VPNs improve Corporate security, by permitting access to the internal
network for remote users, via an encrypted tunnel. A VPN is generally
deployed for individuals which need remote access to the internal network,
and also be considered as part of the internal network.
VPNs are traditionally used when members of an organization
need internal access via the Public Network (or Internet). As a remote user,
the authenticated VPN user will be considered as a part of the corporate network
and are usually subject to the policies of the company.
A useful resource for explaining the VPN uses, applications ... is
available at VPN info.
IPSec or PPTP
VPNs can be created using either the IPSec protocol, or
the PPTP protocol.
IPSec (IP Security) is a suite of protocols for securing Internet
Protocol (IP) communications by authenticating and/or encrypting each IP
packet in a data stream. IPsec also includes protocols for cryptographic
key establishment. IPSec is easily deployed using Cisco's VPN Client, or
by using Linux.
PPTP is another method for implementing VPNs which was developed
by Cisco, and later licensed to Microsoft. PPTP became popular because it
was easy to configure and it was the first VPN protocol which Microsoft
IPSec VPNs offer the following benefits:
- supports 168 bit 3DES encryption (very secure)
- recognized as an international standard
A few of the disadvantages for the IPSec VPN:
- requires additional software
- PDA support requires 3rd party software (Movian VPN)
- under export restriction because of cryptographic software
Some of the benefits for the PPTP VPNs include:
- no additional softare needed (use built-in VPN)
- PDA support available for pocketPC 2002 and pocketPC 2003
- no export restriction on cryptographic technology
PPTP's disadvantages include:
- supports 128 bit MPPE encryption (secure)
- encryption handled by vendor-specific protocol which has known weaknesses
Which s the best one for you to use?
- If using PDA, the only option that is free of charge is PPTP
- If encryption integrity is a concern, IPSEC (Cisco Client) is best choice for data security.
- If searching for simplest way to use VPN without downloading additional software, then PPTP is the best choice.
- If you intend to use VPN in an area with cryptographic export restrictions, you must use PPTP.
Some Configuration assistance