Especially for industrial process data and other important measuring results, it can be necessary to disclose these data to third parties. There are two aspects concerning data protection:
- A suitable encryption of the data and
- An authentication of the communication partners concerned.
These security features can be provided by every application using suitable protocols for example. Alternatively, this security can also be managed and provided by one central location. The benefits of this central approach are the one-time implementation of the security functions and the lower maintenance effort. Such a centrally provided security is called Virtual Private Network (VPN). A VPN tunnel connects computers or networks via already existing networks with this.
Examples for existing networks are:
- Internet (WAN)
- company-internal networks (LAN, WLAN) or
- packet-oriented data transmission services of cellular networks (GPRS, EDGE, HSxPA and UMTS).
OpenVPN uses X.509 certificates
The OpenVPN software creates a virtual private network (VPN) using an encrypted connection. The OpenSSl library is used for encryption and authentication by OpenVPN. SSL stands for Secure Sockets Layer. This is used by the majority of the security-relevant Internet servers (like web servers for example). OpenVPN cuts a special path when using TLS and can tunnel IP packets and Ethernet frames including all superimposed protocols instead of pure application data with this.
What argues for using OpenVPN:
- Open Source: the sources are open, i.e. the code can be viewed and checked for security risks all the time
- The software will be developed permanently
- OpenVPN is widely used First implementations have been operated successful, even before IPsec has been developed. The OpenVPN community has reached 3 million users until the end of 2008.
- Very safe: OpenVPN is based ion SSL encryption technologies, the industry standard for a secure communication via Internet
- Very easy configuration: only very few settings are necessary due to the concept, i.e. less skilled persons are able to configure and use VPNs with OpenVPN safely
- Nearly no compatibility problems
- Different authentication possibilities: static key, user name/password and common CA certificate, certficate-based with public certificate and private key
- Very easy coupling of the tunnel with other systems, like DHCP, DNS or firewalls for example
- OpenVPN runs under the operating systems Linux, Windows and Mac OS as well as under various Unix derivatives
You can use all versions of the MoRoS router family of INSYS as OpenVPN router and OpenVPN server.
- Authentication of the communication partners
- Simple management, maximum security
- Adequate data encryption
- X.509 certificates
- Public/private key method