Field
The disclosed embodiments relate to virtual private networks (VPNs). More specifically, the disclosed embodiments relate to techniques for optimizing connections over VPNs.
Related Art
Private networks and/or intranets may be used to share an organization's information and/or operational systems with members of the organization. For example, a company's intranet may allow employees of the company to access calendars, documents, files, utilities, applications, and/or other sensitive data and computing resources.
Private networks may also be securely extended across public networks such as the Internet using virtual private networks (VPNs). For example, an organization's VPN may allow a member of the organization to access the organization's intranet while traveling and/or working outside of the organization's physical boundaries. The VPN may also be used to connect multiple geographically disparate locations of the organization, such as a head office and one or more regional offices.
To protect an organization's sensitive data and resources, the organization's private network may include a number of security measures, such as firewalls and user authentication. Similarly, a VPN may secure data transmitted between the private network and a device on a public network by authenticating the user of the device, using a tunneling protocol to transmit data over the VPN, and/or encrypting the data before the data is transmitted.
However, the setup and use of VPNs may be associated with significant overhead. First, a VPN may require the setup of a server and/or VPN concentrator in the demilitarized zone (DMZ) of a private network, as well as the configuration of the private network's firewall to handle VPN traffic. VPN software may also be installed on an endpoint (e.g., server) in the private network to allow the endpoint to handle VPN traffic. Second, encryption and decryption of data transmitted in the VPN may protect the data but may also increase network latency within the VPN.
Consequently, use of VPNs may be facilitated by mechanisms for simplifying the setup of the VPNs and/or improving data transmission within the VPNs.