1.2 VPN Motivation
Why is it useful to employ virtual private networks for business communication? After all, separate private networks have been set up to serve the specific communication needs of many businesses. What advantages do you gain by converting the existing separate private networks to an Internet-based VPN?
The Internet offers far wider coverage compared with the private data network infrastructures offered by telecommunication providers. Adding new destinations to a private network means adding new circuits. Unlike the Internet, which has public and private peering points all over the world, few interconnection agreements exist between the service providers. Thus, the coverage of a private network is limited.
The Internet, on the other hand, is a vast interconnection of heterogeneous networks. Any host connected to a network that is connected to the Internet is in turn connected to any other host connected to a network connected to the Internet.
Another advantage gained by using an Internet-based VPN is cost reduction based on the system's economy of scale. Simply put, it eliminates the need to purchase and maintain several special-purpose infrastructures to serve the different types of communication needs within a corporation.
VPNs use cryptographic technology to provide data confidentiality and integrity for the data in transit. Authentication and access control restrict access to corporate network resources and services.
In traditional private networks, the security of the data during transit relies on the telecommunication service provider's physical security practices for data confidentiality. For example, frame relay networks have no built-in provision for encrypting data frames. Consequently, data frames, if intercepted, can be easily decoded. In VPNs, you need not trust the perceived physical security of the telecommunication service provider. Instead, data is protected by cryptography.
More and more business is being conducted using the Internet. Electronic commerce is not only a major new method of retailing merchandise (called "B2C" for business-to-consumer e-commerce), but it is also a way for businesses to trade goods and services among themselves (called "B2B" for business-to-business e-commerce). Interconnectivity of businesses is essential, and the Internet is the logical choice for the interconnection technology.
E-commerce must be secure. Private networks use physical separation for security, but it is impractical to have a separate infrastructure for each customer or B2B partner. Therefore, a closed, inflexible private network is not well suited for supporting e-commerce. A public infrastructure is more flexible but lacks security. VPNs provide both interconnectivity and security.