Alternative Options to Overcome and Resolve VPN Problems
Verified
Added on 2023/06/13
|4
|3817
|398
AI Summary
This report discusses the challenges and drawbacks of traditional VPN and suggests alternative solutions like Microsoft DirectAccess, SSL VPN, and site bridges to mitigate them. It also covers the progress of VPN technology and its impact on businesses. Subject: Networking, Course Code: NA, Course Name: NA, College/University: NA
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Abstract—Virtual Private Networks are networks that work on the public network that includes the internet and it is a technology that is used for secured connection of network. In this report, details of Virtual Private Networks will be studied that will help to know the VPN network more accurately. The VPN network has several drawbacks and challenges are faced by businesses that use the Traditional VPN technology in their businesses. New methods and alternatives of VPN are studied in this report that helps to make the technology more smooth and cost much less compared to tradition Virtual Private Networks. The virtual private network allows the user and the branch offices to access the application of the corporate world and all other resources involve with the system. The VPN technologies uses networked and tunnels that are secured with passwords, unique method of identification and tokens, which makes others difficult to access the VPN network. IndexTerms—VirtualPrivateNetwork,Microsoft DirectAccess, site bridges, SSL VPN, IPSec VPN, SSL VPN I.INTRODUCTION Virtual Private Network, commonly known as VPN network is basically a technology with an encrypted and secured connection that is used over less secured network like Internet [3]. VPN is a technology that was developed in such a way that allows its users and the branch offices to access the corporate applications as well as other resources securely. In a VPN network, the data travels via secured tunnels that include passwords, tokens, as well as unique identification method for gaining access to VPN. There are many advantages and disadvantages in VPN network. The advantages that VPN network provides are that the network saves the cost of installing the network. The VPN network costs less and helps to save money. The VPN networks that are internet based avoids scalability to the network. The disadvantages that the VPN network is that the VPN network needs very high understanding of the network and the users of VPN has to be very careful about the installation process and the configuration of the network so that enough protection is given when the VPN network is connected to the public network [7]. Many service providers of VPN provides products and solutions of VPN that are always not compatible with some standards of VPN technologies. The technical problems that arise in VPN are very difficult to fix, as the network is very complex. Alternative methods to mitigate the issues or problems of VPN are site bridges, SSL VPN, Microsoft DirectAccess. The alternatives of the VPN technology allow the connectivity to remote users of network organizations without VPN connection. Traditional VPN provides a point to point topology that do not support the broadcast domains. This report illustrates the details of virtual private network in a system. The virtual private network has many issues that includes the packet loss, congestion, encrypted traffic, lacks repeating patterns, high availability and lacks fragmentation. All the drawbacks that are involved in VPN are to be minimized by implementing some other technologies known as Microsoft DirectAccess, SoftEther VPN, site bridges, or SSL VPN. All such technologies are described in details in this report. The possible solutions that can be proposed to mitigate such drawbacks of VPN technologies are described in this report [4]. The progress of developments of the VPN technologies that includes requirements, benchmarking, stakeholders, responsibilities, owners, purposes as well as objectives of VPN are described in this report. This report also illustrates about how the organizations are taking approaches, develops ownerships and procedures, and initiates about using new technologies of VPN and their businesses are affected by using alternative of VPN network. A conclusion is provided about which VPN technology is safe for an organization to use to get the best result. II.LITERATUREREVIEW According to Moreno-Vozmediano et al., VPN is a network of secured connection or a tunnel in between the private network and the computer over public connection like Internet [2]. The virtual private network can also be referred as a point to point connection with two hosts that directly connects each other . The point to point connection stimulates remote system to be physically on the private network and also establish connection to anywhere in world. Villa et al., stated that there are basically two types of Virtual Private Network that implements VPN solutions for the purpose of encryption [6]. The two technologies that are implemented in VPN network are IPSec (Internet Protocol Security) and SSL (Secure Sockets Layer). The details of IPSec and SSL VPN are shown in the table below: The drawback of the results that is achieved from the literature review is that it is very difficult to find out which technology is better when the technologies are compared to each other. It can be mitigated with the user needs. If there is remote user, then the remote user requires the access to few alternative numbers of four application and applications that are web based. The SSL VPN is a lower cost and solution to low maintenance. If there are any applications of the clients, then the applications and the resources of network of full access are required, then IPSec VPN is the most advantageous solution. According to Liang, Chengchao and Richard, many organizations opt to implement both technologies that provides access through SSL VPN and also IPSec VPN used for special users and are used for site to site links [11]. In the future of VPN technologies, the prices for the VPN solutions will decrease as the demand of the VPN technologies Alternative options to overcome and resolve the problems of Virtual Private Network Author’s Name
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
are going higher day by day. Increase in demand leads to higher competition in market, resulting in decreasing price of the VPN technology. The usage of SSL VPN is growing day by day and the application support is growing too. With the increasing demand of SSL VPN, the IPSec implementation is disappearing fast. III.CHALLENGESANDDRAWBACKSINVPN Along with all its advantages, the VPN network also faces many drawbacks and disadvantages from the industries. The following shows the disadvantages of that are faced by industries after implementing the VPN technology. TABLE 2 DRAWBACKSOFVPN Functional AreaDisadvantages Design and Security of VPNThe design as well as security implementation of the VPN network is very complex to understand. The VPN system requires a high level of professionalism with very high understanding level. For configuring best VPN network, high-level of knowledge is required. The configuration of VPN also faces some security issues that are difficult Scalability of VPN Mobile workers of VPN VPN Cost to mitigate without experts. If an existing infrastructure needs additional infrastructure, the solution of VPN technology may become incompatible. This may cause many technical issues if some other service provider is used instead of current vendor. Cost of implementing additional infrastructure is increases with the change in vendor [5]. The using of mobile phones for establishing a connectivity to the VPN network may cause security issue in the network. The security issues are mainly caused when there is a wireless connection. The security is to be tightened up when the system logs in to the VPN network connecting with a cell phone. If a service provider provides good service, then reliability automatically comes in the way of customer and the service provider. With much reliable service provider, the cost of VPN goes high. The service provider charges more for secured VPN network. IV.CHALLENGESOFVPNANDWAYSTOMITIGATETHEM A.VPN Technology and Security: Format The Virtual Private Networks are very flexible to use. The companies that use VPN network can be connected to many locations both overseas and locally using the VPN technology [1]. There are security risks that with the VPN technology.Manyproceduresareinvolvedwiththe technology of VPN [4]. Of the procedures are not followed properly,thetechnologymayleadtosecurityissue.To maintain the security is a main concern of a business and if security is not maintained, the VPN technology adds risks to the business. B.Exposure Risks: Using the public internet network, and turning it to a private tunnel leads to security data breach in the company. The performance of the VPN technology decreases as a result and may even lead to data breach and network failure [8]. There are mitigation processes that can overcome the exposure of security. MPLS networks, which are private, are used against the online as well as external threats that are independent of internet. The utilities of network of the service provider use their own networks that are segregated on the business process for using exclusively. C.Availability and Reliability with VPN Network: A large organization that possesses VPN network mostly faces the reliability issue with the technology. VPN technologies uses internet, which provides insecurity to the system of the business. SPN (Secure Private Network) provides availability and performance for operations that are held in businesses [12]. The SPN provides a centralized TABLE I FEATURESOFVPN Feature sIPSec VPNSSL VPN Securit y Level The variable of the network depends on the cipher method that is used. Generally, this network has 56 bit DES with a default value of 168 bit of 3DES algorithm. This technology has full access to LAN [9]. The variable of SSL VPN depends on the cipher method that is used. The combination of algorithm that is used is the combination of RC2/RC4 and the RSA algorithm. This has limited as well as controlled access with LAN. Applic ation Transp arency This technology is implemented at the operating system level and there are no changes as such needed for all applications. This technology is fully transparent and the applications can continue to work. This technology is limited to a web based application that can be accessible through the browser. There are additional applications that requires the plug ins and provides connectors for their support. Total Owners hip Cost The cost of initialing the technology is very high, which makes the technology price go high. The cost of support is potentially high so that the remote user of the computers can be maintained. The cost of fixing the SSL VPN is relatively low compared to IPSec VPN. There are free open sources as alternatives that have high cost of legacy application to support the cost of connector or the web porting cost.
control that is mainly based on the private internet protocol network and therefore, reduces the complexity of the system. D.VPN Performance: The network connection of VPN that is established in between two end points are very slow. If the internet connection is slow, then also the VPN technology does not work properly creating disruption as well as inconvenience. Also, with the increasing real time use and interactive applications, there are issues on network performance with the VPN technology that are noticeable. E.Complexity as well as incompatibility: VPN network use equipments that are made by different manufacturers. The equipments from different manufacturers always are not compatible with each other and leads to poor performance of the technology. Different manufacturer’s equipment leads in making the system more complex [10]. Additional network engineers are to be employed to configure the devices and administrate all the devices that make the VPN solution costly to implement and to maintain. F.Quality of Service (QoS): Guarantees are not offered by the VPN technologies. There is a chance of packet loss in the VPN networks. The rate of packet loss in VPN network is very high [16]. To mitigate this process, secured private networks that are based on MPLS provide solutions that provide much more scalability and redundancy. V.CHALLENGESALTERNATIVESOLUTIONSFORDRAWBACKS OFVPN A.DirectAccess: The DirectAccess are commonly known as Unified Remote Access. This is similar to VPN network that mainly provides intranet connectivity to their client’s system when the system of the customer is connected with the internet. The traditional VPN connection connects and ends connection by a user manually. However, in DirectAccess, the connections are designed in such a way that they connect automatically whne the computer is connected with the internet. The DirectAccess, mainly establishes IPSec tunnels in between the client and the server of DirectAccess and then uses IPv6 port to reach to the intranet resources or some other clients of DirectAccess [14]. The DirectAccess technology involves IPv6 traffic over the IPv4 traffic so that they can reach intranet that is beyond the internet. The internet depends on IPv4 packets. All the traffic that comes in intranet are mostly encrypted using the IPSec and are also encapsulated by IPv4 packets that may cause firewalls of no configuration or no proxies are required [15]. This technology can use more than one tunneling technologies that depend on the network configuration to which the client is connected. The client has the freedom to use Teredo Tunneling or the IP-HTTPS to configure the system correctly. Figure 1: DirectAccess (Source: Liang et al., 2017) B.SSL VPN: SSL VPN, Secure Sockets Layer VPN , are form of VPN is basically a type of VPN that uses a standard Web Browser in its network process. The traditional IPSec VPN network requires manual installation that is very difficult to manage. However, the SSL VPN network does not need any specialized installation of the client software on the computer of end user. The SSL VPN gives all the remote users the access of web applications, application of client/server, as well as connections established from internal network. A VPN network is a secured process of communication for transmitting of data and other important information that are transmitted in between two endpoints [13]. The SSL VPN mainly is an accumulation of more than one VPN device that is connected by users using the web browser. The traffic that is connected in between the Web browser and SSL VPN are basically encrypted with SSL protocol along with its successor, which is the Transport Layer Security protocol. The SSLVPN is a versatile technology that is very easy to use and offers a granular control to many range of users on different computers that can be accessed from different locations. Figure 2: SSL VPN (Source: Liyanage et al., 2015)
C.SoftEther VPN: SoftEther VPN, known as Software Ethernet Virtual Private Network is the most powerful as well as easy handling protocol of VPN software. SoftEther VPN mainly runs on Linux, Solaris, FreeBSD, Windows and Mac. The SoftEther VPN is basically an open source protocol that can be used for any personal as well as commercial use for free of charge. The SoftEther VPN is an alternative to an OpenVPN or a MicrosoftVPN server. A clone function is involved with the SoftEther VPN of OpenVPN server. Integration can be done very easily from an OpenVPn to a SoftEther VPN. SoftEther VPN is faster comparatively to OpenVPN. The Microsoft SSTP VPN supports the SoftEther VPN and there is no need to pay extra for the Windows Server License. VI.CONCLUSION The virtual private network is a technology that provides a secured, internal, and private network that are basically transmitted over public networks that includes internet. There are a number of VPN technologies that can be studied or can be outlined from which IPSec and the SSL VPN are most common technologies in VPN. There has to be a secured communication channel that can be opened or can be tunneled through a network that is insecure through VPN. The security on the client side cannot be overlooked. This report has shed light on the detailed process of VPN that helps the business process to increase their network condition. This report illustrates a detail of the Virtual Private Network in the business structure. The types of VPN that are used by businesses are described in this report showing their advantages and disadvantages. The VPN technologies has many advantages along with many disadvantages that are described in detailed in this report. To mitigate all the drawbacks and challenges those are faced by organization while deploying a VPN network are discussed in this report showing all the details of the alternatives. The alternatives that are used instead of VPN are very easy to use and very less costly compared to other technologies. VII.FUTUREWORKS The future work that the VPN will focus is on the Network Access Control that are used for accessing all the connected devices so that to determine whether it is the correct time to connect. The future VPN will mainly focus on the authentication of the user and the client. The VPN that will be built in future mainly builds operating systems that are invisible to end users. All the things on a VPN must be automated on VPN client and on the management side. There is no involvement of the network administrator. The VPN will also become very common in the coming 10 to 15 years just like the firewalls are. All ca possess a VPN network. The VPN network will become much stronger like never before with involvement of all technologies that are needed today. The security issues also can be minimized by using the VPN technology in the future. REFERENCES [1]Sinha, Sanjib. "Virtual Private Network or VPN." InBeginning Ethical Hacking with Python, pp. 185-189. Apress, Berkeley, CA, 2017. [2]Moreno-Vozmediano, Rafael, Ruben S. Montero, Eduardo Huedo, and Ignacio M. Llorente. "Cross-site virtual network in cloud and fog computing."IEEE Cloud Computing4, no. 2 (2017): 46-53. [3]Jangid, Manoj, and Prakriti Trivedi. "Improve Performance of Successive Ratio for Virtual Private Network." InComputational Intelligence and Communication Networks (CICN), 2016 8th International Conference on, pp. 97-101. IEEE, 2016. [4]Liyanage, Madhusanka, Jude Okwuibe, Mika Ylianttila, and Andrei Gurtov. "Secure Virtual Private LAN Services: An Overview with Performance Evaluation." InCommunication Workshop (ICCW), 2015 IEEE International Conference on, pp. 2231-2237. IEEE, 2015. [5]Bennacer, Leila, Yacine Amirat, Abdelghani Chibani, Abdelhamid Mellouk, and Laurent Ciavaglia. "Self-diagnosis technique for virtual private networks combining Bayesian networks and case- based reasoning."IEEE Transactions on Automation Science and Engineering12, no. 1 (2015): 354-366. [6]Villa, David, Francisco Moya, Félix Jesús Villanueva, Oscar Acena, and Juan Carlos López. "Ubiquitous Virtual Private Network: A Solution for WSN Seamless Integration."Sensors14, no. 1 (2014): 779-794. [7]Choffnes, David. "A case for personal virtual networks." InProceedings of the 15th ACM Workshop on Hot Topics in Networks, pp. 8-14. ACM, 2016. [8]López, Gustavo, and Eduardo Grampín. "Scalability testing of legacy MPLS-based Virtual Private Networks." InURUCON, 2017 IEEE, pp. 1-4. IEEE, 2017. [9]Liang, Gaoqi, Steven R. Weller, Junhua Zhao, Fengji Luo, and Zhao Yang Dong. "The 2015 ukraine blackout: Implications for false data injection attacks."IEEE Transactions on Power Systems32, no. 4 (2017): 3317-3318. [10]Bahnasse, Ayoub, Fatima Ezzahraa Louhab, Mohamed Talea, Hafsa Ait Oulahyane, Adel Harbi, and Azeddine Khiat. "Towards a new approach for adaptive security management in new generation virtual private networks." InWireless Networks and Mobile Communications (WINCOM), 2017 International Conference on, pp. 1-6. IEEE, 2017. [11]Liang, Chengchao, and F. Richard Yu. "Wireless network virtualization: A survey, some research issues and challenges."IEEE Communications Surveys & Tutorials17, no. 1 (2015): 358-380. [12]Lewis, Keith. "Virtual Private Cloud Security." InComputer and Information Security Handbook (Third Edition), pp. 937-942. 2017. [13]Cherntanomwong, Piti. "Authenticated virtual private network." PhD diss., 2015. [14]Han, Bo, Vijay Gopalakrishnan, Lusheng Ji, and Seungjoon Lee. "Network function virtualization: Challenges and opportunities for innovations."IEEE Communications Magazine53, no. 2 (2015): 90-97. [15]Conklin, Wm Arthur, Greg White, Chuck Cothren, Roger Davis, and Dwayne Williams.Principles of computer security. McGraw- Hill Education Group, 2015. [16]Vidal, Santiago, Jorge Rodrigo Amaro, Emiliano Viotti, Martin Giachino, and Eduardo Grampin. "RAUflow: building Virtual Private Networks with MPLS and OpenFlow."