Internet-Based VPN

One might say that these Internet-based data VPNs are the same as voice VPNs, but different at the same time. The philosophical point is that a dedicated network will be overbuilt in some areas and underbuilt in others. A shared network offers the hope that we can spread the overall cost out while getting the benefits of a private network. Historically, this accounts for the popularity of shared data networks beginning with X.25, Frame Relay, ATM, and now the Internet. The Internet has become a popular, low-cost backbone infrastructure.

Because of its ubiquity, many companies now want to use a secure Virtual Private Network (VPN) over the public Internet. The challenge in designing a VPN is to exploit the technologies for both intracompany and intercompany communication while still providing security. Of course the rule of thumb we now use in an Internet Protocol (IP) network is "IP on everything." A VPN is an extension of an organization's private intranet across a public network (that is, the Internet), creating a secure connection essentially through a tunnel. VPNs securely convey information across the Internet connecting remote users, branch offices, and business partners into the corporate network. Figure 4-1 is a graphic depiction of an Internet-based VPN.

Figure 4-1: Tunnels provide secure access for VPNs.

VPNs are owned by the carriers, but used by corporate customers, as though the customers owned them. A VPN is a secure connection that offers the privacy and management controls of a...