Hot skills:Securing a tunnel through the Internet

VPNs offer a cheap option for secure Wan links, writes Nick Langley

VPNs offer a cheap option for secure Wan links, writes Nick Langley

What is it?
Virtual private networks (VPNs) use the public telecoms infrastructure, and increasingly the Internet, to provide wide area networks and extranets which would otherwise require dedicated, leased lines. Privacy is maintained by creating "tunnels" through the public network, using encryption and other security techniques.

VPNs are much cheaper than leased-line services such as Kilostream and Megastream - let alone Frame Relay or Asynchronous Transfer Mode (ATM) - since bandwidth only needs to be paid for when it is used, instead of being booked for months or years. VPNs can include small branch offices, and people working from home or travelling.

Where did it originate?
Early VPNs made use of private circuits provided and managed by telecoms carriers, which took care of security. Hence the term "trusted VPNs", since you had to put your faith in the service provider.

In the 1990s, a variety of VPN hardware solutions became available which could be managed in-house. With the rise of the business Internet, it became possible to create IP (Internet Protocol) VPNs, capable of incorporating any line with an Internet connection.

VPN protocols include Point to Point Tunnelling Protocol (PPTP), supported by a number of companies led by Microsoft; L2F (Layer 2 Forwarding) from Cisco; and the Layer 2 Tunnelling Protocol (L2TP), which combines the best of PPTP and L2F. There is also IPSec (IP Security), which can be used as a standalone VPN protocol or in conjunction with L2TP and PPTP.

What is it for?
VPNs are available as managed services, as software products, or as packages which may include routing, a firewall, bandwidth management, encryption authorisation and data integrity all in one hardware "box".

What makes it special?
VPN technologies take the cheapest available ways of linking sites - public telephone lines and the Internet - and attempt to make them secure. Not all VPN solutions are equally secure, and not all are compatible with others. Some add indirectly to costs by making networking operations more complex. Some carry performance overheads.

How difficult is it?
Experienced network engineers can learn to install and deploy VPNs in about five days. Support staff and users also need training, and the complexity of some solutions is among the factors holding VPN adoption back.

Where is it used?
Wide area networks based on leased lines, ATM or Frame Relay are too expensive for smaller organisations to consider unless their businesses depend on moving very high volumes of data between sites. VPN solutions are available for organisations of every size.

What does it run on?
VPN solutions are available from telecoms carriers, networking equipment companies such as Nortel, security equipment companies such as Checkpoint, and software companies such as Microsoft. PPTP solutions are available for Linux and Unix as well as Windows.

Not to be confused with
VPL (visible panty line).

Few people know that
Some VPNs come with anchovies and olives. See the Verace Pizza Napoletana organisation (www.

What is coming up?
Take-up of VPNs has been held back by the relatively immature state of the technologies and the fragmented nature of the market. But in October 2002 IDC predicted that IP VPN services and equipment sales would grow by 40% and 50% respectively over the next 18 months.

Rates of pay
Network support staff can expect a salary of £20,000 to £25,000, while senior network engineers command £40,000+.

Training in VPN technologies is available from suppliers and specialist training companies. See the VPN Consortium ( for a list of suppliers. There is also useful information at if you can get past the pop-ups.

Read more on Voice networking and VoIP