Though the technology you read about in this article existed before 2020, it is included in this article if it A: grew significantly in the years 2020/2021, or B: advanced in any way in the years 2020/2021. Here are five fresh and exciting VPN technologies of 2021.
1 – IPsec VPNs
2 – SSL VPN
3 – Mobile VPN
4 – Dynamic Multi-Point Virtual Private Network (DMVPN)
5 – Customized Kill Switches
This article gives you a brief look at each of these new technologies and offers a short insight as to what they may be used for.
1 – IPsec VPNs
You start with a VPN gateway to a secured network. A piece of VPN client software is installed on the remote-access-users’ PCs. A user connects, and the client then becomes a full member of the secured network. This means the client has access to everything as if the system were physically connected to the network. The Beaming security company goes into detail about IPsec in this article, but here is a brief view on how it works.
Internet Protocol Security (IPsec) is able to run in tunnel mode or transport mode, and both have different implications when it comes to security. Transport mode encrypts your data, whereas tunnel mode encrypted the data and the header information. A key is used to encrypt and decrypted the information, which means the key must be shared between the recipient and the sender.
IPsec VPN creates a tunnel that runs between two endpoints. This can run through a wide number of protocol types and connections. The application’s protocol information is hidden while the data is being transmitted. This is done by re-encapsulating the (original) starting IP data packet.
2 – SSL VPN
With SSL (Secure Socket Layer) VPN, you are able to enforce greater access control policies as relating to internal resources, and to individual users. This is done by intercepting traffic between authenticated remote systems, and traffic between the resource being requested within the secured network. The biggest benefit of this is that you may secure any suitable computer and use it for secure access. This means that remote workers who work from home may gain access to the more powerful and secured technology that exists in the office or data center.
There is no need for additional client-side VPN programming or software. SSL VPN is a clientless, or transparent, service. With the use of just a web browser, you may set up an SSL VPN at any suitable computer. The most pressing requirement is that there needs to be a gateway that exists between the secured network and the remote systems. With the use of digital certificates, an initial handshake takes place where both parties are able to identify themselves. This handshake creates session keys, and just like with IPsec, the keys are shared so that the data may be encrypted and decrypted by the recipient and sender.
3 – Mobile VPN
This may not be new to the world in 2020 and 2021, but the way it works is becoming more honed and far more impressive. Obviously, when you are using mobile VPN, the service is not tied to a physical IP address, but is instead tied to a logical IP address. This is used to identify the mobile device and sticks with it no matter where it goes. Not only has this system become more sophisticated over the past few years, but how it switches between one VPN connection to another is downright seamless. This in short means that you may travel around the world, and if your VPN provider is good enough, your VPN service stays continuous.
4 – Dynamic Multi-Point Virtual Private Network (DMVPN)
Some people worry about how even though their data is encrypted by the VPN service, the data itself still runs through a central hub (albeit rarely a single central hub). With DMVPN, your exchanged data goes from one location to another without having to pass through an organization’s router or server.
A mesh VPN service is created and it runs the VPN firewall and routers. Each remote site has been configured to connect to the central hub, these junctions are often referred to as “Spokes.” When your data passes through the mesh, the spokes contact the central hub, gets its information, applies it to your data, and then passes it on to the next remote site. The end result is a dynamic version of the IPsec as mentioned at the beginning of this article. It is another way of ensuring secured data transmission without having to pass the data through a central hub, but instead skirts around the central hub.
5 – Customized Kill Switches
More and more in the business world we are seeing some very clever kill switches that have been customized either by third party developers within a company that uses the VPN service, or by the VPN service themselves who have obviously agreed to tinker with their software for the benefit of the paying customer.
Though experimental, there are kill switches that cut the Internet if the VPN service stops running for whatever reason but will still allow internal communication through the internal network to continue. Another experimental VPN kill switch will only cut the Internet if certain actions or services are being used at the time, otherwise the Internet is not killed. As a crude example, if your staff were working on the accounts with a connection to a third party, and the VPN dropped out, then the Internet and all connections would be killed.
However, if the same staff were only communicating with a third-party training program, and none of the vital systems were running, then even if the VPN drops out, the Internet keeps running (unless a vital system starts a connection and/or starts running). It is a clever type of basic AI VPN that decides if and when your Internet should be killed, rather than aggressively killing the Internet whenever a VPN service goes down or is dropped.
