Uploaded on

 

More in: Business , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
530
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
36
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Network Admin Virtual Private Networks Colm Bennett
  • 2. VPN - Contents
    • What is a VPN?
    • Key Advantages
    • Key Features
    • Example
  • 3. What is a VPN?
    • Real world definition
      • a VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together
    • As opposed to constructing a WAN using private lines (leased lines, microwave connection etc.)
  • 4. Key Advantages
    • Cost
      • Main Reason!
      • Old style private networks with leased lines were exponentially more expensive
      • Remote access via dial up modem pools was also very costly for international users
    • Scalability
      • Much easier to scale than old style private networks where lead time on leased lines might be in months
  • 5. Evolution
    • Large Companies/Leased Lines
    • 3 rd Party VPN providers (large telecoms providers mainly, e.g. BT/Concert in 90's)
    • Move to in house VPNs
      • Reduced cost of equipment
      • Increased confidence in security
    • Currently there is emergence of 3 rd Party involvement again as VPN management is outsourced
  • 6. VPN – Key Features
    • Tunneling
    • Encryption
    • Enhanced Authentication
    • Standardised client security features
  • 7. VPN - Tunneling
    • Tunneling means encapsulating private network traffic before sending it via public network
    • Three protocols involved
      • Carrier protocol – the public network protocol, usually IP
      • Encapsulating protocol – protocol used to encapsulate the data, e.g. GRE, IPSec
      • Passenger Protocol – protocol used on private network, e.g. IP (private address space possible)
  • 8. VPN - Encryption
    • Data confidentiality and integrity are vital in a VPN solution
    • Encapsulated packet is encrypted so that packet sniffing on public network cannot unravel private communication
    • Various schemes to ensure integrity of data including tamper proofing and checking origin of source
  • 9. VPN - IPSec
    • IPSec is a suite of protocols that covers a number of aspects relevant to VPNs
    • Tunnel Mode encrypts both header and data, i.e. IPSec can be the encapsulating protocol
    • Also provides integrity and authentication and non-repudiation
    • Default protocol used for most Cisco VPN solutions
  • 10. VPN - SSL
    • Standard Cisco IPSec VPN remote access requires local software installation
    • User pressure for no-install, use anywhere remote access
    • SSL VPN allows remote access via an SSL secuted web site
    • Usually paired with two factor device for added security
  • 11. Authentication
    • As well as normal network authentication for users, VPN connection has special authentication
    • Site to site may use Digital Signature
    • Remote users may be asked to use a two factor token device like RSA SecurID (demo)
  • 12. Standardised Security
    • Move to a VPN within a company will also usually invovle standardising security across all connecting LANs
    • Small sub offices joining main network – much greater potential impact of a virus outbreak in small office
    • Remote access users may be forced to run standard firewall/anti virus
  • 13. Example
    • Discussion of current live project (European VPN)