March 6, 2011, 6:45 a.m.
posted by gelassen
First of all, a VPN chops the data into chunks called packets and then encrypts the packets so that no one other than the intended recipients can read them. Each packet contains headers that contain information about the size and type of data, and information to check the authentication and integrity of the data. This is a security measure that ensures that the data has not been changed enroute.
After the data has been packetized and encrypted, the VPN sets up a dedicated channel within which to send the data. This is called IP tunneling and is one of the beauties of a VPN. Even though the data is being sent across a public network such as the Internet, the channel cannot be “seen” by unauthorized persons listening in on the line. (Hackers use programs called “sniffers” to intercept network traffic and VPNs can hide a network from these sniffers.)
All of this is accomplished with special software, protocols, and commands that are issued by the VPN equipment. Many (if not most) modern day routers are capable of creating a VPN. In the early days of VPNs, firewalls created a problem because they were unable to “see” VPN traffic and they didn’t know if VPN traffic was good or bad traffic. Today’s firewalls are not only able to distinguish between encrypted VPN traffic and regular traffic, some firewalls are capable of establishing VPN connections themselves. You need to check with the various vendors to find out which products will suit your needs.