Inet2000's Virtual Private Network
 
VPNs create secure connections to your Local or Wide Area office network for far less than dedicated lines.

Virtual private network: A secure connection between two parts of a private network that uses a public network such as the Internet to reduce costs.

You work even when you're out of the office. While you're on the road or working from home, you need access to your files, e-mail, and databases. Dialing directly into your office's server is one solution, but it's expensive and comes with perennial support problems. Sending files over the Internet is easy, but you never know who might be snooping. So why not take your network with you? You can have secure access to your business network for the cost of a local phone call, using the Internet and a virtual private network. And forget about installation headaches--you can just get Inet2000 to manage the VPN for you. A VPN:

  • Creates a secure connection to your business network for branch offices and telecommuters.

  • Costs as much as 70 percent less than traditional dial-up and modem access.

  • Can run over a variety of networks, including the Internet.

A VPN is a secure connection between two segments of a network, with one end being your office's network gateway (an entrance to the network, such as a router), and the other end being your PC or a gateway to another network, say, in a remote office. Those two segments connect over a public network, usually the Internet. A VPN requires two technologies to create such a secure connection: tunneling and encryption.

Click here for full image.

Tunneling lets the two ends of the VPN communicate across the Internet. Since the Internet doesn't speak the same language as your network does, a tunnel packages the data you're sending so that the Internet can understand it.

 

Make the Connection

When you make a VPN connection, software on your end contacts the VPN gateway, for example, your office's Ethernet router. The gateway typically verifies that you are an approved user by checking your password. Then the VPN software creates the tunnel and adds a header to your data packet that the Internet can understand. When the packet reaches the gateway endpoint, the gateway pulls off the Internet header and routes the packet to its final destination.

VPNs use one of three technologies to create a tunnel: PPTP, L2TP, and the newest standard, Internet Protocol Security (also known as IPSec).

While the tunnel creates the network, encryption makes it private, scrambling data so that only those who have the right digital key can decode it.

PPTP and L2TP can verify a user's ID and scramble data using basic cryptography, which encrypts an entire file at once. That level of security suffices for most businesses. The truly security-conscious will want to consider the IPSec standard, which takes the process much further, verifying and encrypting each packet of data to ensure maximum privacy.

How Encryption Works on Inet2000's VPN

 
Encryption hides your data from prying eyes. Learn how it works and what you need to use it.

Encryption: The process of encoding data to prevent unauthorized parties from viewing or modifying it.

  • Prevents unwanted access to documents and e-mail messages.
  • Strongest levels of encryption are very difficult to break.
  • Recent changes in cryptography export laws should expand access to software.

If you're not paranoid, maybe you should be. If you use a PC, unscrupulous types can intercept e-mail you send, and coworkers could be reading your documents. Encryption--the process of encoding data so that it requires a special key to be read--can protect your data from prying eyes. Once the domain of spies, encryption is fast becoming an advisable precaution for businesses and home users: It's your best tool for protecting your trade secrets and privacy.

Whether your encryption program is stand-alone or built into your e-mail app, the encryption process is the same: Data passes through a mathematical formula called an algorithm, which converts it into encrypted data called ciphertext. These formulas require one variable from you--called a key--which makes it difficult, if not impossible, for anyone else to crack the encryption.

Click here for full image.

There are two types of encryption: symmetric and asymmetric (also called public key). With symmetric encryption, you run a file through the program and create a key that scrambles the file. Then you e-mail the encrypted file to the recipient and separately transmit the decoding key (which could be a password or another data file). Running the same encryption application, the recipient uses the decoding key to unscramble the message. Symmetric encryption is fast but not as safe as asymmetric encryption because someone could intercept the key and decode the messages. But because of its speed, it's commonly used for e-commerce transactions.

Click here for full image.

Asymmetric encryption is more complex--and more secure. Two related keys are required: a public key and a private key. You make your public key available to anyone who might send you encrypted information. That key can only encode data; it cannot decode it. Your private key stays safe with you. When people wish to send you encrypted information, they encrypt it using your public key. When you receive the ciphertext, you decrypt it with your private key. Asymmetric encryption's added safety comes at a price: More computation is required, so the process takes longer.

Symmetric and asymmetric encryption use different algorithms to produce ciphertext. In symmetric encryption, the algorithm divvies up data into small chunks called blocks. It then switches letters around, changes the information in each block into numbers, compresses and expands the data, and runs those numbers through mathematical formulas that include the key. Then the algorithm repeats the process, sometimes dozens of times over. An asymmetric encryption's algorithm, on the other hand, treats the text as though it were a very large number, raises it to the power of another very large number, and then calculates the remainder after dividing it with a third very large number. Finally, the remainder number is converted back into text. Encryption programs can use the same algorithms differently, which is why the recipient needs to use the same application to decode the message that you used to encode it.

Keys are the final piece in the encryption puzzle. Keys vary in length and, consequently, in strength. The reason: The longer the key, the greater the number of possible combinations. For example, if your encryption program uses 128-bit keys, your particular key could be any of more than 3.4 trillion billion billion billion--or 2 to the power of 128--possible combinations of zeros and ones. Encryption experts can crack the average 40-bit symmetric key in a matter of hours or days using a powerful PC using the brute force method (systematically trying key combinations until they find the right one).  However, with 128 bit encryption, a hacker is thousands of times more likely to win the lottery than to crack that level of encryption using brute-force.  As a matter for fact, the same method would expand the time required from several days to several billions of years!