A Dynamic Multipoint Virtual Private Network is an enhancement of the virtual private network (VPN) configuration process of Cisco IOS-based routers. DMVPN prevents the need for pre-configured (static) IPSEC peers in crypto-map configurations and ISAKMP peer statements. This feature of Cisco IOS allows greater scalability over previous IPsec configurations. An ipsec tunnel between two Cisco routers may be created on an as needed basis. Tunnels may be created between a spoke router and a hub router (VPN headend), or between spokes. This greatly alleviates the need for the hub to route data between spoke networks, as was common in a non-fully meshed frame relay topology. A DMVPN Spoke is configured with one or more hub IP addresses. DMVPN hub IP addresses are typically static, such as at a corporate headquarters. DMVPN spoke IP addresses may be static, or dynamic. An example would be a DMVPN spoke router acting as a DHCP client on a DSL or cable provider's network. The spoke router is configured with the hub's IP address, allowing it to connect when online. The hub router does not need to be configured with the IP addresses of the spoke routers. This allows many-spoke VPN routers to be deployed without the need to configure additional peers on the hub(s). In the past the configuration of the hub grew whenever a spoke VPN router was added to the ipsec network. Based on internet technology, intranets are becoming an essential part of corporate information systems today. However, internets were not originally designed with businesses in mind. It lacks the technology required for secure business transactions and communications. A challenge therefore arises for businesses with intranet, i.e. how to establish and maintain trust in an environment which was originally designed for open access to information. More specifically, a way has to be found to secure an intranet without impinging on its inherent benefits of flexibility, interoperability and ease of use.
Unlike traditional VPNs that offer limited or inflexible security, a dynamic VPN provide both high levels of security and, equally important, the flexibility to accommodate dynamically changing groups of users and information needs. Our dynamic VPN can provide this flexibility based on a unique agent-based architecture as well as other features.
Because information can now be made available in such a flexible and fine-grained fashion, a company's files, documents or data that had to locked in the past can now be accessed in either whole or in part to carefully selected groups of users in precisely determined ways. As a result, a dynamic VPN is an intranet enabler. It enables an intranet to offer more services and services than it could otherwise, thereby allowing the business to make more use of its information resources.
In order to accommodate new, changing and expanding groups of users and provide these users with information in a number of ways, intranets should deliver several benefits, including flexibility, interoperability, ease of use and extendibility. In particular, they should be open and and standards based, so information can be read by different users with different applications on different platforms.
However, the benefits promised by intranets lead to an important challenge for businesses using this technology: how to establish and maintain trust in an environment which was designed originally for free and open access to information. The Internet was not designed with business security in mind. It was designed by universities as an open network where users could access, share and add to information as early as possible. A way has to be found to secure an intranet for businesses without impinging on the intranet's inherent benefits of flexibility interoperability and ease of use. Indeed, an ideal solution must also provide not only the highest levels of security but also security in such a way that users can easily access, modify and share more information, not less, under carefully controlled and maintained conditions.
The most appropriate and successful answer to this challenge will be a DYNAMIC VIRTUAL PRIVATE NETWORK. Unlike traditional VPNs that offer limited or inflexible security, a dynamic VPN provides both extremely high levels of security and, equally important, the flexibility to accommodate dynamically changing groups of users and information needs.
A dynamic VPN is actually an intranet enabler. It enables an intranet to offer more resources and services than it could otherwise, thereby allowing the business to make more use of its information resources.
Major Drawbacks Of VPN
The single major problem on the road to VPN is network security. Because VPN is connected to a public network. , the internet, it is prone to be hacked. Though all networks have some basic security that prevents such access they are often insufficient. The main threat is to the data that is transmitted through the internet. Then the user at this has to be sure that the person at the other is really the person who he claims to be. This protects data through a combination of encryption, host authentication and protocol tunneling. The commonly used basic protecting data is encryption. This involves scrambling the data using an algorithm so that even if the transmitted data is tapped, it cannot be decoded without the correct key.
