Dax Networks
Home Contact DAX Sitemap
Dax Networks
Dax Networks Dax Networks
Complete Networking Solutions Chat Now  
You are here: Dax Networks > FAQ's
Search S
FAQ's
Virtual Private Network
Remote Access Solutions
Hubs and Switches
Modems
Wireless
Leased Line Modems
Routers

Virtual Private Network

  • What is VPN?
    A Virtual Private Network (VPN) is used to provide secure, encrypted communication between a network and a remote host or other remote network over the public Internet. VPN's allow the establishment of an encrypted "tunnel" that protects the flow of network traffic from eavesdroppers.
  • Do I need VPN?
    In addition to encryption, VPN offers the capability of making your network traffic appear to originate from on-campus. There are many resources whose access is restricted to the University network, such as site-licensed software repositories, SMTP relay servers for outgoing email, and partner servers and networks at other institutions.

    You should use VPN if you:
    • Have a contract with a third-party vendor for Internet access at home, especially those with "broadband" connections such as cable modems or DSL (Digital Subscriber Line).
    • Travel and use a local ISP (Internet Service Provider) at a remote location.
    • Connect to a wireless network on campus which requires VPN authentication.
    • In all the above cases, traffic between the users and the University network travels over "untrusted" networks. The VPN server will encrypt this traffic between the remote location and the University network, making eavesdropping extremely difficult.
  • If I access the Internet through the NU modem pools or through Ethernet in my NU dorm room, do I need VPN?
    No. The dorm networks are protected from eavesdropping, and it would be extremely difficult for someone to eavesdrop on your modem data as it travels over your telephone line. In both cases, you are assigned a NU IP address, so there is no need to make your traffic appear to originate from NU.
  • How does VPN work?
    VPN differs from a regular Internet connection in the way the connection is protected.

    1. You connect to the Internet through your local ISP.
    2. The VPN client software connects with the VPN server.
    3. The VPN server creates a connection between your computer and the VPN server. The data sent on this connection is encrypted so only the VPN server and the remote users can read the data.
    4. The VPN server decrypts the data and passes it on to other servers and resources.
  • What is eavesdropping, is that like hacking?
    Not exactly. Eavesdropping is the intentional interception of data (like e-mail, usernames, passwords, credit card or calling card numbers) as it passes from a user's computer to a server or vice versa. Hacking is when a system is broken into or when data is willfully manipulated (as when a company's website is defaced or a bank's server is illegally accessed).

    Note: VPN does not protect your computer from hacking. It only protects network traffic from eavesdroppers. Using VPN may make your computer even more vulnerable to hackers if you rely on an NAT/firewall device to protect your machine.
  • Can I mount a network drive via VPN?
    Yes. MS Networking, NetWare IP, and AppleShare IP all work over a VPN connection. Drive mounting or file sharing which relies on non-IP protocols such as AppleTalk or IPX will not work. However, TSS does not support mounting of servers outside of NUNET. If you wish to mount a department's server, please contact your UNITS representative for instructions.
  • What's the difference between VPN and a proxy server?
    Proxy servers fulfill the second main purpose of a VPN: to make your network connections appear as if they originate on the proxy server as opposed to your computer.

    For example, Northwestern University Library offers access to a wide range of electronic resources, including periodical indexes, electronic journals, electronic texts, and statistical and numeric databases. Most of these resources are accessible via the Web when you are connected to NUnet; some electronic resources are available only in specific libraries or library departments.

    Software licenses, copyright restrictions and other contractual agreements require that many of the Library's services and networked resources be restricted to members of the Northwestern community. This requires that you access our networked resources from an authenticated network account on NUnet using your NetID. However, proxy servers are used primarily for Web (WWW, http) traffic. VPN, in our implementation, will protect all sorts of traffic (telnet, FTP, POP, SMTP) in addition to Web traffic.

    Note: There are situations where you will not be able to use VPN and still need to rely on proxy services. Those situations occur mainly in environments where:
    • you can't install or configure local software;
    • the network that the computer is on is behind an existing firewall (i.e. corporate networks, other educational institutions, etc).
  • What's the difference between VPN and SSL (Secure Socket Layer) or SSH (Secure Shell)?
    SSL and SSH provide an end-to-end encrypted connection, whereas the VPN connection is only encrypted between the remote computer and the VPN server. Between the VPN server and the final destination, the traffic is sent in its original form (which may or may not be encrypted, depending on what protocols you are using). You can still use SSL or SSH on top of the VPN connection.
  • How does the VPN client work?
    The VPN client is a "shim" client. It inserts itself below your computer's native TCP/IP stack and intercepts all network traffic received or transmitted, encrypting and authenticating the data on the fly.
  • Can I view multicast content through our VPN?
    No. IPsec does not support multicast, only unicast.

 

 
 
Top
View print-friendly version

Copyright © 2000-2010 Dax Networks Limited. All rights reserved.