This paper attempts to provide a common sense definition of the ECI TruSecc system and an overview of our solution set.

The ECI TruSecc PCC is a hybrid developed from the technologies of VNC, PN (private networking) and VPN

Virtual Network Computing (VNC) is a process by which a system’s desktop can not only be viewed but also engaged in an interactive session as well. The use of such a tool gives the system administrator the ability to administer and troubleshoot a system remotely. In this way, a target system on the next floor, the next building or even at an employee’s home is within reach. There are other methods available of establishing this type of remote viewing. The obvious example is Symantec’s PCAnywhere(http://www.symantec.com/pcanywhere/Consumer/).

A VPN – Virtual Private Network – is one solution to establishing long-distance and/or secured network connections. VPNs are normally implemented (deployed) by businesses or organizations rather than by individuals, but virtual networks can be reached from inside a home network. Compared to other technologies, VPNs offers several advantages, particularly benefits for wireless local area networking.

Simply put, a VPN, Virtual Private Network, is defined as a network that uses public network paths but maintains the security and protection of private networks.  This private network carries controlled information, protected by various security mechanisms, between known parties. VPNs are only “virtually” private, however, because this data actually travels over shared public networks instead of fully dedicated private connections.

The term “VPN,” or Virtual Private Network, has become almost as recklessly used in the networking industry as has “QoS”  (Quality  of  Service) to describe a broad set of problems and “solutions,” when the objectives themselves have not been properly articulated.  This confusion has resulted in a situation where the popular trade press, industry, vendors and consumers of networking technologies, generally use the term “VPN” as an offhand reference for a set of different technologies.

Associated in the past with such remote connectivity services as the (PSTN), Public Switched Telephone Network, currently VPN networks are understood as an IP-based data networking function. Before IP based networking considerable amounts of time and resources, to set up complex private networks, now commonly called Intranets. These networks were installed using costly leased line services, Frame Relay, and ATM to incorporate remote users. For the smaller sites and mobile workers on the remote end, companies supplemented their networks with remote access servers or ISDN.

The main benefit of a VPN is the potential for significant cost savings compared to traditional leased lines or dial up networking. These savings come with a certain amount of risk, when using the public Internet as the delivery system the data. There are oints of failure that can affect a Net-based VPN than in a closed private system.

Small to medium-sized companies, who could not afford dedicated leased lines, used low-speed switched services. As the Internet became more and more accessible and bandwidth capacities grew, companies began to put their Intranets onto the web and create what are now known as Extranets to link internal and external users. However, as cost-effective and quick-to-deploy as the Internet is, there is one fundamental problem – security.

Today’s VPN solutions overcome the security factor using special tunneling protocols and complex encryption procedures, data integrity and privacy is achieved, and the new connection produces what seems to be a dedicated point-to point connection. Since these operations occur over a public network, VPNs can cost significantly less to implement than privately owned or leased services.

For an organization looking to provide a secure network infrastructure for its client base, a VPN offers two main advantages over alternative technologies: cost savings, and network scalability. To the clients accessing these networks, VPNs also bring some benefits of ease of use.

A VPN can supply network connectivity over a possibly long physical distance. In this respect, a VPN is a form of Wide Area Network (WAN).

The key feature of a VPN, however, is its ability to use public networks like the Internet rather than rely on private leased lines. VPN technologies implement restricted-access networks that utilize the same cabling and routers as a public network, and they do so without sacrificing features or basic security.

A VPN supports at least three different modes of use:

Remote access client connections
LAN-to-LAN internetworking
Controlled access within an intranet

Virtual private networks (VPNs) are generally considered to have very strong protection for data communications. What are the key VPN security technologies? Secure VPNs will provide both network authentication and encryption and are most commonly implemented using IPsec or SSL.

Using IPsec for VPN Security

IPsec has been the traditional choice for implementing VPN security on corporate networks.

Enterprise-class network appliances from companies like Cisco and Juniper implement the essential VPN server functions in hardware. Corresponding VPN client software is then used to log on to the network. IPsec operates at the layer 3 (the Network layer) of the OSI model.

Using SSL for VPN Security

SSL VPNs are an alternative to IPsec that rely on a Web browser instead of custom VPN clients to log on to the private network. By utilizing the SSL network protocols built into standard Web browsers and Web servers, SSL VPNs are intended to be cheaper to set up and maintain than IPsec VPNs. Additionally, SSL operates at a higher level than IPsec, giving administrators more options to control access to network resources. However, configuring SSL VPNs to interface with resources not normally accessed from a Web browser can be difficult.

Limitations of a VPN

VPNs are not perfect and limitations exist. Organizations should consider the issues when considering, deploying and /or using virtual private networking:

1. Reliability and performance.  An internet-based VPN is not under an organization’s direct control. That solution relies on an ISP and their quality of service.

2. Require a detailed understanding of network security.  Issues and careful installation / configuration are necessary to ensure sufficient protection on a public network like the Internet.

3. VPN products and solutions are not always compatible.  Different vendors have not always been compatible due to issues with VPN technology standards. Attempting to mix and match equipment may cause technical problems, and using equipment from one provider may not give as great a cost savings.