Secure networking of branch offices Part 1

A site-to-site VPN is used to connect independent networks, for example, for branch office networking. In most cases this means that the branch office networks are connected to the network of the company headquarters. Another possibility is machine-to-machine (M2M) networking. In this case it is machines that communicate with the central gateway. In all cases VPN gateways are used. They establish a connection to the Internet, then they encode and authenticate the IP user data for transmission and tunnel it through the Internet. IPsec is the VPN protocol that is most frequently used for these types of connection.

Part 1: Types of Networks

Meshed or star-shaped networks are the two options for branch office networking. With meshed networks, the branch offices are not only connected to the headquarters but also amongst each other. With star-shaped networks, however, all communication between the branch offices is channeled through one central VPN gateway. This results in higher latency in communication between the branch offices. However, a clear advantage of star-shaped networks is that IT administrators control the whole network via one central monitoring system.    Hence, star-shaped networks allow for real time detection and locating communication faults between the branch offices. However, this requires a central VPN management system. Should communication faults occur in the crosslinks of a meshed network, however, locating them is much more difficult.   If a network, for example, contains 100 branch offices, controlling this network would cause substantial extra effort.

---