friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaj4_5.4.0.1/rzaj45zxaddingvpn.htm

111 lines
8.2 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Virtual Private Networks (VPN) for secure private communications" />
<meta name="abstract" content="You can use a Virtual Private Network (VPN) to communicate privately and securely within your organization." />
<meta name="description" content="You can use a Virtual Private Network (VPN) to communicate privately and securely within your organization." />
<meta name="DC.Relation" scheme="URI" content="rzaj45zhcryptointro.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj45zhcryptointro.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzaja/rzajagetstart.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaj45zxaddingvpn" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Virtual Private Networks (VPN) for secure private communications</title>
</head>
<body id="rzaj45zxaddingvpn"><a name="rzaj45zxaddingvpn"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Virtual Private Networks (VPN) for secure private communications</h1>
<div><p>You can use a Virtual Private Network (VPN) to communicate privately
and securely within your organization.</p>
<p><img src="./delta.gif" alt="Start of change" />With the rise in the use of virtual private networks (VPN) and
the security they provide, JKL Toy company is exploring options to transmit
data over the Internet. They have recently acquired another small toy manufacturing
company that they intend to operate as a subsidiary of themselves. JKL will
need to pass information between the two companies. Both companies use iSeries™ servers
and using a VPN connection can provide the security that they need to communicate
between the two networks. Creating a VPN is more cost-effective than using
traditional nonswitched lines.<img src="./deltaend.gif" alt="End of change" /></p>
<p>Using VPN connections you can control and secure connections with branch
offices, mobile employees, suppliers, business partners, and others.</p>
<p><img src="./delta.gif" alt="Start of change" />These are some of the users who can benefit from using VPNs
for connectivity:<img src="./deltaend.gif" alt="End of change" /></p>
<ul><li>Remote and mobile users.</li>
<li>Home office to the branch office or other off-site locations.</li>
<li>Business-to-business communications.</li>
</ul>
<p><img src="./delta.gif" alt="Start of change" />Security risks occur if you do not limit user access to sensitive
systems. Without limiting who can access a system, you may increase the chances
that company information is not kept confidential. You need a plan that will
allow only those who need to share information about a system to access that
system. A VPN allows you to control network traffic while providing important
security features such as authentication and data privacy. Creating multiple
VPN connections allows you to control who can access which systems for each
connection. For example, Accounting and Human Resources may link through their
own VPN.<img src="./deltaend.gif" alt="End of change" /></p>
<p><img src="./delta.gif" alt="Start of change" />When you allow users to connect to system over the Internet,
you may be sending sensitive corporate data across public networks, which
can expose this data to attack. One option for protecting transmitted data
is to use encryption and authentication methods for ensuring privacy and security
from outsiders. VPN connections provide a solution for a specific security
need: securing communications between systems. VPN connections provide protection
for data that flows between the two endpoints of the connection. Additionally,
you can use Packet rules security to define what IP packets are allowed across
the VPN.<img src="./deltaend.gif" alt="End of change" /></p>
<p><img src="./delta.gif" alt="Start of change" />You can use VPN to create secure connections to protect traffic
that flows between controlled and trusted endpoints. However, you still must
be wary about how much access you provide to your VPN partners. A VPN connection
can encrypt data while it travels over public networks. But, depending on
how you configure it, data flowing across the internet may not be transported
through a VPN connection. In such a case, the data would not be encrypted
as it flows across the internal networks that communicate through
the connection. Consequently, you should carefully plan how to set up each
VPN connection. Ensure that you give your VPN partner access to only those
hosts or resources on your internal network that you want them to access.<img src="./deltaend.gif" alt="End of change" /></p>
<p>For instance, you may have a vendor that needs to obtain information about
what parts you have in stock. You have this information in a database that
you use to update web pages on your intranet. You would like to allow this
vendor to access these pages directly through a VPN connection. But you do
not want the vendor to be able to access other system resources, such as the
database itself. Fortunately, you can configure your VPN connection such that
traffic between both endpoints is restricted to port 80. Port 80 is the default
port that HTTP traffic uses. Consequently, your vendor can send and receive
HTTP requests and responses over the connection only.</p>
<p>Because you can restrict the type of traffic that flows across the VPN
connection, the connection provides a measure of network level security.
However, VPN does not work in the same manner that a firewall does to regulate
traffic into and out of your system. Also, a VPN connection is not the only
means available to secure communications between your iSeries and other systems. Depending
on your security needs, you may find that using SSL is a better fit.</p>
<p>Whether a VPN connection provides the security that you need depends on
what you want to protect. Also, it depends on the trade-offs that you are
willing to make to provide that security. As with any decision that you make
about security, you should consider how a VPN connection supports your security
policy.</p>
<p></p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaj45zhcryptointro.htm" title="Use this information to learn about the security measures that you can use to protect your data as it flows across an untrusted network, such as the Internet. Learn more about security measures for using the Secure Sockets Layer (SSL), iSeries Access Express, and Virtual Private Network (VPN) connections.">Transmission security options</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzaj45zhcryptointro.htm" title="Use this information to learn about the security measures that you can use to protect your data as it flows across an untrusted network, such as the Internet. Learn more about security measures for using the Secure Sockets Layer (SSL), iSeries Access Express, and Virtual Private Network (VPN) connections.">Transmission security options</a></div>
<div><a href="../rzaja/rzajagetstart.htm">Virtual private networks (VPN)</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink