Mobile virtual private network

A Mobile Virtual Private Network ( Mobile VPN or mVPN ) provides mobile devices such as smartphones, laptops, netbooks, and PDAs is a seamless connection for access to applications and data when they are connected via wireless or wired networks. Designed for today's wireless and mobile computing environments allow Mobile VPNs easy roaming between wired and wireless networks, both local wireless networks as well as national public networks.

Mobile VPNs are used in environments where users must continuously maintain connections while they are connected via wireless links to data sources, or when they break the connections again and rebuild in order to conserve battery life of their devices, the connection is established smoothly must function. Conventional VPNs, which are dependent on the duration of the connection to a fixed IP address, such requirements can not meet and, for example, lose the connection and thereby also lead to crash just used applications. Mobile VPNs are commonly used in the area of ​​public safety, in hospitals, in the care at home, in the field as well as mobile users who rely on a continuous connection.

Comparison with other VPNs

A VPN can provide an authenticated encrypted tunnel for safe transmission of data through public networks through (typically over the Internet) in order to bind a client to a remote network or to allow at least a secure access of clients to an enterprise application.

Other ( non-mobile ) VPNs, such as IPsec VPNs, assume that the endpoints of the connection are known and during the data transmission have not changed; SSL VPNs provide secure access of mobile clients via a web browser, but also rely on the assumption that the site during the connection does not change.

In a mobile environment, however, the position of the client is constantly changing, such as when a user in the train, in the car or moved into a larger building complex between different network cells or even between different public networks. A mobile VPN establishes a virtual connection to the data sources, which is maintained even when changed the endpoint. The necessary logins into the various networks will be performed for the user invisible in the background.

The technique of Mobile VPN

Differences among wired VPNs

Mobile VPNs avoid the problems of wired VPNs in the use of mobile devices. This is technically possible by a special communications server is connected between the application server and the client. This is responsible for communication with the application server and maintains the connection even if the client loses the connection through a wireless coverage or a change to another network. While wired VPNs work with the assigned IP address from the provider, Mobile VPNs use a logical IP address that is permanently connected to the mobile terminal. The client does not communicate with the application server, but with the communication server. Does the terminal again a stable network connection, the communication server, the connection resumes. Neither the user nor the application notice, at best, some of the interruption. This makes it easier to choose the best connection for the device. What, according to requirements, may be the fastest or the most cost effective route. Neither the user nor the current connection will be affected.

Mobile VPN server

The Mobile VPN server acts as a transport layer proxy for all mobile devices on which the Mobile VPN client is running. The server manages the state of all clients and is responsible for the complex session management required to maintain continuous connections to systems that host network applications. When a mobile device is unreachable, there is at rest or moves to another network, the Mobile VPN server receives the connection to the peer applications the client upright by acknowledges the receipt of data and receives requests in the queue. The Mobile VPN server also manages the network addresses of mobile devices. Each Mobile VPN client receives a virtual IP address on the wired network. This is usually assigned via DHCP or assigned from an address range that is reserved for this purpose on the Mobile VPN server. The Mobile VPN server also supports static assignment of virtual IP addresses to individual devices or users. Multiple servers can act as a server - pool and thus provide failover and load balancing.

Mobile VPN client software

The Mobile VPN client software is used to support Microsoft platforms on the TDI layer ( Transport Driver Interface ) settled and takes care of the input and redirection of application network calls. When an application wants to use the network, the TDI calls are intercepted, the parameters are set up and the call is forwarded for execution to the Mobile VPN server. This works transparently with operating system functions, so that the client-side application session can remain active when the device loses contact with the network.

Type of connection

The Remote Procedure Call (RPC ) and the Internet Mobility Protocol ( IMP) form the technological backbone that connects the Mobile VPN server with the individual mobile devices. A remote procedure call is a way by which a process on a local system can call a procedure on a remote system, while the network calls the client to the remote execution are sent to the server.

Would the Mobile VPN server runs on the Winsock layer, this would be calls like " open socket ", " bind", "connect ", " send" and "receive". However, since working on the TDI layer TDI corresponding calls to the remote execution to the server to be forwarded. The application on the local system does not know that the procedure call is executed on a remote system. The advantage of the RPC approach is that the mobile device may get out of range, or to interrupt the operation, without losing the active network session. Since this type of maintenance of sessions does not require user- specific settings and does not require reprogramming of applications, commercial applications run unchanged in the wireless environment. The RPC protocol is encapsulated (IMP ) in the Internet Mobility Protocol, which in turn is encapsulated in UDP.

The Internet Mobility Protocol compensates for the differences between wired and less reliable networks by adjusting the frame sizes and protocol timing to reduce network traffic. This is important if a limited bandwidth available, high latencies are given or the battery of the mobile device to be protected. The Mobile VPN server data security also improves by encrypting all the traffic between the server and client and only authenticated devices allowed to connect to the Mobile VPN server.

Typical applications for Mobile VPNs

Mobile VPNs are today used in all applications where mobile users have to rely on an uninterrupted data connection. Typical application scenarios are rescue and security forces such as fire and police, medical personnel, moving in large complexes with multiple networks, visiting nurses, mobile service and maintenance staff as well as users who travel a lot and use for example in train a seamless connection to the corporate network will.

Mobile VPNs in practice

In addition to the non-stop data transmission Mobile VPNs provide other benefits. Through the intermediary communication server Mobile VPNs support access to any application that runs in a wired environment. These mainly include mainframe connections that require an uninterrupted session. Thanks to Mobile VPN, these applications can be used without software modification for mobile use. By ausfallsicherere data connection, it is possible, preferably to store critical data on servers, security risks stolen or lost through mobile devices are thus avoided. Some Mobile VPNs support data and graphics compression, and can optionally be configured so that they automatically select the fastest or most cost-effective each connection. Depending on the manufacturer offer Mobile VPNs on mobile devices the same functionality as on notebooks.

Mobile VPN capabilities

These functions have all Mobile VPNs:

Mobile VPN management

Many Mobile VPNs have additional management and security functions that provide IT departments more transparency and control over mobile devices.

Mobile VPN Areas

Mobile VPNs today come in a variety of industries for use where employees need a mobile access to applications.

Credentials

• Virtual Private Network