Virtual Private Network
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Virtual Private Network

on

  • 425 views

 

Statistics

Views

Total Views
425
Views on SlideShare
424
Embed Views
1

Actions

Likes
0
Downloads
17
Comments
0

1 Embed 1

http://www.slideshare.net 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Virtual Private Network Presentation Transcript

  • 1. Virtual Private Networks
  • 2. VPN
    • VPN Defined
    • Tunneling
    • IPSec
    • VPN implementation
    • VPN drawbacks
  • 3. VPN Defined
    • Virtual Private Networks are subscription based
    • VPN service is provided by long distance carriers such as AT&T
    • VPN was developed in 1995 by the Automotive Industry Action Group to facilitate communication in a secure way among automotive manufacturers, dealers, and suppliers
    • VPN is expensive
    • VPN provides a secure pathway for data from end to end among multiple computers
  • 4. VPN Defined
    • WAN connections between the main corporate network and branch offices require flexibility
    • Use of dedicated leased lines or frame-relay circuits are expensive
    • Such circuits do not provide the flexibility required for quickly creating new partner links or supporting project teams in the field
    • Number of telecommuters is growing
    • Sales force is becoming more mobile
    • Building modem banks and remote-access servers do not provide the necessary flexibility for growth
  • 5. VPN Defined
    • VPN uses one of the following two methods:
      • Point-to-Point Tunneling
      • IPSec
    • VPN connection can be set up using:
      • Traditional phone lines
      • ISDN
      • DSL
      • Cable modem
      • Wireless
    • VPN uses TCP/IP layers 1 and 2
    • VPNs are used for remote access
  • 6. Tunneling
    • Tunnels are special pathways through public Internet
    • Tunnel is a logical path using a special encryption method
    • Tunneling allows one network to send data through another network securely
    • Microsoft provides PPTP (Point-to-Point Tunneling Protocol) software
  • 7. Tunneling
    • PPTP is based on PPP and TCP/IP
    • PPP offers authentication, privacy, and compression
    • IP provides routing capability for the packet
    • Tunneling is achieved by PPTP by wrapping information inside IP packets
  • 8. Tunneling Diagram Internet Wireless unit Main office Branch Office
  • 9. IPSec
    • IPSec was developed for IPv6
    • IPv4 devices also support IPSec
    • When IPSec encrypts data only, it is called transport security
    • When IPSec encrypts the entire packet it is called a tunnel
    • VPN helps eliminate IP spoofing and packet sniffing
    • In remote connections, users connect using a local ISP to establish the VPN connection
    • VPN service is usually outsourced to large telcos
  • 10. IPSec
    • IP layer security is obtained using an Authentication Header Protocol (AHP) which contains information such as a packet sequence number and an integrity check value like CRC
    • Another method used is Encapsulating Security Payload Protocol (ESPP) which encrypts the entire packet. This conceals the actual payload size.
  • 11. IPSec
    • ESP supports many encryption protocols
    • ESP uses a security parameter index, which is a 32-bit number that contains information about the security protocols, algorithms, and keys used in encryption
    • ESP’s default encryption method is DES Cipher Block Chaining method
  • 12. VPN Implementation
    • VPN support is built into Microsoft server operating systems
    • VPN is simple to set up
    • Some of the main issues to be considered in implementing a VPN are as follows:
      • supported platforms (UNIX, Windows, Mac)
      • proprietary or open solution (standards support)
      • ease of use (end user and network manager/SNMP)
      • performance (pkts/sec, encryption bandwidth, compression)
  • 13. VPN Implementation
      • strength of security
      • firewall inter-operability
      • network address translation (NAT)
      • mobile user support
      • key and policy management, authentication
      • scalability
      • cost
    • VPN solution can be either hardware or software based. Software based solutions do not provide the same level of security as hardware based solutions
  • 14. VPN Implementation
    • VPN helps services such as FTP and Telnet which are usually sent in plaintext
    • VPNs can be part of firewalls. In such cases it can handle only traffic rates at 1 or 2 Mbps
    • Other VPN software available are Cisco’s L2F (Layer 2 Functionality) and L2TP (Layer 2 Tunneling Protocol) designed by IETF
  • 15. VPN Drawbacks
    • VPN devices are not fault tolerant
    • Software solutions are not very effective in large networks
    • VPN follows the maxim “Law of diminishing returns,” namely, higher the security lower the simplicity
  • 16. References
    • VPN http://www.csm.ornl.gov/~dunigan/vpn.html
    • VPN http://www.iec.org/online/tutorials/vpn/topic01.html
    • VPN http://www.intranetjournal.com/foundation/vpn-1.shtml
  • 17. References
    • VPN http://www.cis.ohio-state.edu/~jain/refs/refs_vpn.htm
    • L2TP http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/vpn.htm#xtocid2
  • 18. Security Scenario to Solve
    • You are given the responsibility to identify a VPN solution for corporate use. The organization has an extremely mobile sales force and 5 regional offices spread throughout the country. Evaluate three hardware-based and three software-based solutions for VPN. Specify the advantages and disadvantages of each solution recommended. Identify the cost for each product.