Site-to-Site
Site-to-site, or LAN-to-LAN, VPNs
involve a secure connection between two end devices such as routers, firewalls,
or VPN hardware devices. The hosts on each LAN connected to those end devices
can access the other LAN via the secure connection based on the organization
security policy and the placement of shared resources. Common examples of
site-to-site VPN implementation could include connecting branch offices, vendor
sites, dealer sites, or customer offices to the corporate network. Figure 9-3
shows the types of connections that might be VPN candidates.
Intranet VPN
Intranet VPN would involve allowing
the remote user or connected site to have access to the company internal network
and resources. A typical example might be a branch office connecting to the
corporate network allowing all branch employees access to e-mail and other
corporate resources. Individual telecommuters and traveling employees would be
candidates to use a VPN to connect to the company intranet.
Extranet VPN
Extranet VPN might be one or more
special networks established to share resources with vendors, suppliers,
customers, consultants, business partners, and other nonemployee groups. The
extranet creates a shared environment for collaborative efforts. An example
might be a company web server network that allows dealers to check inventory,
place orders, and track deliveries. This limits access and exposure to only
those resources needed by the shared, while protecting the others.
Extranet access could be either site-to-site or a remote-access
connection to a nonemployee, such as a consultant or a broker.
The extranet could be a DMZ on the network that requires some
level of authentication to access and is, therefore, unavailable to the general
public. If anyone could access it, this would be an Internet. Figure 9-4
shows VPN connection types supported by Cisco technologies.
Sections
Comments (0 posted)
Syndication
