A virtual private network (VPN) is encryption placed in a network connection from a device. The role of encryption is to ensure that sensitive data is not accessed by unauthorised personnel when transmitted. It prevents eavesdropping and allows VPN users to conduct work remotely. The VPN has four tunnelling protocols, point to point tunnelling protocol (PPTP), layer 2 tunnelling protocol (L2TP), internet protocol security (IPsec), and tunnelling protocol security (TLS)
First, PPTP, also called the virtual private dialup network (VPDN), uses a generic routing encapsulation (GRE) and a transmission control protocol channel (TCP) tunnel operating to encapsulate the Point-to-Point packets (PPP) (Sridevi & Manjaiah, 2012). For example, Microsoft Windows Families implement various authentication levels and encryption natively as a set feature of the PPTP stack. Many people prefer using the PPTP over other protocols because of their ability to operate on mobile devices (Sridevi & Manjaiah, 2012). With PPTP, remote users are granted access to the local area network (LAN) resources using the internet securely because of authentication and data encryption.
Second, L2TP, also called virtual lines, is a cost-effective protocol that allows remote users to access network resources by enabling a corporate network system to manage the IP addresses given to the remote users. When operating in conjunction with the IPsec, it provides secure access to the network systems (IBM Docs, 2021). L2TP supports voluntary and compulsory tunnelling; with compulsory L2TP, a remote host initiates a connection to its internet service provider (ISP).
The ISP then creates an L2TP connection between the corporate network and the remote user. L2TP allows the user to launch the VPN connection from the L2TP access concentrators (LAC) or L2TP client and connect to the L2TP network servers through the PPP (IBM Docs, 2021). The device acts as the local network server and accepts connection as well as implements authorization and authentication to legal users
Third, the IPsec protocol authenticates and encrypts the data packets transmitted through the IPv4 and the IPv6 networks. It uses the protocol header to identify how a particular data packet is managed (Anwar & Ahmad, 2019). In other words, the routing and delivery network is determined from the protocol header. It adds features such as cryptographic algorithms and security information to the IP header.
The IPsec protocol uses request for comments (RFC) to create the network security standards. It provides an advanced level of security to the VPN by providing authentications, encryption, and compression services at the VPN network level (Anwar & Ahmad, 2019). This is made possible by the encapsulated security payload (ESP), IP payload compression (IPComp), and the authentication header (AH). Packets sent by the remote user are encapsulated and secured using the IPsec packet.
Lastly, TLS uses a combination of asymmetric and symmetric cryptography. TLS VPN connects a client to services within a protected network (Vacca, 2017). With symmetric cryptography, it creates a key that the client and the server computer identify. When a data packet is sent, the server can decrypt the data encrypted from the client (Vacca, 2017). Asymmetric cryptography uses private and public keys that are related. It is implausible to derive the private key from the public key; the server holds the private key for decryption while the client holds the public key for encryption.
The VPN tunnelling protocols have a significant role in ensuring data security with the organizations as the workers access the local area network via unsecure channels like the internet. The protocols provide a security layer that authenticates and encrypt data. VPN utilizes the four protocols to enhance the security and privacy of remote users when accessing local area network resources. They are implemented differently depending on users’ or company’s preferences.
References
Anwar, S., & Ahmad, I. (2019). Design and deployment of IPsec VPN using CISCO network infrastructure. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 237-247. Web.
IBM Docs. (2021). Layer 2 tunnel protocol. Ibm. Web.
Sridevi, & Manjaiah. (2012). Technical overview of virtual private networks (VPNs). International Journal of Scientific Research, 2(7), 93-96. Web.
Vacca, J. (2017). Computer and information security handbook (3rd ed.). Morgan Kaufmann publishers.