Cover V08, I06
Article
Sidebar 1

jun99.tar


Sidebar 1: Uncommon Uses for the Common VPN

Traditional VPN implementations are used to connect networks or users across an IP cloud such as the Internet. Virtual Private Networks have many other uses, if you are creative with the implementation. For example, human resources and accounting information can be some of the most sensitive information within an enterprise. Most companies leave this information on servers or workstations connected to the production enterprise network with no safeguards other than security provided by the operating system and lack of knowledge by the users.

By creating a human resource and accounting network (or networks) and using a VPN product such as Checkpoint's SecuRemote, Redcreek's RavlinSoft, or any like product, the network may be secured from prying eyes. Using the VPN client software, managers, team leaders, or other personnel that require access to the secured data can create an encrypted tunnel across the corporate network to move the data through. Encrypting and tunneling the data through the production network reduces the risk that unauthorized users will be able to inadvertently access the data, either from the server, workstation, or as it passes across the network.

Another creative use of VPN technology is connecting lab networks in different parts of the company. This can be a costly, but important requirement, especially in a high-tech company. Engineers in Raleigh may need access from a product development lab network to a lab network in San Jose to perform testing and collaboration with other teams.

If adequate bandwidth already exists between sites, or can be added without significant cost in respect to the cost of a long-distance WAN pipe between lab networks, a site-to-site VPN may be the best answer. By placing VPN gateways at the point where each lab network connects to a production network, an encrypted tunnel can be established between lab networks. In some cases, these connections will be seen as routed connections; in others, they will be seen as bridged networks. Whether the connection appears as routed or bridged depends on the vendor's implementation of VPN technology.

While a VPN solution may not always be the best answer, there are many situations in which a creative VPN implementation may be the best answer. It really just depends on all the usual factors: cost, budget, load, and traffic type.