The cost of maintaining secure communications links can be great. In a time when remote access to the corporate IT infrastructure is critical, imagine the expense of securing the link to every traveling salesperson or home-based telecommuter. Encryption is an obvious answer, but as we saw in the previous chapter, to provide encryption and do it right is burdensome. Further, the Internet is a hostile environment for the security conscious. Crackers and other attackers seek to co-opt communications both to eavesdrop and to steal.
And the problem is coming home. In the “always on” mode that tends to follow broadband communications such as DSL and cable modems, attackers can attempt to acquire sensitive data, steal identities, and take over hardware by planting malicious code, all while the computer owner is sleeping.
Still, the Internet is such an effective way to put the people of an organization near where the action is and where the customers are, that rolling back to an earlier era seems unlikely. If we are to effectively leverage the Internet, there must be a way to use it without becoming a victim to those who seek to misuse it. Bad guys will attempt to intercept our communications, or worse.
The modern approach to network security, particularly for remote access, but also for point-to-point links, is called the Virtual Private Network. It is “private” because while it appears to travel over the same wide area network as other traffic, ...