VPN stands for Virtual Private Network. VPNs are used for end users to create a secure tunnel between their device and the corporate network. The security is created by encrypting the data that is going through the VPN.
VPN is generally easy to set up. You assign authentication credentials to a user. You don’t necessarily need to deploy digital certificates or shared passwords like IPSec. Many SSL VPNs can run from inside a browser or the VPN capability might already be built into the operating system. You simply provide the username and password and the IP address you want to connect to.
SSL VPN tunnels are also known as client to site VPNs or remote access VPN. This is because you can be anywhere remotely in the world and still be able to communicate securely back to your corporate network. Your remote workstation uses a secure tunnel through the Internet to connect to your corporate VPN concentrator. The concentrator is usually a piece of hardware that it used to encrypt and decrypt information.
If anyone were to capture packets from the communication between your remote workstation and VPN concentrator, all they would see is encrypted data. The VPN concentrator then decrypts the information and sends the data to the corporate network. The corporate network can then send information back to the VPN concentrator which encrypts the traffic and sends it back to your remote workstation. The remote workstation then decrypts the information.
VPN requires client software that may already be built into your operating system. Otherwise, third party software can also provide access to VPNs.