A VLAN, or Virtual Local Area Network, is a networking technology that allows virtual separation of a physical network into multiple virtual networks. While not used so much in home networks, VLANs are often used in large business and enterprise networks where it’s beneficial to segment a large network into multiple smaller virtual networks.
One example of where this would be beneficial is to separate departments within a company. As it may not be necessary to give sales access to engineering and vice versa, using VLANs would allow each of them to utilize a common infrastructure, but be separated as if they were on physically separate switches and routers.
A VPN when used in the context of computer networks is a Virtual Private Network. VPNs are used to provide additional security and privacy for users by establishing an encrypted connection, or tunnel, between a VPN client and a VPN server.
VPN Types and How Does a VPN Work
Remote Access VPN
A Remote Access VPN is one that allows client systems such as a personal laptop or desktop to connect to a VPN server such as one in a corporate office or one in a datacenter.
Corporate VPN: Remote access VPNs are most commonly used in business and enterprise environments by providing client systems a secure method of accessing a company’s internal network. By connecting to a corporate VPN, a user would establish an encrypted connection into the corporate network and appear on the network as if it were physically plugged into the corporate network itself complete with a corporate network’s internal IP address. As a result, this allows companies to secure access to its internal files from outside networks, but still provide employees a method of remotely accessing them.
Personal VPN: Due to the recent increase in security and privacy concerns, personal VPNs have also become a popular means of securing personal systems when connecting to public networks. Personal VPNs create an encrypted connection between a client system and a VPN provider’s server ensuring that all data transferred in and out of the client system is completely secured. The VPN provider then acts as a proxy for the client system to access the internet.
Personal VPNs are a good way for news reporters, social activists, whistleblowers, and others to hide their location as well as bypass any sort of governmental internet access restrictions. Many also use personal VPNs to access geo-restricted content as well as prevent copyright holders from discovering the identities of users illegally downloading copyrighted content.
Site-to-Site VPNs are generally used in corporate environments and allow multiple corporate offices to appear as if they were all connected to the same network despite being in separate geographical locations. These VPNs generally require setting up corporate routers that support this type of functionality.
Common VPN Protocols
PPTP, or Point-to-Point Tunneling Protocol, is one of the oldest VPN protocols still in use today. PPTP was first implemented in Windows 95 and has been built into every single Windows Operating System since. PPTP uses the MS-CHAP-v1/v2 encryption protocol, which is known to be insecure however, because the encryption is light, it’s well suited for transferring large amounts of data that don’t necessarily require a high level of security such as streaming a regionally blocked video while travelling.
L2TP, or Layer 2 Tunneling Protocol, was designed as an upgrade to PPTP which we discussed previously. L2TP is a tunneling protocol by itself, so it doesn’t provide any encryption whatsoever, but it can provide security when combined with IPsec, or Internet Protocol Security.
L2TP/IPSec is more secure than PPTP, but is significantly slower due to its more powerful security capability.
The newest and most secure VPN protocol is OpenVPN, which uses the OpenSSL encryption library. OpenVPN is fast, it’s free, and it uses strong encryption algorithms to protect data being transmitted.