A virtual private network (VPN) is a data service that offers transmission characteristics similar to those of private lines using the public Internet. Remote access VPNs can be used for accessing corporate local area networks (LANs) over public networks from small office home offices (SOHO) where employees of the corporations can work from home. The rise of security technologies such as IPSEC, a secure form of the Internet Protocol with optional authentication and encryption, as well as improved quality of service (QoS) has made VPN applications practical. At the same time, the rise in high-speed communication lines such as asymmetric digital subscriber lines (ADSL) and cable modems has increased the vulnerability of the VPNs because they provide conduits for hackers on the public Internet to access sensitive information on a corporate network during a VPN session.
IT administrators can impose restrictions on network access privileges of the remote system to the corporate LAN during a VPN session. For example, during a VPN session between a SOHO and a corporate LAN, the home gateway between the SOHO and the LAN might allow the client access to the printer at home but not to the public Internet. In many situations the home office user may wish to re-configure the network resources based on policies delivered from the LAN. VPN clients are not typically home-networking aware and consequently may limit home network usage during VPN sessions. Personal computer (PC) firewalls are configurable, but are not well integrated with VPN clients and cannot enforce dynamic network stack reconfiguration based on policies.