VPN tutorial: Understand the basics of IPsec and SSL VPNs

Understand the basics of protecting corporate data in this VPN tutorial. Learn the difference between IPsec and SSL VPNs and how to use them correctly.

The virtual private network (VPN) used to be a new concept for most businesses; nowadays, it is included in many...

security-related products. In this VPN tutorial you will learn all about VPN basics, starting with the different types of VPNs and ending with a VPN implementation strategy. In the first section of the tutorial (below), learn the basics of IPsec and SSL VPNs and how they are deployed, or skip to other sections in the VPN tutorial using the table of contents below.

Table of contents

About fifteen years ago the virtual private network (VPN) was a fairly new concept to most businesses. Today, the VPN is considered a standard feature in any serious security- and router-related product, and the technology is increasingly becoming a requirement for doing business online. It is common knowledge that most of the protocols and applications used on the Internet send information via cleartext. Encrypting data over public networks via a VPN helps prevent hackers from sniffing sensitive data off the wire and helps businesses comply with strict data privacy laws. 

  • For more information on meeting strict data privacy laws, you can learn how to manage compliance and secure file transfers across a wide area network (WAN), in this Q&A.

Early VPN products required -- as many still do -- their own client, which is usually installed on the remote workstation that needs access to the local network. The encryption methods and supported protocols made them either a very good choice or a very bad one because they could easily be compromised. For example, Point-to-Point-Tunneling Protocol was a popular choice for VPN solutions, but did not provide adequate security because of its weak encryption through GRE tunnels and simple authentication methods via MS-CHAP.

Today, IPsec-based VPNs are the standard. Using the Internet Protocol Security and a number of other related protocols, they provide adequate security and encryption to ensure that a session is secure and properly encrypted.

In addition, a broader range of applications and the mobilization of data have paved the way for SSL VPNs and mobile device VPNs. As enterprises broaden the range of devices their employees use to access sensitive data, they are also expanding the number of applications that are transmitting that data. An SSL VPN can help protect all of these applications. 

Businesses have more options than ever before to protect their sensitive data while enabling remote access and complying with data privacy laws. At one time the question was, “IPsec or SSL?” But some businesses are finding that the two are not mutually exclusive. Each technology offers its own advantages that can be reaped when considered as part of a larger remote access plan.

This VPN tutorial was created to help you understand the basics of IPsec and SSL VPNs. By first understanding the protocols, and then how IPsec and SSL VPNs are deployed, you will develop a knowledgebase that will serve as the foundation for developing a VPN strategy that meets the remote access needs of all your users on your enterprise WAN while taking into account your IT organization’s resources and capabilities.

This information was adapted from A history of VPN: Disadvantages of early virtual private networks, by Chris Partsenidis.

Continue reading this VPN tutorial to learn more about IPsec VPNs.

More VPN tutorial resources

  • As legislation passes, enterprises need to get VPN-ready.
  • Is IPsec on borrowed time?
  • Using a VPN is crucial for WAN managers trying to secure road warriors.
  • Mobile computing security concerns lead to more IPS and SSL VPN spending.
  • What is Virtual Routing and Forwarding?
  • Understand Network Address Translation (NAT).
  • How does VPN tunneling work?
This was last published in December 2010

Dig Deeper on Network Security