Subscribe by Email

Saturday, March 9, 2013

What is meant by Dynamic Virtual Private Network?

Dynamic virtual private network or DVPN is a network used for interconnecting various virtual application networks. 
- These networks reduce the need for manual configuration by a large percentage (almost by 93 %). 
- Dynamic virtual private networks help a great deal in the simplification of the wide area connectivity spread across a virtual application network.
- These networks have a great complexity when compared to the other networks.
- Further, they prove useful in establishing interconnections between various campuses, data centers, and offices and so on via IPsec VPN encryption. 
- The solution offered by the DVPNs is quite scalable, simple and secure. 
- The dynamic virtual private networks are highly automated and therefore provide a simple management solution. 
- A DVPN can scale up to 1000 – 3000 sites on a single router. 
- All these sites together constitute the domain of the DVPN. 
- So it is obvious that a very large network can be scaled via multiple DVPNs. 
The best thing about these DVPNs is that they support all the WAN technologies and therefore can be implemented up on all.
- Furthermore, they offer flexibility in reducing the cost when compared to the lower cost broadband access.
- All the network operations are simplified since DVPN has automated VPN setup plus provisioning.
- DVPNs offer high resilience without adding to the complexity of the network. 
Another characteristic feature of a dynamic virtual private network is its carrier agnostic connectivity.
- One solution to DVPN is offered by HP that has got the following features:
  1. Full mesh or hub – spoke configuration
  2. Encryption based up on IPsec standards.
  3. The control plane and the data plane have been separated to ensure scalability.
  4. Up to 30,000 clients are supportable by the VAM (VPN address management) server.
  5. Offers zero touch configuration.
- Another solution is offered by the Juniper networks. 
- Juniper’s DVPN is more of a client-less solution and has been designed for ‘remote access’ IPsec VPN. 
- The delivery of the client to the end users is made dynamically from SRX. 
The remote access is simplified by DVPN since it provides the users the facility to secure the IPsec VPN tunnels without any need for configuring the VPN settings on their systems. 
- This whole process comes in to when the users login to the server’s web site. - Juniper’s DVPN solution can be licensed to 5, 10, 25 or 50 concurrent users. 
- It supports windows xp and above versions (both 32 and 64 bit).
- However, there are certain limitations for this solution:
  1. It requires an external RADIUS server for providing an IP address and for XAUTH.
  2. Does not support shared IKE id.
  3. Mandatory PFS (perfect forward secretary).
  4. Requires custom IKE/ IPsec security proposals.
  5. Only IKE – id supported is the FQDN.
- Configuration for DVPN is required only on the SRX gateway.
- Dynamic virtual private network is more of an intranet enabler whose purpose is to complement the regular services offered by the internet by adding more services as well as resources to it. 
- One major feature of these networks is that they have an excellent ability of loading balance on – the – fly allocation of the resources. 
These networks are more popular in businesses since they offer more security by means of packet encryption protocols. 
- Self – modification is possible for the DVPNs and so they are able to recognize the added nodes without help from routers.
Encryption and authentication are two technologies used by DVPNs for securing packing data and delivering across the networks. 
- Until the data reaches it destination it remains unpacked or encapsulated. 
- For reaching the remote networks tunneling is used. 

No comments:

Facebook activity