Virtual private networks for mobile laptop users

VPNs provide
an optimal solution to secure data transmission over public network
infrastructures. They are also useful for security in open wireless networks.
WLANs are insecure by their very nature, but when you implement
a VPN you add a layer of security that protects your wireless
transmissions.
The mechanics behind VPNs utilize cryptographic methods to protect
your IP information as it flows from one network location to another. A
VPN actually creates a “virtual” tunnel that encapsulates one protocol
packet within another. This information is encrypted and isolated from
all other network traffic


Traffic analysis protection

Connectionless integrity

Data origin authentication

IPsec

Encapsulating security protocol (ESP)

An authentication header (AH)

Internet key exchange (IKE)
Confidentiality Confidentiality makes certain that other people are
not able to read information in your private messages.
Replay protection Replay protection gives you the confidence that
the same message is not delivered several times. It also ensures that
messages are not processed out of order when they are finally delivered
to their intended destination.
Traffic analysis protection Traffic analysis gives you the protection
you need to make certain that someone trying to use wireless channels
to eavesdrop on your transmission is unable to read the contents of your
messages.
Connectionless integrity Connectionless integrity ensures that
whenever you receive a message it has not been modified from its original
format.
Data origin authentication Data origin authentication ensures that
the message you receive was actually sent by its originator, as opposed
to someone spoofing the information from the person who actually sent
it.
IPsec IPsec makes it possible to perform routing tasks on messages
through an encrypted “tunnel” using two unique IPsec headers that
appear just after each IP header for each message.
Encapsulating security protocol ESP is a header that offers the
privacy you need to protect you against any possible malicious attempts
to tamper with your wireless data transmission.
Authentication header AH provides you with protection against
tampering that would compromise your privacy.

Internet key exchange IKE provides you with the means to permit
secret keys as well as other confidential parameters that require protection
to be exchanged just prior to the time communication is exchanged.
This process works without any user intervention.