You probably know that most of the information that circulates on the Internet (and other networks) is not very secure. It is quite easy for people with bad intentions to look at the data circulating on the Internet.
Many protection systems are actually available to overcome this problem.
The VPN is one of the most used solutions, let’s take a look at how it works.
How does the VPN work?
How to create a VPN tunnel?
First of all, to create this tunnel, you will need a software. which will manage the encryption (and decryption) of the data. In this software, there will be 2 parts: a client software and a server software. This server software can be found in different ways: (the client software is always in line with the server software)
- It can be integrated into the company’s firewall. This is a very common solution in companies.
You can also install a server dedicated to the VPN. (there are paid or free solutions.
- You can find special connections on your computers that will turn your computers into VPN servers. (this is not new because it was already integrated in Windows XP).
- You can also install VPN boxes or routers. (these boxes will be dedicated or will have several roles).
And finally, to surf the Internet (i.e. to connect to the Internet in encrypted mode), you can use VPN servers.
How to connect to VPN?
Internet users will then connect to the VPN in several possible ways:
- With a software installed on the client computer,
- With a secure browser (https) or with a plugin integrated in the browser. (the plugin is a tool that runs in the browser)
- By another box (like the VPN server box).
In general, the client software will ask the user for a login and a password to confirm his identity. But for a better security the MFA (Multi Factor Authentication ) is more and more used.
Multi Factor Authentication (MFA)
To increase the security, there can also be other possible modes of authentication such as the seizure of tokens*, unique code in time, of code sms, of validation by an application, smart cards, boxes token with single password.
And we can sometimes ask for both: login + token, we talk about double authentication, also called MFA: Multi Factor Authentication. (Multi Factor Authentication).
- a token : will allow to guarantee that the customer is the one he pretends to be, and that he is not a hacker. Because this token is unique, and the one who has it is recognized by the server.
- One-time password tokens, whether physical (boxes) or mobile (software installed on a smartphone or computer), are tools that give a code that changes regularly. Without the correspondence between this code and the server, it is not possible to connect.
What protocols are used in the VPN?
The protocols used to set up a VPN network can be: IPSec, SSL, Pptp… and there are others. Some are more secure than others.
Do not work with the same network layer as others! But that’s another story, it’s late and I think we should stop here, so that it remains understandable for all!
VPN at home
You’ll find a lot of websites talking about VPN and trying to sell you a VPN connection. We always talk about a tunnel to secure data, but the proposed VPN is mainly used to hide while surfing the Internet.
It is a VPN connection that allows you to encrypt data when you connect to the Internet and is mainly used to allow Internet users to be “invisible”.
For example, you can send an email via this system, and in this case no one but the recipient will be able to read the email.
These VPN servers work a bit like Proxy servers (without the cache part).
It is important to have absolute confidence in the VPN server you use because don’t forget that all your connections go through it!
Imagine that you connect to a bank via your VPN connection. Your connection credentials go through this server (which he will be able to decrypt since he is the one who encrypts the data).