6 Chapter 6 (Ii)


Published on

Published in: Business, Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

6 Chapter 6 (Ii)

  1. 1. WXGE6315 Virtual Private Network
  2. 2. Introduction <ul><li>A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet . </li></ul><ul><li>It allows two or more private networks to be connected over a publicly accessed network. </li></ul><ul><li>VPNs have the same security and encryption features as a private network, while taking the advantage of the economies of scale and remote accessibility of large public networks. </li></ul><ul><li>Normally, we can send data between two computers across a shared or public network in a manner that emulates a point-to-point private link. </li></ul>
  3. 3. Introduction <ul><li>To emulate a point-to-point link, data is encapsulated , or wrapped, with a header that provides routing information, which allows the data to traverse the shared or public network to reach its endpoint. </li></ul>
  4. 4. Introduction <ul><li>There are two types of VPN technology in Windows 2000: </li></ul><ul><ul><li>Point-to-Point Tunneling Protocol (PPTP) </li></ul></ul><ul><ul><ul><li>PPTP uses user-level Point-to-Point Protocol (PPP) authentication methods and Microsoft Point-to-Point Encryption (MPPE) for data encryption. </li></ul></ul></ul><ul><ul><li>Layer Two Tunneling Protocol (L2TP) with Internet Protocol security (IPSec) </li></ul></ul><ul><ul><ul><li>L2TP uses user-level PPP authentication methods and machine-level certificates with IPSec for data encryption. </li></ul></ul></ul>
  5. 5. VPN Connections <ul><li>There are two types of VPN connections: </li></ul><ul><ul><li>Remote access VPN connection </li></ul></ul><ul><ul><li>Router-to-router VPN connection </li></ul></ul><ul><li>Remote access VPN connection </li></ul><ul><ul><li>A remote access client (a single user computer) makes a remote access VPN connection that connects to a private network. </li></ul></ul><ul><ul><li>The VPN server provides access to the resources of the VPN server or to the entire network to which the VPN server is attached. </li></ul></ul><ul><ul><li>The remote access client (the VPN client) authenticates itself to the remote access server </li></ul></ul><ul><ul><li>(the VPN server) and, for mutual authentication, the server authenticates itself to the client . </li></ul></ul>
  6. 6. VPN Connections <ul><li>Router-to-router VPN connection </li></ul><ul><ul><li>A router makes a router-to-router VPN connection that connects two portions of a private network. </li></ul></ul><ul><ul><li>The VPN server provides a routed connection to the network to which the VPN server is attached. </li></ul></ul><ul><ul><li>The calling router (the VPN client) authenticates itself to the answering router (the VPN server) and, for mutual authentication, the answering router authenticates itself to the calling router. </li></ul></ul>
  7. 7. Types of VPN <ul><li>Internet Based VPN </li></ul><ul><ul><li>Remote Access over the Internet </li></ul></ul><ul><ul><ul><li>By using the established physical connection to the local ISP , the remote access client initiates a VPN connection across the Internet to the organization's VPN server . </li></ul></ul></ul><ul><ul><ul><li>Once the VPN connection is created, the remote access client can access the resources of the private intranet. </li></ul></ul></ul><ul><ul><li>Connecting networks over the Internet </li></ul></ul><ul><ul><ul><li>When networks are connected over the Internet, a router forwards packets to another router across a VPN connection . </li></ul></ul></ul>
  8. 8. Types of VPN <ul><ul><li>Remote Access over the Internet </li></ul></ul><ul><ul><li>Connecting Networks over the Internet </li></ul></ul>
  9. 9. Types of VPN <ul><li>Using dedicated WAN links </li></ul><ul><ul><li>The branch office routers are connected to the Internet by using local dedicated WAN links to a local ISP . </li></ul></ul><ul><ul><li>A router-to-router VPN connection is then initiated by either router across the Internet. </li></ul></ul><ul><ul><li>Once connected, routers can forward directed or routing protocol traffic to each other by using the VPN connection. </li></ul></ul><ul><li>Using dial-up WAN links </li></ul><ul><ul><li>By using the established connection to the local ISP , a router-to-router VPN connection is initiated by the branch office router to the corporate office router across the Internet. </li></ul></ul><ul><ul><li>The corporate office router acts as a VPN server and must be connected to a local ISP by using a dedicated WAN link . </li></ul></ul>
  10. 10. Types of VPN <ul><li>Intranet Based VPN </li></ul><ul><ul><li>Remote Access over an Intranet </li></ul></ul><ul><ul><ul><li>The department's network is physically connected to the organization intranet but separated by a VPN server . </li></ul></ul></ul><ul><ul><ul><li>Users on the organization intranet with the appropriate permissions can establish a remote access VPN connection with the VPN server and access the protected resources of the sensitive department's network. </li></ul></ul></ul>
  11. 11. Types of VPN <ul><ul><li>Remote Access over an Intranet </li></ul></ul>
  12. 12. Types of VPN <ul><ul><li>Connecting Networks over an Intranet </li></ul></ul>
  13. 13. Types of VPN <ul><ul><li>Connecting networks over an Intranet </li></ul></ul><ul><ul><ul><li>Organizations with departments in separate locations, whose data is highly sensitive, may use a router-to-router VPN connection to communicate with each other. </li></ul></ul></ul><ul><ul><ul><li>The differences departments are connected to the common intranet with computers that can act as VPN clients or VPN servers . </li></ul></ul></ul><ul><ul><ul><li>Once the VPN connection is established , users on computers on either network can exchange sensitive data across the corporate intranet. </li></ul></ul></ul>
  14. 14. VPN Implementations <ul><li>VPN implementations can be grouped into three primary categories: </li></ul><ul><ul><li>Intranet VPNs </li></ul></ul><ul><ul><li>Remote Access VPNs </li></ul></ul><ul><ul><li>Extranet VPNs </li></ul></ul><ul><li>Intranet VPNs </li></ul><ul><ul><li>Secure communications between a company’s internal departments and its branch offices </li></ul></ul><ul><ul><li>Strong encryption to accommodate the high-speed links present in internal LANs </li></ul></ul><ul><ul><li>reliability to ensure the prioritization of mission-critical applications </li></ul></ul>
  15. 15. VPN Implementations <ul><ul><li>Ease of administration to accommodate the changing requirements of new users, new offices and new applications. </li></ul></ul>
  16. 16. VPN Implementations <ul><li>Remote Access VPNs </li></ul><ul><ul><li>Remote Access VPNs between a company and its remote and/or mobile employees. </li></ul></ul><ul><ul><li>Reliability and Quality of Service are important. </li></ul></ul><ul><ul><li>Strong authentication is critical. </li></ul></ul><ul><ul><li>Require centralized management and a high degree of scalability to handle the multitude of VPN links, as well as the vast number of users accessing the VPN. </li></ul></ul>
  17. 17. VPN Implementations
  18. 18. VPN Implementations <ul><li>Extranet VPNs </li></ul><ul><ul><li>It require an open, standards-based solution to ensure interoperability with the various solutions that the business partners might implement. </li></ul></ul><ul><ul><li>Traffic control is important. </li></ul></ul>