Over the past few months, there has been a lot of hype surrounding Virtual Private Networks or VPN for short. The technology has even found its way into home routers, and some of them even employ hardware-accelerated encryption. So, what is VPN and why do we need it at all? We’ll try our best to explain it without getting too geeky.
What is VPN?
Unfortunately, there is no straightforward definition of VPN – not even in manuals. It’s crystal clear, they say: VPN stands for Virtual Private Network. Sleek, heh? It’s absolutely clear what ‘network’ is in this case.
‘Private’ is also quite straightforward, meaning ‘not public’. In other words, such network selectively accepts only nodes with certain permissions.
— Kaspersky Lab (@kaspersky) September 21, 2015
First, everyone who accesses the private network and all the information they exchange need to be tagged, so the users and data allowed into the private network could be distinguished from the ‘outsiders. Second, it is crucial to hide this information via encryption.
Third, there is a need to maintain the integrity of this private connection, meaning no outsiders should be allowed into the network, the messages should come only from the trusted sources, and the information should not leak anywhere in plaintext. Basically, it’s all about privacy – just the way it is implemented at private parties of the uber rich and famous. It’s like a everyone has heard of it, yet no one knows what is going on there.
— Kaspersky Lab (@kaspersky) November 3, 2015
As for ‘Virtual’, it’s rather easy. That means the network is abstracted from the physical substrate (the network thus does not care how many channels it employs, as it works transparently and integrally for all who have access). On the other hand, in most cases the virtual network does not belong to the owner of the physical network.
For example, any serious company would require any laptop or mobile device, which connects to any wired or wireless network, to access the corporate network exclusively over the VPN connection. It does not matter how this connection is established – in most cases, it will employ public connections which even won’t belong to the company. Such connection is called a ‘tunnel’ – and mind you, this term would be used multiple times later on.
— Kaspersky Lab (@kaspersky) January 13, 2016
Why do we need VPN?
The aforementioned example of a remote laptop connected to the corporate network is one of the most ubiquitous scenarios of using VPN in practice. The user feels at home (or, more accurately, feels at work while being at home, on vacations or in a business trip) and can conveniently access corporate data and services.
Moreover, in the security-consciuous enterprises VPN is enabled by default on all devices used by employees. Even Internet access is deployed through the corporate network, heavily surveilled by the security team.
What exactly is #VPN and why do we need it? #networking #securityTweet
The second most ubiquitous scenario is similar to the one above, but in this case it’s not individual users who connect to a corporate network, but the entire branch offices or buildings. The goal is the same: to incorporate remote and distributed locations into a single, connected organization.
Anyone can use VPN to arrange a corporate network: from global enterprises to no-name food trucks stationed all over the city. The VPN can interconnect simple surveillance cameras, alarm systems and the likes of those. With VPN being so simple (since there is no need to stretch a physical cable to all the locations), virtual private networks could function inside one organisation, just for the sake of separating certain departments and systems from one another.
VPNs are frequently used to connect servers and computing clusters to enable better availability and redundancy. The popularity of VPN is related to the proliferation of cloud networking. All the aforementioned solutions are not temporary: such VPNs are usually maintained over many years.
— Kaspersky Lab (@kaspersky) May 14, 2013
The opposing concept of such permanent VPN connections is session-based connections. They are frequently used to enable access to various services which process sensitive financial, healthcare and legal data.
Well the user would appreciate another practical use scenario. In our tips for securing Android and iOS devices, we recommended to use a secure VPN connection to a trusted node (your home router of a VPN provider) when connecting to any public network, so your traffic is safe from potential interception by an adversary.
Finally, one more VPN practical use scenario is bypassing certain limitations – like getting access to web resources which are restricted on the user’s territory or limit their operations to a certain region. According to the report by GlobalWebIndex, in 2014 alone, over 166 million people used VPN to access social networks.
It is obvious that VPN is useful, helpful, and gains a lot of traction. Of course, we tried to explain this technology in the most comprehensible and easy-to-understand words. In real world, there are many details of both technical and legal nature. Surely, we will also need to analyze popular VPN deployments – but this is a different story we hope to talk you through next time.