VPN: disadvantages and advantages
There are already a lot of materials in which you can read about VPN technology. VPN has already become a standard for building secure communication channels. Now you can easily find the best VPN for Mac on the Internet, you just need to specify the appropriate search query. In this article we will talk about the main advantages and disadvantages of this network.
VPN technology meets the basic criteria of information security: integrity, confidentiality, authorized access. With the right choice of VPN, scaling is ensured, which means that the use of VPN will not create growth problems and will help to preserve the investment made in case of business expansion.
But everything has its downside, and VPN technology is no exception. One of the disadvantages of VPN is a drop in network performance associated with cryptographic processing of traffic passing through the VPN-device. The resulting delays can be divided into three main types:
- Delays in establishing a secure connection between VPN devices;
- Delays associated with encryption and decryption of protected data, as well as with transformations necessary to control its integrity;
Delays associated with adding a new header to the packets being transmitted.
Taking into account the cryptographic stability of the applied algorithms, the key can be changed after a sufficiently long time interval. Therefore, when using the means of building a VPN, such delays practically do not affect the speed of data exchange. Delays of this type begin to affect productivity of communication channels only at data transmission on high-speed lines (from 100 Mbit/s). In other cases, the speed of software or hardware implementation of the selected encryption and integrity control algorithms is usually quite high, and in the chain of operations on the package “encryption – transfer to the network” and “reception from the network – decryption” the time of encryption (decryption) is much less than the time required for the transfer of this package to the network. Here we face the main problem, which is to add an additional header to each packet passing through the VPN-device.
According to analysts, so far only 5% of users working, for example, in the financial sector, need such high standards. The other 95% do not take communication problems so seriously and the expense of more time to obtain information does not result in huge losses.
Business needs have so far formed two key areas of VPN technology development: IPsec VPN and SSL VPN. Let’s see what the main advantages and disadvantages of each of them are.
- IPSec (IP Security) is a set of protocols that solve the problems of data encryption, integrity and authentication. IPSec works at the network level. Thus, data protection will be transparent to network applications. While SSL (Secure Socket Layer) is an application layer protocol, it is mainly used for secure communication between remote applications (mostly for accessing Web servers), IPSec treats higher layer protocol packets in the same way, i.e. it authenticates and encrypts them without paying attention to their content. But for SSL to work, you need a secure transport protocol (such as TCP).
- IPSec supports three types of connection: Gateway-to-Gateway; Gateway-to-Host; Host-to-Host. SSL only supports connections between two hosts or a client and a server.
- IPSec supports digital signature and use of Secret Key Algorithm, while SSL supports digital signature only. Both IPsec and SSL can use PKI. The advantage of IPSec is that for small systems, preshared keys can be used instead of PKI, making the task much easier. The methods used in SSL are ideal for establishing a secure connection between the server and the client.