Providing Remote Services
While there are many great ways to expose some of the more widely utilized services, such as e-mail and other communications, as you saw in the preceding section there are still many types of activity that require access to the corporate network from the Internet.
Using Virtual Private Networks
The traditional solution to providing corporate network access from outside corporate locations is to use a virtual private network (VPN); and while the VPN is still widely in use, its importance is being downgraded for a number of reasons.
First, let me give you a 30,000-foot view of what a VPN does. A VPN provides a secure tunnel between two communication endpoints, typically a computer and a corporate datacenter. Once the secure tunnel is established, any other type of traffic can flow through it—such as web requests to an intranet, access to corporate file servers, or anything else allowed according to the VPN configuration. Numerous types of technology are used to enable VPNs, but they all provide essentially the same thing: full access to a corporate network from a remote computer over an Internet connection, as shown in Figure 12-2. One key aspect of a VPN is that it runs on a specific port based on the type of VPN technology used. This reduces the number of ports that need to be opened between an organization and the Internet, since all other traffic is communicated through the single VPN connection. Once the VPN is established, full communication is possible ...