VPN is an abbreviation for “Virtual Private Network”, which means “virtual private line”. You can set up a virtual leased line on the Internet and exchange data using a secure security route. The image is like realizing a private network on a public network called the Internet. By using a VPN, you can protect your information from threats such as data eavesdropping and tampering.
There are two main methods for building a VPN: “Internet VPN” and “IP-VPN”.
Internet VPN uses a general internet line. It can be built at a low cost by using the existing network, the Internet. Internet VPNs can also be further divided into several types.
IPsec is an abbreviation for IP Security Architecture. It is a technology or mechanism that encrypts for secure communication on the Internet. Even if the communication content is eavesdropped on, it is encrypted, ensuring security without decrypting the content.
It is a method to protect the communication contents by encrypting like IPsec. The difference from IPsec is that IPsec-VPN is implemented at the network layer, while SSL-VPN is implemented at the session layer. Therefore, IPsec can be used without depending on higher-level application protocols such as HTTP and SMTP.
On the other hand, SSL-VPN needs to support SSL for each application such as HTTP and POP. HTTPS for HTTP, POP over SSL for POP, etc.
In order to install IPsec-VPN, it is necessary to install the same dedicated software for the recipient and the sender. Once the environment is set up, you can communicate at a relatively high speed. With SSL-VPN, if you use an application that supports SSL, you do not need to install new software for SSL-VPN. For this reason, the burden at the time of installation can be minimized, but the speed is slower than IPsec because it goes through a compatible application.
L2TP / IPsec
Formally, it is called “L2TP over IPsec VPN”. L2TP stands for “Layer 2 Tunneling Protocol”. A tunneling protocol realizes a VPN connection between networks. L2TP itself does not have an encryption mechanism, but when used in combination with IPsec, it encrypts the communication content and ensures the confidentiality and integrity of the data.
PPTP (Point-to-Point Tunneling Protocol) is also one of the methods for building a VPN. The difference between PPTP and IPsec is the number of tunnels used to send and receive data. In PPTP, both transmission and reception are performed in one VPN tunnel, and only one VPN tunnel is created. On the other hand, IPsec creates separate tunnels for transmission and reception. PPTP has been advocated by Microsoft, so it has a high affinity with Windows and you can easily build a VPN.
Another type of VPN is IP-VPN. IP-VPN is a VPN that uses a closed network prepared by a major telecommunications carrier.
By using a closed network, security is enhanced and there is no risk of information leakage or eavesdropping. Therefore, it is superior to Internet VPN in terms of communication speed stability and security.
IP-VPN uses a technology called MPLS (Multi-Protocol Label Switching). By adding two types of headers called labels, the data transfer path and network are identified.
Types of Data Encryption
Another important point while using VPN is encryption. There are different types of encryption to protect the privacy of the information on the internet. Information encryption has a very important function to protect activity and the information that people exchange, the data that they publish, and all their activity when internet users browse the internet.
The types of ciphers are a system widely used by applications that users use regularly but do not always understand how they work. In general, all your data converts into a cipher with a help of a key. In order to get useful information from such data, you need to have that specific key. Cryptographic algorithms can be divided into two categories.
The symmetrical encryption method uses the same key on both sides while transmitting the data. It is also called a public key. It means that both sender and recipient share the same encryption key in advance. One side needs a key to encrypt the information and send it and the other uses that key to decrypt the data. However, it is less “safe” and more “inconvenient” because anyone can see the code.
There is a chance that such a key may go into the hands of a third party and all the data will be decrypted. It could be a perfect option to receive an encrypted symmetric key together with data but another side will not have the way to get it to decode the rest of the data. The main benefit of symmetric encryption is the speed of sending and receiving information. It does not require a lot of computing performance to process data transmission, encryption, and decryption.
Asymmetric encryption attempts to solve this security challenge by giving both sender and the recipient one separate key. Such a key is also called private. With this method, asymmetric encryption contains two types of keys. The public one distributes to anyone, while the private one is kept and protected by the reliable trusted party. As a result, information encrypts with the public key that everyone has. While to decrypt and receive valuable information you need a private key. Such an encryption method greatly increases the safety and protection while you browse the internet with a VPN.
However, the main disadvantage of asymmetric encryption is the speed. It takes more time to transmit all the necessary data from sender to recipient. Additionally, it requires more computing performance to process data transmission, encryption, and decryption.
Another method that some VPN use to encrypt the data is Hybrid. Its main purpose is to eliminate the disadvantages of two previous encryption methods and to take only their advantages. As a result, this new method is a combination of asymmetric and symmetric encryptions technologies.
In the beginning, the public key is created to protect the data with symmetric encryption. Then, the public key is asymmetrically encrypted with the recipient’s public key. After that, it transmits to the recipient. As a result, it is much more complicated to crack such encryption and it does not require many resources what makes data transmission faster.
Advantages of VPN
Before the advent of VPNs, leased lines were used to securely access internal networks from the outside. However, while the leased line guarantees bandwidth and security, it costs more depending on the distance and communication speed of the line, and since it is a one-to-one communication, it also requires costs to connect between multiple bases.
By using the Internet or a closed network with a VPN, the cost is only the provider’s usage fee and line cost, so it can be introduced at a lower cost than a dedicated line. Here are the benefits you can get with a VPN.
- A LAN can be constructed in a pseudo manner without being physically restricted;
- You can use the Internet without knowing your IP address;
- Achieves security close to that of a leased line at a lower cost than a leased line;
- You can use encrypted lines such as free Wi-Fi.
Relationship between VPN and Free Wi-Fi
Free Wi-Fi services are becoming more widespread in cafes and commercial facilities in the city. Free Wi-Fi services are also public services and may be unencrypted or have a low level of authentication. Therefore, there is a risk that the communication content may be eavesdropped or tampered with. It is also possible that a malicious third party has exposed and is waiting for a malicious Wi-Fi access point.
VPN is an effective countermeasure. When using free Wi-Fi, you can use free Wi-Fi in a secure environment by building a VPN tunnel and encrypting the communication content.