From ScotLUG
Jump to: navigation, search

VPNs - Network Security's Magic Bullet

by James Eaton-Lee (njan)

The level and content of the discussion are flexible depending upon what people think and the understanding of people on the day - I'm more than happy to tone up (or down) the complexity of the talk...

  • VPNs are a technology that allows network traffic to be tunneled from one place to another, over a network infastructure like the internet, to create a sort of virtual network cable from one place to another.
  • This technology is often used to join disconnected sites up over the internet (more and more commonly replacing expensive private circuits) or to allow roaming staff or staff who work from home (or partners, clients, etc) to connect into the business/corporate LAN.
  • In several incarnations (pptp, ipsec, ssl), VPNs are frequently implemented by businesses to add security to a system that isn't considered secure enough to connect to the internet (such as corporate banking and other business applications) or to mitigate other risks.
  • VPNs have security concerns of their own which are often not considered, and there are frequently better and more practical ways of allowing people access to systems and data.
  • VPNs are not a magic bullet!

I'll be bringing an accompanying laptop with slides and pretty diagrams to try and make the topic a bit more approachable :)

If anyone has any suggestions, questions or comments, feel free to mail me about them before next thursday...