Introduction

A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when this is the case. One common application is secure communications through the public Internet. VPNs, for example, can be used to separate the traffic of different user communities over an underlying network with strong security features.

Secure VPNs use cryptographic tunneling protocols to provide the intended confidentiality (blocking snooping and thus Packet sniffing), sender authentication (blocking identity spoofing), and message integrity (blocking message alteration) to achieve privacy. When properly chosen, implemented, and used, such techniques can provide secure communications over unsecured networks.

The Syneto VPN implementation is IPSec. IPsec protocols operate at the network layer, layer 3 of the OSI model. Other Internet security protocols in widespread use, such as SSL, TLS and SSH, operate from the transport layer up (OSI layers 4 – 7). This makes IPsec more flexible, as it can be used for protecting layer 4 protocols, including both TCP and UDP, which are by far the most commonly used transport layer protocols. IPsec has an advantage over SSL and other methods that operate at higher OSI layers: an application doesn’t need to be designed to use IPsec, whereas the ability to use SSL or another higher-layer protocol must be incorporated into its design.