In certain enterprise implementations, virtual private networks (VPNs) can be used to connect a branch network to services provided from a core site or another branch site of the wide area network (WAN). Some examples of such services include firewalls, storage as a service, remotely accessible virtual machines, and collaborative tools.
A virtual private network (VPN) is a network connection in which data that transits the VPN is tunneled through some larger network (such as the Internet), as opposed to running across dedicated links to the private network. Commonly, such data is encrypted prior to being transmitted, thus not benefiting from the DNS and routing intelligence of the larger network. One common application of a VPN is to secure communications (such as confidential information used by employees when working at a branch office or remotely for a company) through a public network.
Virtual Private Networks (VPNs) are being increasingly deployed, over the existing Internet infrastructure, in support of B2B, supply chain logistics, and as a networking cost-reduction for an enterprise when communicating to its own branch offices. Alternative solutions, such as multi-protocol label switching (MPLS), are often too costly, resulting in the increasing deployment of VPNs to communicatively couple branch offices to core sites of a WAN. Typically, a business will organize its VPNs for a site or geographic area to connect to a single VPN gateway (also referred to as a VPN concentrator). Each gateway may support many independent VPN connections from many remote systems, or remote gateways to smaller branch office networks, or suppliers (for example). In many examples, the term “VPN connection” refers to an “IP Sec tunnel”, defined in IETF RFC2401. These connections may be controlled using a paradigm called software defined wide area network (SD-WAN). SD-WAN often uses a branch gateway on the branch network to communicate via one or more VPN connections through one or more internet service provider (ISP) modems to one or more VPN concentrators (VPNCs) at one or more core sites.