A VPN, a Virtual Private Network, protects the automation cell especially against frauds who cheat, trick and deceive you. How do these frauds operate? In the Internet or via its logs, every node can exchange data with any other node. This procedure is rather simple and is based on packages with senders and recipients’ addresses. Masquerading by falsifying the sender’s address, for instance, is not a great technical challenge. For such a fraud, he will simply overwrite the sender’s address. In this way, the fraud has managed to gain the recipient’s trust by tricking them and can read out or modify process data by means of a faked sender’s address for example.
A VPN protects against falsifying sender’s addresses, also known as spoofing. Additionally, a VPN also offers effective protection against hijacking, replay, sniffing, and man-in-the-middle attacks.
In order to avoid any such frauds, the VPN is used as a mechanism for protection. VPN puts up a virtual private network among two partners. You can imagine it like a tunnel, where attackers and frauds simply bounce off.
From the inside, the VPN looks like a normal network. Nothing special has to be observed for the addressing and configuration. For building up a VPN connection, one partners the server and the other one is the client.
So what happens when the connection is made? One; the VPN server waits for the other partner (this means the client) to address a connection inquiry directly to it. Second; in the connection enquiry the client suggests an encrypting and authentication method to the server. Third; the server and the client agree on a procedure both partners support. The tunnel is built up and the network nodes behind the VPN client and server can now communicate on a safe channel.
VPN tunnelling protocols are the combination of encryption standards and transmission protocols which determine how your data is routed and managed by your VPN provider. Different protocols offer different benefits, depending on your need for different levels of security, speed and other features.
Internet Protocol Security or IPSec is used to secure Internet communication across an IP network. IPSec secures Internet Protocol communication by authenticating the session and encrypts each data packet during the connection.
IPSec operates in two modes, transport mode and tunneling mode, to protect data transfer between two different networks. The transport mode encrypts the message in the data packet and the tunnelling mode encrypts the entire data packet. IPSec can also be used with other security protocols to enhance the security system.
L2TP or Layer 2 Tunneling Protocol is a tunneling protocol that is usually combined with another VPN security protocol like IPSec to create a highly secure VPN connection. L2TP creates a tunnel between two L2TP connection points and IPSec protocol encrypts the data and handles secure communication between the tunnel.
PPTP or Point-to-Point Tunnelling Protocol creates a tunnel and encapsulates the data packet. It uses a Point-to-Point Protocol (PPP) to encrypt the data between the connections. PPTP is one of the most widely used VPN protocol and has been in use since the time of Windows 95. Apart from Windows, PPTP is also supported on Mac and Linux.
SSL (Secure Sockets Layer) and TLS (Transport Layer Security) create a VPN connection where the web browser acts as the client and user access is restricted to specific applications instead of entire network. SSL and TLS protocol is most commonly used by online shopping websites and service providers. Web browsers switch to SSL with ease and with almost no action required from the user, since web browsers come integrated with SSL and TLS. SSL connections have https in the beginning of the URL instead of http.
OpenVPN is an open source VPN that is useful for creating Point-to-Point and Site-to-Site connections. It uses a custom security protocol based on SSL and TLS protocol.
Secure Shell or SSH creates the VPN tunnel through which the data transfer happens and also ensures that the tunnel is encrypted. SSH connections are created by a SSH client and data is transferred from a local port on to the remote server through the encrypted tunnel.