You can use a Virtual Private Network (VPN) to communicate privately and securely within your organization.
With the rise in the use of virtual private networks (VPN) and
the security they provide, JKL Toy company is exploring options to transmit
data over the Internet. They have recently acquired another small toy manufacturing
company that they intend to operate as a subsidiary of themselves. JKL will
need to pass information between the two companies. Both companies use iSeries™ servers
and using a VPN connection can provide the security that they need to communicate
between the two networks. Creating a VPN is more cost-effective than using
traditional nonswitched lines.
Using VPN connections you can control and secure connections with branch offices, mobile employees, suppliers, business partners, and others.
These are some of the users who can benefit from using VPNs
for connectivity:
- Remote and mobile users.
- Home office to the branch office or other off-site locations.
- Business-to-business communications.
Security risks occur if you do not limit user access to sensitive
systems. Without limiting who can access a system, you may increase the chances
that company information is not kept confidential. You need a plan that will
allow only those who need to share information about a system to access that
system. A VPN allows you to control network traffic while providing important
security features such as authentication and data privacy. Creating multiple
VPN connections allows you to control who can access which systems for each
connection. For example, Accounting and Human Resources may link through their
own VPN.
When you allow users to connect to system over the Internet,
you may be sending sensitive corporate data across public networks, which
can expose this data to attack. One option for protecting transmitted data
is to use encryption and authentication methods for ensuring privacy and security
from outsiders. VPN connections provide a solution for a specific security
need: securing communications between systems. VPN connections provide protection
for data that flows between the two endpoints of the connection. Additionally,
you can use Packet rules security to define what IP packets are allowed across
the VPN.
You can use VPN to create secure connections to protect traffic
that flows between controlled and trusted endpoints. However, you still must
be wary about how much access you provide to your VPN partners. A VPN connection
can encrypt data while it travels over public networks. But, depending on
how you configure it, data flowing across the internet may not be transported
through a VPN connection. In such a case, the data would not be encrypted
as it flows across the internal networks that communicate through
the connection. Consequently, you should carefully plan how to set up each
VPN connection. Ensure that you give your VPN partner access to only those
hosts or resources on your internal network that you want them to access.
For instance, you may have a vendor that needs to obtain information about what parts you have in stock. You have this information in a database that you use to update web pages on your intranet. You would like to allow this vendor to access these pages directly through a VPN connection. But you do not want the vendor to be able to access other system resources, such as the database itself. Fortunately, you can configure your VPN connection such that traffic between both endpoints is restricted to port 80. Port 80 is the default port that HTTP traffic uses. Consequently, your vendor can send and receive HTTP requests and responses over the connection only.
Because you can restrict the type of traffic that flows across the VPN connection, the connection provides a measure of network level security. However, VPN does not work in the same manner that a firewall does to regulate traffic into and out of your system. Also, a VPN connection is not the only means available to secure communications between your iSeries and other systems. Depending on your security needs, you may find that using SSL is a better fit.
Whether a VPN connection provides the security that you need depends on what you want to protect. Also, it depends on the trade-offs that you are willing to make to provide that security. As with any decision that you make about security, you should consider how a VPN connection supports your security policy.