Virtual Private Networking

EnGarde Secure Professional and the accompanying Workgroup Suite implement Virtual Private Networking (VPN) using the PPTP protocol. The Point-to-Point Tunneling Protocol is a network protocol that enables remote office workers to connect to their local corporate network behind their EnGarde Secure Professional gateway server, protecting their communications through a secure private data channel. EnGarde Secure Professional employs sophisticated encryption technology to ensure that data transmitted from the remote workstation to the EnGarde gateway cannot be intercepted and remains secure during its transmission.

Using PPTP on EnGarde Secure Professional, remote office workers can connect to their internal hosts to access network resources such as file and e-mail services.

EnGarde Secure Professional implements a standards-compliant PPTP server implementation that supports Windows 98, Windows NT, and Windows 2000 clients. While support for the PPTP protocol is included in Windows NT and Windows 2000, it must be downloaded and installed for use with Windows 98.

For an example of how PPTP might be used to provide VPN services in your organization, refer to Figure on page . Details of the PPTP protocol itself and additional information are available by searching microsoft.com for "Understanding PPTP" document dated January 1997.

• [NOTE:]Virtual Private Networking is only available with the purchase of the
  EnGarde Workgroup Suite.

  Figure: PPTP general overview

  

The following text description and corresponding image depict a typical PPTP session of how a remote user might connect to their corporate network.

(A)

The Windows PC client will make a PPTP connection using an existing connection to the Internet. PPTP will encrypt the data before sending it out over the Internet to the EnGarde Secure Professional server at the other end.

(B)

The EnGarde server is the destination for the PPP packets containing the encrypted PPTP information within.

(C)

When the EnGarde server receives these packets it will decrypt the information and distribute it to its destination within the local network. An additional IP address will be assigned by the EnGarde sever on the internal network to the remote Windows workstation.

(D)

At this point you can access all of your internal network resources as if you were locally connected to the network. You have access to your e-mail account, ability to send e-mail from the network, access the internal only Intranet among many other tasks.