A Virtual Private Network, commonly known as VPN, is a communication method used to connect private networks between medium and large enterprises or organizations. VPN messages are transmitted over public network infrastructures (such as the Internet) to send intranet messages.
VPN uses encrypted tunneling protocols to achieve confidentiality, sender authentication, and message integrity, ensuring the security of private information. When used correctly, this technology allows reliable and secure messages to be sent over insecure networks (e.g., the Internet). It is important to note that the use of encryption can be controlled. Unencrypted VPN messages still carry the risk of interception.
To illustrate, consider a scenario where Employee A from Company A wants to send a letter to Employee B from Company B. A knows B's address and department, but letters between companies cannot specify department names. Thus, A asks their secretary to place the designated letter for B’s department (A can choose whether to communicate with B using encryption) into a larger envelope addressed to Company B. When the secretary at Company B receives the letter from Company A, they will send the letter inside the large envelope to B via internal mail. Similarly, B will respond in the same manner to A.
In this example, A and B are computers (or related devices) located in different companies (intranet), sending messages to each other via public mailing (public network), with the recipient's secretary (such as a router or firewall supporting the VPN) delivering the internal mail (internal network). Note that in a VPN, depending on the network structure, the secretary and the recipient can be the same person. Many modern operating systems, such as Windows and Linux, have the capability to establish VPN connections without the need for additional networking devices.
Some websites are blocked in mainland China, and using free or paid VPNs to bypass these restrictions has become a popular method to circumvent censorship. Many foreign companies also frequently set up their own VPNs to connect back to overseas servers or purchase services from third-party VPN providers.
Until the late 1990s, computers on computer networks were interconnected through very expensive dedicated lines and/or dial-up connections. Depending on the distance between sites, costs could reach thousands of dollars (for a 56 kbps connection) or tens of thousands of dollars (for T1). VPNs reduce networking costs by eliminating the need to rent multiple dedicated lines for connecting to the Internet. Users can securely exchange private data, making expensive dedicated lines redundant.
Secure VPNs use encrypted tunneling protocols to provide confidentiality by preventing eavesdropping and sniffing, and also allow sender authentication to prevent identity fraud, while ensuring message integrity by preventing modification of information.
Some VPNs do not use encryption to protect data. While VPNs typically offer security, unencrypted VPNs do not strictly belong to the "secure" or "trusted" category. For example, a tunnel established between two hosts using the GRE protocol is considered a VPN, but is neither secure nor trustworthy. Other plaintext tunneling protocols include L2TP (when not paired with IPsec) and PPTP (when not using Microsoft Point-to-Point Encryption (MPPE)).
蘊藏許多助人的知識與智慧。