Wat is een VPN? Veilig netwerk op internet

VPNs date back to the 1990s, when the public internet lacked almost any form of security, and the technology was developed to provide secure and cost-effective connections in this insecure environment.

VPNs have been widely deployed in corporate networks and have experienced a surge during the pandemic, when companies have had to scramble to provide secure remote access to employees suddenly working from home.

VPNs are still popular today, but they are also slowly but surely being replaced by more flexible, secure, and granular alternatives such as SD-WAN, Zero Trust Network Architecture (ZTNA), and SASE, a cloud-based Services, including SD-WAN, ZTNA and other security features.Edge computing gateway

What is a VPN?

A virtual private network (VPN) creates a connection over an unsecured network (such as the public Internet) and is designed to be as secure and private as a connection across an internal physical network.

VPNs are most commonly used to securely connect remote workers to a corporate network or to connect multiple remote sites to each other. Another emerging use case is connecting Internet of Things (IoT) devices to the network.

How does a VPN work?

In a typical scenario, end users will deploy a VPN client (a software program on their computer or device) to connect to a VPN server, which manages the connection between the client device and the network to which they are connected.

From a client perspective, installing a VPN is simple. MacOS, Windows, iOS, and Android come with built-in VPN clients, and other client programs with more features and options are available for free. However, these clients need to connect to a VPN server, a more complex (and expensive) tool typically installed by corporate IT departments.

Once a connection is established, the end user’s computer appears to other devices it interacts with as if it were part of the network. If there are internal file servers or other dedicated resources on the network, end users will be able to access them.

If end users try to access resources on the public Internet, their network traffic must pass through the private network they are connected to. For example, let’s say you’re physically in the United States and you use a VPN to access your company’s private network in Canada.

If you then open a web browser and start visiting various websites, Internet traffic will be routed through your company’s Canadian offices, even if the server you access is located in the United States. From the perspective of these web servers, it appears that you are in Canada, with an IP address assigned by your corporate network.

This can lead to inefficiencies in network traffic, but also has advantages in terms of privacy and access to restricted sites.

What is a VPN tunnel?

Network packets moving from client computers to the corporate network travel over the open Internet. While this traffic may be encrypted in some way (perhaps via SSL/TLS), this is not always the case. Packet headers will contain the routing information needed to get them to their destination, which can reveal potentially sensitive information about their destination network.

This means that such a connection is not necessarily secure, which is what VPN tunnels are designed to solve.

A VPN creates a (metaphorical) tunnel between a client and a server by encrypting network packets (including their headers) and including them within other packets. “External” packets have headers that contain information explaining how to route them from the VPN client to the server and vice versa.

Once the packet reaches the VPN server, the server decrypts it to look for “internal” packets. The header of this internal packet has routing information used to navigate the corporate network. That’s why from the perspective of the client and other clients on the private network, it’s as if the client is in the same building or campus.

VPN protocols: IPSec and SSL

While all VPNs follow the same basic pattern, there are a variety of implementations that use different underlying technologies – for example, they can use different types of encryption, or can operate on different layers of the OSI model.

If end users in remote offices want to access internal corporate resources, they may use an IPSec VPN. IPSec is the original protocol used for VPNs and runs on the same OSI layer as the IP protocol. This connection will allow clients to access all company resources as if they were in the office, including shared drives, applications and other assets.

Clients, on the other hand, can use SSL VPN, which operates on the transport layer instead. This type of VPN typically provides connectivity to a single application rather than the entire internal network. These VPNs can be built into web browsers and used to access company intranets.

SSL VPNs are becoming increasingly popular because the SSL protocol requires fewer computing resources and gives IT more control over what remote users can or cannot see. Restricting access to a specific set of applications can protect organizations if a user’s device is compromised. There are many other VPN protocols, some of which are open standards and some of which are proprietary.

What are the benefits of VPN?

A VPN can provide a secure connection over the open Internet to access resources that require access beyond the capabilities of standard Internet protocols. If you need to access sensitive files or other resources remotely, a VPN can be one of the best tools available. A VPN also makes the remote computer behave (from a network perspective) like an equal partner on the internal network.

In fact, a VPN can also use the same technology to combine two or more networks into one instead of one computer, making the separate private networks act like one.

Another use of a VPN is to improve privacy. In our scenario, a US VPN client connects to its Canadian office and obtains a Canadian IP address, which allows the client to browse the web while obfuscating its true location.

This helps users cover their tracks online and bypass government-imposed access restrictions. It also allows users to access content that may be prohibited or blocked in their locale.

Can I use a VPN for free?

If you use a VPN to connect to a company network, you can usually do so for free because your employer will set up the server you will connect to. But what if you want to use a VPN for its security or locale obfuscation qualities, but don’t have a server to connect to? There are a variety of commercial VPN services that meet these needs.

Some are free, but they often make money by bombarding you with intrusive ads or selling your browsing data—invading the privacy you seek to protect. Instead, check out trusted paid services, many of which offer free trials and reasonable prices.

What types of VPN are there?

The two main categories are remote access VPNs, which connect individual devices to a private network, and site-to-site VPNs, which connect networks to each other.

Remote access VPN

Remote access VPNs are the most common type. They allow users to access corporate resources even if they are not directly connected to the corporate network. Remote access VPNs are typically temporary connections that are closed while the user completes whatever task they are working on.

The secure tunnel between the user endpoint and the private network is established with some kind of authentication – password, token, biometric. Sometimes the username and password are embedded in the VPN software located on the user’s endpoint to make it easy for the user to connect, but there is always some form of authentication.

Pros: The benefit of using a remote access VPN is that workers can connect to any company resource regardless of their location and without a dedicated physical circuit. This reduces costs but also enables connectivity that was previously unavailable.

Disadvantages: The disadvantage of remote access over a VPN is that performance can vary greatly based on a variety of factors. This includes the Internet service or encryption method being used, or the endpoint to which the user is connecting. For example, workers connecting via residential fiber may have much better performance than establishing a VPN session from a hotel via shared Wi-Fi. Unfortunately, these problems are often far beyond the control of the company’s IT department.

Any enterprise service can be accessed through a remote access VPN, and most will work fine. However, applications that consume large amounts of bandwidth (such as video) or have low latency requirements (such as Voice over IP (VoIP)) may perform erratically.

Neem contact met ons op