There are a number of options for connecting remote sites to the enterprise campus. It makes sense to use the internet because it’s highly-redundant, high-bandwidth, and cost-effective. However, it presents challenges.
- Routers are not directly connected
- Public IP addressing is required
- The internet is not inherently secure
- There is no quality-of-service guarantee
The solution is therefore to use tunneling technologies, eg. virtual private networking. There are many options, some encrypted, some not, but the basic premise is to build a logical connection between the campus and remote site that allows for direct peering between routers that are otherwise not directly connected.
VPNs are well-integrated with security mechanisms to provide authentication, encryption, and anti-replay (integrity) protection.
Stuck-in-Active: Journal of an IT-Network Administrator 