Virtual Private Networks (VPNs) are a way of linking geographically separate installations.
VPN News: Dr. Stephen T. Kent Addresses PKI Standards - Dr. Stephen T. Kent, Chief Scientist-Information Security at BBN Technologies will present a half-day program on Advanced PKI topics during VPNcon Spring 2001. The session will examine in detail X.509 public key certificate standards as profiled and adopted by IETF PKIK working group, which Dr. Kent co-chairs. During the last two decades, Dr Kent's R&D activities have included the design and development of user authentication and access control systems, network layer encryption and access control systems, secure transport layer protocols, secure e-mail technology, multi-level secure (X.500) directory systems, public-key certification authority systems, and key recovery (key escrow) systems. He was one of the mostly highly rated speakers at VPNcon Fall. VPNcon Spring 01 is February 19-22 at the Fairmont Hotel in San Jose California. The comprehensive conference program features 30 sessions, a keynote, 2 receptions, 3 tutorials and a beer & pizza shootout all specifically addressing Virtual Private Networks (VPN) applications and issues.
VPN Book Recommendations:
Building & Managing Virtual Private Networks - Dave Kosiur explains the business case for VPNs, their potential for saving money, and various means of ensuring security (including encryption and hardware-based systems). He also provides details on all major tunneling protocol suites, including Internet Protocol Security Architecture (IPSec), Point-to-Point Tunneling Protocol (PPTP), and Layer 2 Tunneling Protocol (L2TP). Users will learn how to identify the factors that will affect VPN design and how to select products (including firewalls), services (especially ISPs), and policies that fit their needs.
Creating and Implementing Virtual Private Networks - The book works through LANs and wide area networks (WANs) and then explains how VPNs can combine the strong points of each (security and geographic flexibility, respectively) with the cost-effectiveness of the Internet. It discusses emerging VPN standards, including Layer 2 Transport Protocol (L2TP), Layer 2 Forwarding (L2F), and the IP Secure (IPSec) standards that have come from those standards and PPTP. The authors walk you through two solutions to the same organization's VPN needs: one based on Novell NetWare 5 and BorderManager and one that uses Windows NT 4 and PPTP. The direct comparison of the two solutions on the same problem is helpful and should help you decide which scenario (if either) fits your needs.
Implementing Virtual Private Networks - Brown documents several VPN architectures (routers, firewalls, and remote-access arrangements), details Network Address Translation (NAT) and its relationship with Internet routing schemes, and explores security issues. The book covers cryptography, encryption, the Remote Access Dial-In User Service (RADIUS), and other VPN safety measures. Brown provides information on several commercial VPN and extranet solutions, including products from Aventail, Compatible Systems, Nortel Networks, RadGuard, VPNet, and others.
VPN Resources:
Microsoft's page on using Windows 2000 to create a VPN: Connecting Remote Users to Your Network - Using the remote access services of Windows 2000 Server, you can configure remote access servers that provide connectivity to the corporate network for authorized users. This transparent connection allows remote access clients to access resources from remote locations as if they were physically attached to the network. This guide outlines the steps needed to set up remote access with Windows 2000, and discusses deploying remote access clients. If you already upgraded your Windows NT 4.0 Remote Access Server to Windows 2000, then it should already be working for your remote users. In that case, this document may serve only as a guide setting up another remote access server or virtual private networking server.
Nortel Networks IP VPN Solutions: Small & Medium Business Solutions - With Nortel Networks IP VPN Solutions, small and medium businesses can choose which VPN business model best suits their business's needs, whether it be "Outsourcing your VPN" or the "Do it Yourself" Approach.
Cisco's Hardware Solution: A Primer for Implementing a Cisco Virtual Private Network - Cisco VPN solutions encompass all segments of the networking infrastructure---platforms, security, network services, network appliances, and management---thus providing the broadest set of VPN service offerings across many different network architectures. Cisco support of existing WAN infrastructures is essential in accommodating hybrid network architectures, where users will require access to the VPN from leased-line, Frame Relay, and IP and Internet VPN connections. Leveraging existing network gear in these deployment scenarios is paramount. A VPN must extend the classic WAN and provide a common networking, security, and management environment across the enterprise network. Cisco VPN solutions enable corporations to deploy VPNs on their existing Cisco networking gear. The entire line of Cisco router and firewall platforms is easily VPN-enabled through Cisco IOS or PIX Firewall software enhancements, thus providing corporations a smooth migration path to a VPN environment. The Cisco installed base of VPN-ready ports numbers over ten million today. Cisco also offers integrated VPN platforms designed for the specific needs of VPN-centric environments.