Your SlideShare is downloading. ×
0
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Virtual Private Network
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Virtual Private Network

363

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
363
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Virtual Private Networks
  • 2. VPN <ul><li>VPN Defined </li></ul><ul><li>Tunneling </li></ul><ul><li>IPSec </li></ul><ul><li>VPN implementation </li></ul><ul><li>VPN drawbacks </li></ul>
  • 3. VPN Defined <ul><li>Virtual Private Networks are subscription based </li></ul><ul><li>VPN service is provided by long distance carriers such as AT&amp;T </li></ul><ul><li>VPN was developed in 1995 by the Automotive Industry Action Group to facilitate communication in a secure way among automotive manufacturers, dealers, and suppliers </li></ul><ul><li>VPN is expensive </li></ul><ul><li>VPN provides a secure pathway for data from end to end among multiple computers </li></ul>
  • 4. VPN Defined <ul><li>WAN connections between the main corporate network and branch offices require flexibility </li></ul><ul><li>Use of dedicated leased lines or frame-relay circuits are expensive </li></ul><ul><li>Such circuits do not provide the flexibility required for quickly creating new partner links or supporting project teams in the field </li></ul><ul><li>Number of telecommuters is growing </li></ul><ul><li>Sales force is becoming more mobile </li></ul><ul><li>Building modem banks and remote-access servers do not provide the necessary flexibility for growth </li></ul>
  • 5. VPN Defined <ul><li>VPN uses one of the following two methods: </li></ul><ul><ul><li>Point-to-Point Tunneling </li></ul></ul><ul><ul><li>IPSec </li></ul></ul><ul><li>VPN connection can be set up using: </li></ul><ul><ul><li>Traditional phone lines </li></ul></ul><ul><ul><li>ISDN </li></ul></ul><ul><ul><li>DSL </li></ul></ul><ul><ul><li>Cable modem </li></ul></ul><ul><ul><li>Wireless </li></ul></ul><ul><li>VPN uses TCP/IP layers 1 and 2 </li></ul><ul><li>VPNs are used for remote access </li></ul>
  • 6. Tunneling <ul><li>Tunnels are special pathways through public Internet </li></ul><ul><li>Tunnel is a logical path using a special encryption method </li></ul><ul><li>Tunneling allows one network to send data through another network securely </li></ul><ul><li>Microsoft provides PPTP (Point-to-Point Tunneling Protocol) software </li></ul>
  • 7. Tunneling <ul><li>PPTP is based on PPP and TCP/IP </li></ul><ul><li>PPP offers authentication, privacy, and compression </li></ul><ul><li>IP provides routing capability for the packet </li></ul><ul><li>Tunneling is achieved by PPTP by wrapping information inside IP packets </li></ul>
  • 8. Tunneling Diagram Internet Wireless unit Main office Branch Office
  • 9. IPSec <ul><li>IPSec was developed for IPv6 </li></ul><ul><li>IPv4 devices also support IPSec </li></ul><ul><li>When IPSec encrypts data only, it is called transport security </li></ul><ul><li>When IPSec encrypts the entire packet it is called a tunnel </li></ul><ul><li>VPN helps eliminate IP spoofing and packet sniffing </li></ul><ul><li>In remote connections, users connect using a local ISP to establish the VPN connection </li></ul><ul><li>VPN service is usually outsourced to large telcos </li></ul>
  • 10. IPSec <ul><li>IP layer security is obtained using an Authentication Header Protocol (AHP) which contains information such as a packet sequence number and an integrity check value like CRC </li></ul><ul><li>Another method used is Encapsulating Security Payload Protocol (ESPP) which encrypts the entire packet. This conceals the actual payload size. </li></ul>
  • 11. IPSec <ul><li>ESP supports many encryption protocols </li></ul><ul><li>ESP uses a security parameter index, which is a 32-bit number that contains information about the security protocols, algorithms, and keys used in encryption </li></ul><ul><li>ESP’s default encryption method is DES Cipher Block Chaining method </li></ul>
  • 12. VPN Implementation <ul><li>VPN support is built into Microsoft server operating systems </li></ul><ul><li>VPN is simple to set up </li></ul><ul><li>Some of the main issues to be considered in implementing a VPN are as follows: </li></ul><ul><ul><li>supported platforms (UNIX, Windows, Mac) </li></ul></ul><ul><ul><li>proprietary or open solution (standards support) </li></ul></ul><ul><ul><li>ease of use (end user and network manager/SNMP) </li></ul></ul><ul><ul><li>performance (pkts/sec, encryption bandwidth, compression) </li></ul></ul>
  • 13. VPN Implementation <ul><ul><li>strength of security </li></ul></ul><ul><ul><li>firewall inter-operability </li></ul></ul><ul><ul><li>network address translation (NAT) </li></ul></ul><ul><ul><li>mobile user support </li></ul></ul><ul><ul><li>key and policy management, authentication </li></ul></ul><ul><ul><li>scalability </li></ul></ul><ul><ul><li>cost </li></ul></ul><ul><li>VPN solution can be either hardware or software based. Software based solutions do not provide the same level of security as hardware based solutions </li></ul>
  • 14. VPN Implementation <ul><li>VPN helps services such as FTP and Telnet which are usually sent in plaintext </li></ul><ul><li>VPNs can be part of firewalls. In such cases it can handle only traffic rates at 1 or 2 Mbps </li></ul><ul><li>Other VPN software available are Cisco’s L2F (Layer 2 Functionality) and L2TP (Layer 2 Tunneling Protocol) designed by IETF </li></ul>
  • 15. VPN Drawbacks <ul><li>VPN devices are not fault tolerant </li></ul><ul><li>Software solutions are not very effective in large networks </li></ul><ul><li>VPN follows the maxim “Law of diminishing returns,” namely, higher the security lower the simplicity </li></ul>
  • 16. References <ul><li>VPN http://www.csm.ornl.gov/~dunigan/vpn.html </li></ul><ul><li>VPN http://www.iec.org/online/tutorials/vpn/topic01.html </li></ul><ul><li>VPN http://www.intranetjournal.com/foundation/vpn-1.shtml </li></ul>
  • 17. References <ul><li>VPN http://www.cis.ohio-state.edu/~jain/refs/refs_vpn.htm </li></ul><ul><li>L2TP http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/vpn.htm#xtocid2 </li></ul>
  • 18. Security Scenario to Solve <ul><li>You are given the responsibility to identify a VPN solution for corporate use. The organization has an extremely mobile sales force and 5 regional offices spread throughout the country. Evaluate three hardware-based and three software-based solutions for VPN. Specify the advantages and disadvantages of each solution recommended. Identify the cost for each product. </li></ul>

×