securing your network from attack anti virus software from avg proxy access firewall software from Lansuite firewall appliance virtual private network & firewall Meridion logo
anti spam
security for your network
network security uk Meridion logo
Home page link Security products link Meridion Internet Security logo
Virtual Private Network (VPN)

What is a VPN?
A vpn is defined as an infrastructure that enables a company or organisation to deliver ip communications from source to destination across public and private networks, secure in the knowledge that only those who are entitled to have access to the information do so and that it arrives at the destination in the time frame required.

This can encompass both data and voice communications enabling companies to benefit from their investment in technology. In the context of ipFireGuard this is primarily for data communications between branch or remote office locations enabling a WAN (wide area network) over a public routed network, the internet.

Concept of ipFireGuard VPN
Traditionally inter office/branch networks were for the larger enterprise and involved expensive leased lines from a specialist suppliers like BT or other tele-communications company.

The concept of a VPN is very simple. It is a protected communication channel over an unprotected public thoroughfare. It is analogous to an armored vehicle traveling over public roads. At the top-level, a VPN consists of a small number of components, illustrated below:

In this diagram, there are two private intranets connected via the VPN. The VPN is created by the two VPN Gateways over the public Internet.

A VPN works by encapsulating data for one network inside of an ordinary IP packet and transporting that packet to another network. When the packet arrives at the destination network, it is unwrapped and delivered to the appropriate host on the destination network. By encapsulating the data using cryptographic techniques, the data is protected from tampering and snooping while it is transported over the public network.

Unfortunately, this same protection against tampering makes it difficult to set up a VPN when the security perimeter is protected by an address translation firewall such as ipFireGuard. The solution is to implement the VPN on the firewall and allow it to straddle both sides so that it can capture packets from the green network and pass them, encapsulated, over the Internet without being tampered with by the address translation part of the firewall.

The VPN implementation used by ipFireGuard is an IPSec standard VPN and is suitable for the small to medium company/enterprise wishing to connect a number of branch offices or locations.

It is a very simple manually keyed system. This works well in small scale installations requiring an amount of discipline to manually change keys on a regular basis to ensure security of passed data is maintained.

Data is encrypted at originating vpn and transported to its corresponding remote vpn connection where it is de-crypted and delivered to the user.

As it is currently implemented, the ipFireGuard VPN environment is not suited for large-scale or road warrior use. It requires some changes in order to handle medium or large-scale VPN configurations as well as road warrior support.

However, these do not stop the ipFireGuard environment from being useful for small-scale VPN deployments between regional offices over cable, xdsl or indeed leased lines.


  • Secure communication between 1 or more remote sites
  • Improved business efficiency
  • Higher ROI (return on investment) by using existing technology
  • Lower fixed cost of inter-office communications
  • Improved bottom line
Quick Links
IPG Main Page
ipFireGuard VPN
ipFireGuard Topology
ipFireGuard Features
Web Content Filtering
Previous Page
Secure Firewall
Internet Gateway
Web Proxy/Cache
Virtual Private Network (VPN) support
Intrusion Detection
Full Activity Logs/ Reporting
Optional Web Content Filtering
back | next
main page
	101-103 Corbiehall
	EH51 0AU
	Telephone: 01506 517037
	Fax: 01506 517038