Inet2000's Virtual Private Network
VPNs create secure connections to your Local or Wide Area
office network for far less than dedicated lines.
private network: A secure connection between two parts
of a private network that uses a public network such as
the Internet to reduce costs.
You work even when you're out of
the office. While you're on the road or working from home,
you need access to your files, e-mail, and databases.
Dialing directly into your office's server is one
solution, but it's expensive and comes with perennial
support problems. Sending files over the Internet is easy,
but you never know who might be snooping. So why not take
your network with you? You can have secure access to your
business network for the cost of a local phone call, using
the Internet and a virtual private network. And forget
about installation headaches--you can just get Inet2000 to manage the VPN for you. A VPN:
- Creates a secure connection to your business network
for branch offices and telecommuters.
- Costs as much as 70 percent less than traditional
dial-up and modem access.
- Can run over a variety of networks, including the
A VPN is a secure connection
between two segments of a network, with one end being your
office's network gateway (an entrance to the network, such
as a router), and the other end being your PC or a gateway
to another network, say, in a remote office. Those two
segments connect over a public network, usually the
Internet. A VPN requires two technologies to create such a
secure connection: tunneling and encryption.
Tunneling lets the two ends of the
VPN communicate across the Internet. Since the Internet
doesn't speak the same language as your network does, a
tunnel packages the data you're sending so that the
Internet can understand it.
Make the Connection
When you make a VPN connection,
software on your end contacts the VPN gateway, for
example, your office's Ethernet router. The gateway
typically verifies that you are an approved user by
checking your password. Then the VPN software creates the
tunnel and adds a header to your data packet that the
Internet can understand. When the packet reaches the
gateway endpoint, the gateway pulls off the Internet
header and routes the packet to its final destination.
VPNs use one of three technologies
to create a tunnel: PPTP, L2TP, and the newest standard,
Internet Protocol Security (also known as IPSec).
While the tunnel creates the
network, encryption makes it private, scrambling data so
that only those who have the right digital key can decode
PPTP and L2TP can verify a user's
ID and scramble data using basic cryptography, which
encrypts an entire file at once. That level of security
suffices for most businesses. The truly security-conscious
will want to consider the IPSec standard, which takes the
process much further, verifying and encrypting each packet
of data to ensure maximum privacy.
How Encryption Works on Inet2000's
Encryption hides your data from
prying eyes. Learn how it works and what you need to use
Encryption: The process of
encoding data to prevent unauthorized parties from viewing or
- Prevents unwanted access to documents and e-mail
- Strongest levels of encryption are very difficult to
- Recent changes in cryptography export laws should expand
access to software.
If you're not paranoid, maybe you should
be. If you use a PC, unscrupulous types can intercept e-mail
you send, and coworkers could be reading your documents.
Encryption--the process of encoding data so that it requires a
special key to be read--can protect your data from prying
eyes. Once the domain of spies, encryption is fast becoming an
advisable precaution for businesses and home users: It's your
best tool for protecting your trade secrets and privacy.
Whether your encryption program is
stand-alone or built into your e-mail app, the encryption
process is the same: Data passes through a mathematical
formula called an algorithm, which converts it into
encrypted data called ciphertext. These formulas
require one variable from you--called a key--which
makes it difficult, if not impossible, for anyone else to
crack the encryption.
There are two types of encryption:
symmetric and asymmetric (also called public key). With
symmetric encryption, you run a file through the program and
create a key that scrambles the file. Then you e-mail the
encrypted file to the recipient and separately transmit the
decoding key (which could be a password or another data file).
Running the same encryption application, the recipient uses
the decoding key to unscramble the message. Symmetric
encryption is fast but not as safe as asymmetric encryption
because someone could intercept the key and decode the
messages. But because of its speed, it's commonly used for
Asymmetric encryption is more
complex--and more secure. Two related keys are required: a
public key and a private key. You make your public key
available to anyone who might send you encrypted information.
That key can only encode data; it cannot decode it. Your
private key stays safe with you. When people wish to send you
encrypted information, they encrypt it using your public key.
When you receive the ciphertext, you decrypt it with your
private key. Asymmetric encryption's added safety comes at a
price: More computation is required, so the process takes
Symmetric and asymmetric encryption use
different algorithms to produce ciphertext. In symmetric
encryption, the algorithm divvies up data into small chunks
called blocks. It then switches letters around, changes the
information in each block into numbers, compresses and expands
the data, and runs those numbers through mathematical formulas
that include the key. Then the algorithm repeats the process,
sometimes dozens of times over. An asymmetric encryption's
algorithm, on the other hand, treats the text as though it
were a very large number, raises it to the power of another
very large number, and then calculates the remainder after
dividing it with a third very large number. Finally, the
remainder number is converted back into text. Encryption
programs can use the same algorithms differently, which is why
the recipient needs to use the same application to decode the
message that you used to encode it.
Keys are the final piece in the
encryption puzzle. Keys vary in length and, consequently, in
strength. The reason: The longer the key, the greater the
number of possible combinations. For example, if your
encryption program uses 128-bit keys, your particular key
could be any of more than 3.4 trillion billion billion
billion--or 2 to the power of 128--possible combinations of
zeros and ones. Encryption experts can crack
the average 40-bit symmetric key in a matter of hours or days
using a powerful PC using the brute force method
(systematically trying key combinations until they find the
right one). However, with 128 bit encryption, a hacker is
thousands of times more likely to win the lottery
than to crack that level of encryption using brute-force.
As a matter for fact, the same method would expand the time
required from several days to several billions of years!