The main reasons to use VPN based data transfers are the ability to encrypt all your
data and the simplicity to route many data streams of any kind (ie. UDP/TCP) through a few streams (in the case of OpenVPN there
is only one TCP stream) - Figure 1. Nowadays there are a lot of VPN solutions on the market.
The main difference between these solutions is there implementation - a VPN package could be build directly into the operating system (like IPsec) or it could be
implemented as an application, for which you need no special support in the OS (ie. PPTP or OpenVPN). And that’s a big advantage
for a software based VPN, so it’s easily ported to another platform. That’s the reason, that there are so much operating systems
supported under OpenVPN - like: Linux, Windows 2000/XP and higher, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Solaris.
But OpenVPN has another advantage - it uses only one stream and only one protocol to its destination. For example: PPTP is using one TCP stream for the data and another
stream for authentication purposes - which is handled through the GRE protocol.
If you are a network administrator you’ll see how easy it will be to route an incoming OpenVPN connection to the desired destination in your inner network. In Figure 1 you see an example of a complex connection from
a driver client to its destinated NetCom.
If you want to route all the network traffic, which is needed to fully support a NetCom four port device, you have to route two TCP ports (control/data) for each serial port, two TCP ports for the configuration (telnet/web)
and one UDP port for the external configuration from a snmp client (ie. NetCom Manager). If you add these numbers together, you will come to a sum of 11 streams which you have to route - on a 16 port device you’ll
have to route 35 streams through your network!
So if you want to use such a solution, it will be an immense effort to configure this. And that’s the point where OpenVPN comes into play: If you’ll pack all the needed streams into one with OpenVPN, your configuration
task is as minimum as possible.
If we think about the encryption methods which could be used to secure your data, in these days AES (Advanced Encryption Standard) should be the encryption algorithm of your choice. It has replaced the formerly
used but insecure DES (Data Encryption Standard). Also OpenVPN is using AES as its main encryption algorithm - not only because AES is very strong and safe, the other reason is that it’s also very fast.
After all we can say, that any network data which is transfered over OpenVPN, is secure and very easy to handle.