Describe virtual private networks

  • 3 minutes

The previous lesson reviewed subnets. These networks are within networks. These types of networks give a level of privacy and security because they're "behind" a router. That means that the only data that can get to the devices on the subnet have to be allowed by the router. The router is the device that manages the data coming from and going to the internet. Any data that tries to enter a subnet that isn't data the router expects, the router will turn away.

Think of the router as a security guard. The guard stands at the door. They only allow people into a building who should be there and turns everyone else away.

Diagram showing a guard, illustrating software that keeps out some things and lets others in.

This works great for devices that are getting data directly from the router. But what if you want to be as secure as being behind the router but you can't or don't want to be in the same location as the device?

Think of remote work. Many corporations have sensitive information that needs to be protected. Having their routers open to the internet so remote workers can get to that data would cause problems. If only there was a way for a remote device, say a laptop, to be on a home subnet but act as if it's on the company's subnet. Well there is a way! It's called a virtual private network, or VPN.

VPNs and Remote Subnets

As the name implies, a VPN is a network or a grouping of computers. However, the network is private in the same way that a home network is private. When at home, only the devices on your home network can see the other devices and talk to them without permission from your router. The "V" in VPN is key. The network is "virtual" because it can be "entered" remotely and work as if you're in the same place as the router.

If you do remote work with a computer, your company may have given you the program needed for you to "tunnel" into their virtual private network. You also may notice that when you're in that network, there are certain websites you can't visit and other limitations. But you also will have access to company data that you otherwise wouldn't be able to access.

Diagram showing the idea of being at one location and being able to use resources at another location. Illustrates a VPN.

How VPNs Work

While VPNs do numerous complex tasks, the basics of how they work are fairly straightforward. A router manages data between computers and subnets. All those ones and zeros are managed by the router. Some data is let in and other data turned away. This is largely done by the router.

VPNs function in the same way except software, a computer program, does the work rather than the router. When you join a VPN, the software on your device or computer looks at every bit of data that moves to and from your device. It uses programs and "rules" set up by your company to decide whether to let it in or turn it away.

In this way, companies can support people working remotely. Workers don't have to add passwords to every single file. The company doesn't have to limit data only to people who are physically in the building. And workers don't have to send things around in email (which can be very insecure).