A virtual private network (VPN) is a virtual private communication network established on a public network, with the help of an Internet service provider (ISP) and a network service provider (NSP).
An increasing number of information technologies are applied to modern enterprise businesses. For example, IP technologies are applied to enterprise resource programming, Voice over Internet Protocol (VoIP), video conference, and remote training. IP technologies allow an enterprise to achieve office automation and access information more easily. As the Internet economy develops, enterprises expand into new locations, cooperate with more and more partners, and require greater office mobility. Enterprises of this nature, therefore, need to interconnect their headquarters and branches with the help of carrier networks to form enterprise networks, so that staff can conveniently access the enterprise networks outside office buildings.
During the initial stages of information technologies, telecom carriers used leased lines to provide Layer 2 connections for enterprises. The disadvantages of leased lines are as follows:
Constructing leased lines takes a long period.
Leased lines require huge investments.
Leased lines are difficult to manage.
After the emergence of Asynchronous Transfer Mode (ATM) and Frame Relay (FR) technologies, telecom carriers begun to use virtual circuits (VCs) to provide point-to-point (P2P) Layer 2 connections for clients. Clients can set up Layer 3 networks and transmit IP data over the P2P Layer 2 connections. Compared with leased lines, VCs are less expensive and can be constructed within a short period. In addition, VCs enable users of different private networks to share the same carrier's network.
Despite their advantages over leased lines, VCs also have their disadvantages:
VCs are dependent on media such as ATM or FR. To provide VPN services based on ATM or FR, carriers must construct ATM networks covering all service areas. This implementation results in heavy capital expense.
The speed of ATM or FR networks is lower than that required by the Internet.
The deployment of ATM or FR networks is complex. To add a site to an existing ATM or FR network, you must modify the configurations of the edge nodes that connect to the site.
Traditional private networks help to boost enterprise profits, but do not meet the requirements for flexibility, security, economy, and scalability. To solve these problems, VPNs, emulated private networks carried over IP networks, have been introduced as a substitution to traditional private networks.
VPNs are virtual communication channels set up over public networks by Internet service providers (ISPs) or network service providers (NSPs).
A VPN has the following characteristics:
Privacy
VPNs and traditional private networks make no difference to users in terms of privacy. VPN resources are separated from bearer network resources and are exclusive to VPN users. In addition, VPNs offer sufficient security measures to protect internal information against external interference.
Virtuality
VPN users communicate with each other over public networks, which are used by non-VPN users at the same time. A VPN is only a logical private network. A public network that carries a VPN is called a VPN backbone network.
The VPN technology can flexibly segment an existing IP network into several logically isolated networks. This feature allows an enterprise to flexibly interconnect or isolate different departments or branches. This feature also facilitates service provisioning. For example, creating a VPN for the IP phone service can solve the problem of inadequate IP addresses although; whereas guaranteeing quality of service (QoS).
VPNs, especially Multiprotocol Label Switching (MPLS) VPNs, are highly valued by carriers in terms of providing interworking between enterprises and providing other enhanced services. VPNs have, as never before, become an important means for carriers to provide value-added services (VASs) over IP networks.
VPNs offer the following benefits to users:
Guaranteed data security
A VPN provides reliable connections between remote users, branches, business partners, suppliers, and company headquarters to ensure data transmission security. High security is becoming increasingly important as e-business and financial networks converge with communication networks.
High cost-effectiveness
An enterprise can connect its headquarters with branches, personnel on business, and business partners over public networks at low costs.
Increased office mobility
Enterprise employees can access the enterprise network from anywhere and at any time, meeting the increasing demand for office mobility.
QoS guarantee
A QoS-capable VPN, such as an MPLS VPN, can provide users with different levels of QoS guarantee.
VPNs offer the following benefits to carriers:
Easy operation
VPNs increase carriers' profits by improving resource utilization.
Flexible configuration
Carriers can add or delete VPN users by means of software configurations without hardware modifications.
Diversified services
In addition to basic VPN interworking services, carriers can also provide enhanced services, such as network outsourcing, service outsourcing, and customized services.
VPNs allow enterprises to direct less attention to network operation and maintenance and more attention to the achievement of their business goals. This feature enables VPNs to be increasingly popular with enterprises. A carrier can provide multiple types of services, such as best-effort IP services, VPNs, traffic engineering, and differentiated services (DSs), over only one network, reducing network construction, maintenance, and operation costs.
VPNs improve the scalability and flexibility of networks in addition to providing security, reliability, and manageability. Users can enjoy VPN services provided that; if they have Internet access, regardless of their location.