Skip to content
Skip to main content

About this free course

Download this course

Share this free course

Introduction to cyber security: stay safe online
Introduction to cyber security: stay safe online

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

2 VPN basics

Described image
Figure 3

You’ve just learned how firewalls can protect individual computers and local networks from attack. Next, you’ll learn about the uses of virtual private networks (VPNs).

In some ways, our local networks resemble forts sitting in the Wild West of a Hollywood movie. Inside strong walls, life goes on as normal, with data being exchanged freely between trusted machines. Meanwhile, beyond the firewall there is the lawless frontier of the internet; traffic crossing the internet must make a risky journey largely unprotected.

The problem of secure data transmission is especially acute for organisations based in several physical locations, such as those who need to exchange information with sub-contractors or those with a dispersed workforce such as sales teams or home workers.

Traditionally, companies invested in private communications links (usually called leased lines) whose cost might run to thousands of pounds per month. Most organisations cannot justify such an investment and in any case, leased lines cannot serve a mobile or highly dispersed workforce. So the lawless frontier of the internet is our only choice – this is where VPNs come to the rescue!

A VPN, as the name implies, is a means of creating a private network across an untrusted network such as the internet. VPNs can be used for a number of different purposes such as:

  • to securely connect isolated local area networks (LANs) across the internet
  • to allow mobile users remote access to a corporate network using the internet
  • to control access within an intranet environment.

VPN concepts for a corporate network

VPNs are typically implemented using dedicated network devices (sometimes this might be a firewall) and software. There are two parts to the software; the first, called a VPN client, is installed on the computer of anyone who wants to be part of the VPN. The client is responsible for connecting users to the VPN so that it can send and receive information in a secure manner with, in this example, a corporate network. The second part is the VPN server which is part of a dedicated network device, usually located on the perimeter of an organisation’s network. The server software typically performs the authentication of users and route traffic to the corporate network.

The VPN software creates a path known as a ‘tunnel’ between the VPN client and the VPN server. It can establish this ‘tunnel’ by using any third party or untrusted network such as the internet. Unlike other paths through the internet, information which passes through this ‘tunnel’ can be encrypted to protect it from inspection or modification. So we can use these tunnels to protect our data while it crosses the lawless frontier of the internet back to the safety of our forts!

VPN concepts for an open network

Some parts of the Internet are much more dangerous than others. In particular, public wi-fi connections in cafes, hotels, airports can allow your data to be intercepted and your movements to be tracked. Some countries also routinely monitor all Internet traffic as it enters or leaves the country as well as internal traffic.

A VPN service can offer a VPN client to run on your computer and VPN servers at safe locations around the world which provide a gateway onto the Internet. When you connect with your VPN client to a VPN service an encrypted tunnel connects your computer to the remote VPN server. It appears to the outside world as though your own computer is located at the VPN exit point in another country.

Free VPN services are available but tend to be quite slow. If personal security is particularly important take care to use a service that doesn’t log user data in any way. ProtonVPN is an example of such a service https://protonvpn.com/ [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] .

VPN concepts for a personal private network

It is quite possible to install VPN server software on your own private computer at home, and leave it running when you are away from home. A VPN client software on your mobile device connects to your own home VPN server. An encrypted tunnel connects your mobile device wherever you are and gives you secure access to your home computer. To the outside Internet it appears as though you are accessing the Internet from home.