IPSec is designed for purpose of protecting data. The data are encrypted and
send to network so data won’t be lost or mishandle.
8
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

• Data encryption in VPN server and client:

It is most necessary protect data to get misplaced or corrupted. Here IPSec has
different kind of key for such encryption methods. So main function of VPN technology is to
create an encryption in data between VPN client and server. But this procedure is not
required between network path between dial-ups client and ISP.

• Packet filtering:

As PPTP-based VPN connection, when access amount of data is passed to different

addresses in publics or shared network. Forwarding such connection between networks then
internet causes server to move all IP traffic from all shard and internet to entire network. So
to protect intranet and data traffic which are not send by VPN client, so we must go through
filtering.

• Authorization:

In VPN technology only those clients and router are implemented without
authorization. Authorizations are given according to the database and data contain in
network. Different types of components i.e. IPSec gives authorization in VPN network to
routers and clients. This procedure can secure data from illegal viewing.

Some of major function in which security works when connection time:

 Here VPN clients establish a PPTP tunnel with VPN sever.

 Server sends message to clients.

 Clients send encrypted acknowledgement to server.

 Server checks response against clients accounts database.

9
Name: Navin Singh Thapa
Id number: 1801T3090101
Subject code: CNW101 VPN network

 If account is valid or is genuine then that connection is authorized and server accepts
remote access polices and user account properties for the VPN client. After this
authorization it will give full access to connect with client VPN.

So this is the overview properties of VPN technology. This research shows all
properties of VPN technology. The above research says that it is best to collaborate with
VPN during intranet protocol development. Security is major advantage of this technology.

So for data protection, client backup recovery and acceleration of network this
technology is best. And recommendation for this technology is best for these companies to
add VPN technology to their intranet system.

References: http://www.scribd.com/doc/40327894/Reasearch-on-VPN-Connection

http://technet.microsoft.com/en-us/library/cc772120(WS.10).aspx

http://technet.microsoft.com/en-us/library/cc958052.aspx

http://technet.microsoft.com/en-us/library/cc958052.aspx

10
Name: Navin Singh Thapa
Id number: 1801T3090101