Virtual Private Networks (VPNs)
Need an Internet VPN for business?
Business growth can bring its own problems, especially when it comes to keeping everybody networked together. Expansion brings new sites and offices, sometimes in a completely different city or country. This sort of growth frequently goes hand-in-hand with an increase in demand for remote working, either from home or on-the-move, using mobile technologies.
Virtual Private Networks (VPNs) are a cost effective, and widely used, way to manage this kind of non-local network growth. Whereas a traditional Wide Area Network (WAN) uses a private networking infrastructure, a VPN is a virtualized private network that sits astride either the public Internet, or a major telecoms backbone network (such as the BT IP Network), in order to connect remote sites and users together.
Using the Internet as a virtual backbone in this way can pay dividends in terms of operational costs, rapid implementation and flexibility. It can also help simplify network topologies and enables the consolidation of voice, video and data communication.
These days most businesses will have had some experience of working with VPNs, even if only for providing remote access for mobile workers. As a business changes, however, the opportunities to use VPNs evolve and, as new techniques are coming on stream all the time, it pays to review the situation on a regular basis.
How it works
Broadly speaking, a VPN simulates a private network using the open, public Internet (or a similar, large-scale, shared network like a telecoms backbone). This is achieved through a process of encryption, authentication and virtual tunnelling so that it appears to the user as if the data is being sent over a dedicated, private link.
Internet VPNs for business are usually based on the Internet Protocol (IP), one of the fundamental standards of the Internet, and are therefore sometimes referred to as IPVPNs. In order to emulate the virtual link between two sites, the packets of data are encapsulated within special headers which provide routing information to create a kind of virtual ‘tunnel’ or ‘circuit’ through the public network. To provide security, the data is authenticated and encrypted, usually with a combination of Internet Protocol Security (IPsec) and Generic Routing Encapsulation (GRE) so that a large number of private, virtual circuits can securely and reliably share the public network at any one time.
In situations where a closed telecoms backbone network is used rather than the open Internet, VPNs usually involve the MPLS protocol instead of IPsec ‘tunnels’. These MPLS VPNs are also sometimes referred to as network-based IP VPNs or private VPNs, since they usually use the infrastructure of a single network provider.
There are a number of different extensions to the basic concept of a virtual path depending on circumstances. For example, VPN techniques can also be used to link different Ethernet point-to-point networks [link], together, enabling secure, long distance extensions of an organization’s fibre-based network. This is achieved by linking the p2p to a third party’s Ethernet-based VPN backbone in order to create ‘virtual wires’ or ‘pseudo-wires’ between sites.
Looking at the other end of the scale, VPN techniques can be used to link sites that are based in different countries or even continents. This can be done using dedicated, private, MPLS-based, virtual circuits running on third party international backbones. Alternatively, the public Internet can be used to create IP-based virtual links between VPNs in different countries.
Many organizations choose to enhance their site-to-site VPN with additional infrastructure to allow remote access for home or mobile workers. This can take the form of specialist IPsec VPN client software installed on a laptop or mobile (such as the Cisco AnyConnect® Secure Mobility Client), or use of a Web-based Secure Sockets Layer virtual private network (SSL VPN).
activereach Internet VPN for business
Successfully implementing a company-wide VPN strategy can be complicated and involve assessing a number of potential forms of implementation, supplier and technology. activereach’s expertise, and access to a wide network of partner VPN technology suppliers, IP backbone operators and systems integrators, ensures that we can offer the best independent, vendor-neutral advice and direction.
A well designed VPN solution from activereach will improve employee productivity, enhance corporate data security and allow for flexible, scalable WAN development.
activereach VPN solutions offer:
- Help to design highly secure, efficient, bespoke IPVPN site-to-site, MPLS and remote access network topologies.
- Multi-site connections with operational efficiency and cost savings.
- Designs for long-term growth and maximum operational agility.
- Advice on empowering employees to work from anywhere using secure VPN and mobile access technologies and clients.
- Consultancy on extending a VPN to incorporate international sites and partners.
- Advice on multi-vendor interoperability.
- A wide range of access technologies such as ADSL, Ethernet over Fibre to the Cabinet (EoFTTC), and Ethernet in the first mile (EFM).
- Integration of advanced VPN network intelligence, Quality of Service (QoS) and routing technologies to reliably deliver mission-critical data traffic.
- Highly resilient networks with rigorous Service Level Agreements (SLAs).
- Expertise and advice on VPN equipment procurement including concentrators, optimized routers and firewalls.