How Our Virtual Private Network Solution works.
The current forefront of Virtual Private Networking is called "L2TP" (Layer 2 Tunneling Protocol) fortified with "Stateful Inspection" Firewall Technology.
L2TP offers the best in Network adaptability and data security. Receiving data from PC to PC or WAN to WAN communication is established through the Internet and scrutinized by the Firewall. The Firewall in turn verifies the IP address of the contact. If the Contact is authorized, then passes the contact to the AAA (Authentication, Authorization, Accounting) module that checks the following:
Authentication (who you are)
Authorization (what you are allowed to access)
Accounting (what you actually do during the session)
If it passes the AAA module, the contact is passed to the IPSec module that performs the following:
Authentication Header (AH) for Carrier Protocol (uniquely identify sender and compares with database,
the tunnel). This insures the validity of the sender and that the data has not been tampered with.
Decrypting of Encapsulating Protocol Security (EPS) (first level public key decoding, the computers share this information,
Decrypting of Data Protocol Security (DPS)(second level private key decoding, only trusted associates have the Key and it is "Very Strong Encryption", The Data)
Transfer data to user interface.
To help understand how this type of Virtual Private Network (VPN) Internet "Tunneling" works, we will use an analogy that you may be familiar with. If you have ever used one of the outer drive up lanes at the bank, odds are that you have used a vacuum operated transport system. You drive up to the box, you push the button, the door opens, you remove the cylinder, open it, place your checks and
signed deposit slip inside, close the cylinder, place it back in the box, push the button, the door closes and the cylinder is transported to the teller, the teller opens the cylinder verifies the checks and
signed deposit slip, makes their data entry into their system, places your deposit record and cash into the cylinder and sends it back to you through the transport system, the door opens, you remove the cylinder, open it and remove your cash and deposit record and leave. This is an UNSECURED transmission to the teller.
This is the analogy using the drive-up bank line with the enhancement of VPN Solutions technology. Let's pretend the road system is the Internet, and you want to make a "Secure" contact with your bank through the VPN and your car is your Internet connection. You jump in your car, drive to the bank and discover that there are armed guards at the opening to the driveway (The Firewall), they check your cars make, model, and license to insure that it belongs to a customer (of which you are) and then they let you pass. As you continue down the driveway you come to another armed guard that asks to see your drivers license, asks the purpose of your trip to the bank (The AAA Module). This guard checks the validity of your drivers license and weather or not you have access to the drive up banking privileges (of which you do) and they let you pass. Now your up to the box with the transport unit (The IPSec Module). You reach over and place your thumb on the button and the button scans your thumb print (AH), compares it to the one that you gave them before (it's the same) and opens the door so you can reach in and get the cylinder. To open the cylinder you punch in a code (EPS) (only bank customers know the code). Now that the cylinder is open you can send your deposit container to the teller. You open your deposit container by punching in your secret code that only you and your teller know (DPS), place the checks and deposit information within it, close it, place it inside the transport cylinder, place the transport cylinder into the box, press the button that scans your thumb print again and sends it to the teller through the transport system (The Tunnel). The teller receives a notice that a transport cylinder has arrived, places their thumb on the button that scans their thumb print (AH) and opens the door to the cylinder, removes the cylinder and punches in the code (EPS), removes the deposit container, enters the secrete code that only you and they know and makes the deposit into your account and sends you back your cash. You have just sent a VERY SECURE data transmission to the teller of your bank. You must use the various access codes to get at the cash (Data). Once the tunnel is established, information can be exchanged through the IPSec protocol to one another. As well, all this time, the AAA Module has been keeping track of all of the movements of you and the teller, and does so until you leave the banks
driveway (The Accounting).
© VPN Solutions 2003