Standards for Technology in Automotive Retail

 
 Home -  News Feed 

Chapter 5. PRIVATE AND VIRTUAL PRIVATE NETWORKS

Table of Contents

5.1. OVERVIEW
5.2. USING VIRTUAL PRIVATE NETWORKS
5.2.1. Security
5.2.2. Access Control
5.2.3. Authentication
5.2.4. Encryption
5.2.5. Tunneling
5.2.6. Tunneling Protocols
5.2.7. Other Considerations
5.2.8. VPN Recommendation Guidelines

5.1. OVERVIEW

Networks consist of connections between machines (computers) allowing the machines to communicate and work together. The simplest network is between two machines in the same room connected with a cable in that room. This network is private. It is as secure as the room occupied by the machines provided the computers do not have other connections.

When machines being connected are not in the same building, they can still be connected privately by using a connection leased from telecommunications provider. They can also be connected privately by using the public switched network. Both of these are substantially less expensive than running a private wire across a long distance.

Leased lines are expensive and the switched network is limited in communication capacity (slow). The Internet generally provides a lower-cost alternative. However, depending upon the service provider capability, these configurations may be vulnerable to third party wire taps, and messages traveling over the Internet can be intercepted by third parties with a computer and a little ingenuity. Low-end internet service providers may be more costly in the long run due to these security risks, as well as interruptions and slowdowns.

Virtual Private Networks address these concerns by providing software that makes the Internet appear as a leased connection to the machines being connected. Each machine acts as though it were connected to the other using a Local Area Network wire.

VPNs may be LAN-based or client based. Typically, LAN-based configurations use hardware to maintain the VPN whereas client-based ones require software to be installed, configured and maintained on each machine - raising the costof the VPN to greater than just using the Internet.

Privacy concerns are addressed by encrypting the message before sending it out through the VPN and decrypting on the way in. Penetrating the encryption requires a great deal of time and computing power making the VPN risks akin to the wire tap risks of leased lines.

Alternatives to VPNs could involve private networks such as ANX (Automotive Network Exchange). This network was created to allow Internet like facility between Automotive OEMs and their suppliers. ANX is not considered feasible for dealer communications because of interoperability issues and cost.