What is VPN? Why use it and how does it work?
VPN stands for Virtual Private Network. As the name suggests, this is a virtual network, created over the Internet or a public network between two or more physical networks (or devices) to create an extended private network.
It helps users/devices send and receive data as if the users were on the same directly connected private network.
This means that applications on a VPN can have the same functionality and be managed in the same way as on a private network.
Why use a VPN?
Every device on the Internet has a public IP address, which is used to identify and connect to that device using a browser, command line, or any other method.
Data is sent over the Internet to connect to the device.
This data contains information such as IP addresses, proxy, ISP, etc., Which can be intercepted if sent over an insecure network.
To protect your identity, privacy, and data transmitted over the Internet, VPNs are used to establish a private connection between two devices/networks.
VPNs can be used in a variety of scenarios. More often than not, people working remotely from the office want to access objects, networks, files, etc.
From their office, using a secure network connection over the Internet, as if they were working from the office. This is also known as a point-to-site VPN.
Another common case is when a company has many offices in different geographic locations and wants to create a private Internet connection to connect these offices/networks.
This is also known as a site-to-site link.
Since the connection is through a public network, to ensure data security and protection against eavesdropping, authorized access to protect against data loss, it becomes important to have a secure and encrypted private connection between the two networks/devices that are provided by a VPN.
For businesses, a VPN can be used to connect to their cloud environment and this can help them build an extended network for storing, processing other data and information.
In some cases, a VPN can be used to hide your public IP address and geolocation, since all your requests over the Internet are sent from the server, to which you created the VPN connection (tunnel).
How does VPN work?
When you use a VPN over the Internet, it creates a private encrypted tunnel between two devices/networks.
Now, with a VPN, it is much more difficult to get hold of your data, and even if it is hacked since this data is encrypted, it is almost impossible to get any information from this data.
There are several VPN tunneling protocols such as PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer 2 Tunneling Protocol), IPSec (internet protocol security), SSL (secure socket layer), etc., which are used to create VPN tunnels.
For example, if you are using IPSec, which is a set of protocols, to create a VPN tunnel, you can use the following scenario.
Let's say you have an office in Moldova, and you want to connect it to another office in Russia to exchange information between these offices over the Internet in a confidential, secure, and encrypted.
You can create a VPN tunnel between these two offices and start accessing the devices/networks as one large private network located on two continents.
To get this private VPN tunnel, you need to use VPN technique/devices or VPN gateways that will act as two ends of the tunnel.
However, if you need to connect a remote device to any of these offices, you can simply use a point-to-site VPN connection using SSL-VPN.
For IPSec, you follow a two-step process to create a VPN tunnel. The first phase is used to authenticate the IPSec peers and to establish a secure channel between peers to enable the exchange IKE (Internet Key Exchange).
Once this is done, the second phase IKE is used to negotiate IPSec SA (Security Association) to configure the IPSec tunnel.
Simply put, the first phase is used to determine how two peers will exchange keys (negotiating cryptographic parameters), and the second phase determines how the two peers will encrypt the data (by creating key material for use by the IPSec tunnel).
After successful completion of both functions