SlideShare a Scribd company logo

Learn Virtual Private Networks in 11 Steps

P
phanleson

VPNs encrypt traffic between remote locations to allow secure access to an organization's internal network. There are two main types of VPNs: user VPNs which allow individual employees to access the network remotely, and site VPNs which connect entire office locations. User VPNs require authentication of individual users while site VPNs authenticate each connected location.

Technology
1 of 29
Download to read offline
Lesson 11-Virtual Private Networks
Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques. Understand the types of VPN systems.
Define Virtual Private Networks Characteristics of VPNs: Traffic is encrypted to prevent eavesdropping. The remote site is authenticated. Multiple protocols are supported over the VPN. The connection is point to point.
Define Virtual Private Networks To access a central server, VPNs may require authentication or that both ends of the VPN authenticate each other. VPNs can handle various protocols, especially application layer protocols. Each VPN channel is distinct and uses encryption to separate traffic. There are two types of VPNs, user VPNs and site VPNs.
Deploy User VPNs VPNs between individual users’ machines and an organization’s site or network are called User VPNs. User VPNs are used for employees who either travel or telecommute. The VPN server may either be the organization’s firewall or a separate VPN server.
Deploy User VPNs While establishing a VPN, the site will request user authentication. On successful authentication, the user is allowed to access the internal network. Although the user has a VPN connection back to the organization, they still have access to the Internet.
Deploy User VPNs Benefits of User VPNs. Issues with User VPNs. Managing User VPNs.
Benefits of User VPNs Employees who are traveling can access e-mail, files, and internal systems without expensive equipment. Employees working from home can access the network’s services, just as employees working from within the organization’s facilities.
Issues with User VPNs User VPNs, if optimally utilized, can reduce an organization’s costs. Significant security risks and implementation issues must be addressed. The largest concern for security is the employee’s simultaneous connection to the Internet. The risk of malicious code being sent through the computer is high.
Issues with User VPNs Use of Trojan horse program to access an organization’s internal network.
Issues with User VPNs User VPNs require paying the same attention to user management issues as internal systems. The use of a two-factor authentication process is recommended, since VPN permits access to internal resources. Additional support for VPN users must include a personal firewall and updated anti-virus software to protect the internal network.
Managing User VPNs Managing user VPNs is primarily an issue of managing the users and their computer systems. The appropriate user management procedures should be in place and followed during employee separation. A good anti-virus software package must be installed on the user’s computer.
Deploy Site VPNs Site VPNs allow organizations to connect locations without the cost of expensive leased lines. Site VPNs authenticate each other with the use of certificates or shared secrets. Site VPNs save costs.
Deploy Site VPNs Issues: Policies and restrictions allow the organization to limit what a remote site can access or do once connected. VPNs are an extension of the company’s sites. A weak remote site is a risk, as it allows an intruder to access the internal network. A coherent and logical IP addressing scheme should be used for all sites.
Deploy Site VPNs Managing site VPNs: Monitoring the site ensures smooth communication between the sites and compliance with the policies. Routes to remote sites will need to be created on the internal network. They should be well documented to ensure that they are not deleted.
Understand Standard VPN Techniques A VPN comprises four key components: VPN server Encryption algorithms Authentication system VPN protocol
Understand Standard VPN Techniques A proper VPN architecture depends on properly identifying its requirements, including: The length of time for which information should be protected. The number of simultaneous user connections. The types of user connection expected.
Understand Standard VPN Techniques A proper VPN architecture depends on properly identifying its requirements, including (continued): The number of remote site connections. The types of VPNs that will need to connect. The amount of traffic to and from remote sites. The security policy governing the security configuration.
VPN Server The VPN server is the computer system that acts as the end for the VPN. Most VPN software vendors should be able to provide a recommended processor speed and memory configuration based on the number of simultaneous VPN connections. Some vendors also provide a means of fail-over and allow for redundant VPN servers.
VPN Server Firewall policy rules including a VPN DMZ
Encryption Algorithms The encryption used on the VPN should be a well-known, strong algorithm. If an intruder successfully intercepts a VPN communication, it indicates that they: Must have a sniffer on the path traveled by the packets, which captures the entire session. Have substantial computing power to brute-force the key and decrypt it.
Authentication System The VPN authentication system should be a two-factor system. Users can be authenticated either by what they are, have or know. Smart cards with a PIN or password are a good two-factor combination for authenticating users. If an organization chooses to use only passwords for the VPN, they should be strong and changed on a regular basis.
VPN Protocol In general, a standard protocol versus a proprietary protocol should be used with VPN. IPSec is the current standard for VPN. The primary alternative to IPSec is SSL (Secure Socket Layer).
Understand the Types of VPN Systems The primary types of VPN systems are: Hardware systems Software systems Web-based systems
Hardware Systems A hardware appliance should be used as the VPN server. This appliance runs the manufacturer’s software and may include some special hardware to improve the encryption capability of the system.
Hardware Systems Benefits are: Speed: The hardware is most likely optimized to support the VPN and thus will provide a speed advantage over a general- purpose computer system. Increased capacity: This translates into an ability to handle a greater number of simultaneous VPN connections. Security: If the hardware appliance has been specifically built for the VPN application, all extraneous software and processes must be removed from the system.
Software Systems Software VPNs are loaded on a general-purpose computer system. They may be either installed on a system dedicated to the VPN or in conjunction with other software, such as a firewall. Software VPNs can be used in the same manner as the hardware VPNs. Software is available for handling user VPNs as well as site VPNs.
Web-based Systems Using web-based VPNs does not require software to be loaded on the client, thus decreasing the administrative and managerial workload. Web-based VPNs are limited to what applications can be used and how the client connects to them.
Summary VPNs may require authentication to access a central server or that both VPN ends authenticate each other. There are two types of VPNs: user VPNs and site VPNs. While establishing a VPN, the site will request user authentication. Successful authentication allows the user to access the internal network. Although the user has a VPN connection back to the organization, they still have access to the Internet.

Recommended

The vpn
The vpnThe vpn
The vpnAbhinav Dwivedi
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
The Virtual Private Network
The Virtual Private NetworkThe Virtual Private Network
The Virtual Private NetworkAbhinav Dwivedi
 
Firewall vpn proxy
Firewall vpn proxyFirewall vpn proxy
Firewall vpn proxySANKET SENAPATI
 
Firewall notes
Firewall notesFirewall notes
Firewall notesnetlabacademy
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Firewall
FirewallFirewall
Firewallthinkahead.net
 
Firewall
FirewallFirewall
FirewallMudasser Afzal
 

Recommended

The vpn
The vpnThe vpn
The vpnAbhinav Dwivedi
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
The Virtual Private Network
The Virtual Private NetworkThe Virtual Private Network
The Virtual Private NetworkAbhinav Dwivedi
 
Firewall vpn proxy
Firewall vpn proxyFirewall vpn proxy
Firewall vpn proxySANKET SENAPATI
 
Firewall notes
Firewall notesFirewall notes
Firewall notesnetlabacademy
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Firewall
FirewallFirewall
Firewallthinkahead.net
 
Firewall
FirewallFirewall
FirewallMudasser Afzal
 
Assignment on windows firewall
Assignment on windows firewallAssignment on windows firewall
Assignment on windows firewallMd Shihab
 
firewall
firewallfirewall
firewallChirag Patel
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Windows firewall
Windows firewallWindows firewall
Windows firewallVC Infotech
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallManish Kumar
 
Firewall
FirewallFirewall
Firewallsyeda zoya mehdi
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRajendra Dangwal
 
Firewalls
FirewallsFirewalls
FirewallsUniversity of Central Punjab
 
Firewall
FirewallFirewall
FirewallManikyala Rao
 
Android Firewall project
Android Firewall projectAndroid Firewall project
Android Firewall projectKarunakar Singh Thakur
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Sabreen Irfana
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configurationSoban Ahmad
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its ServicesNavdeep Dhingra
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 
Ch07 Managing Risk
Ch07 Managing RiskCh07 Managing Risk
Ch07 Managing Riskphanleson
 
Ch14 Desktop Protection
Ch14 Desktop ProtectionCh14 Desktop Protection
Ch14 Desktop Protectionphanleson
 

More Related Content

What's hot

Assignment on windows firewall
Assignment on windows firewallAssignment on windows firewall
Assignment on windows firewallMd Shihab
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Windows firewall
Windows firewallWindows firewall
Windows firewallVC Infotech
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallManish Kumar
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Sabreen Irfana
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configurationSoban Ahmad
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 

What's hot (20)

Assignment on windows firewall
Assignment on windows firewallAssignment on windows firewall
Assignment on windows firewall
 
firewall
firewallfirewall
firewall
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer network
 
Firewall
Firewall Firewall
Firewall
 
Windows firewall
Windows firewallWindows firewall
Windows firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewalls
FirewallsFirewalls
Firewalls
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Android Firewall project
Android Firewall projectAndroid Firewall project
Android Firewall project
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt
 
Windows 7 firewall & its configuration
Windows 7 firewall & its configurationWindows 7 firewall & its configuration
Windows 7 firewall & its configuration
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its Services
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
 
Firewall
FirewallFirewall
Firewall
 

Viewers also liked

Ch07 Managing Risk
Ch07 Managing RiskCh07 Managing Risk
Ch07 Managing Riskphanleson
 
Ch14 Desktop Protection
Ch14 Desktop ProtectionCh14 Desktop Protection
Ch14 Desktop Protectionphanleson
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 
Ch18 Internet Security
Ch18 Internet SecurityCh18 Internet Security
Ch18 Internet Securityphanleson
 
Ch08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comCh08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comphanleson
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryptionphanleson
 
Ch09 Information Security Best Practices
Ch09 Information Security Best PracticesCh09 Information Security Best Practices
Ch09 Information Security Best Practicesphanleson
 

Viewers also liked (8)

Ch07 Managing Risk
Ch07 Managing RiskCh07 Managing Risk
Ch07 Managing Risk
 
Ch14 Desktop Protection
Ch14 Desktop ProtectionCh14 Desktop Protection
Ch14 Desktop Protection
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
 
Ch18 Internet Security
Ch18 Internet SecurityCh18 Internet Security
Ch18 Internet Security
 
Ch08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comCh08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.com
 
Ch06 Policy
Ch06 PolicyCh06 Policy
Ch06 Policy
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
 
Ch09 Information Security Best Practices
Ch09 Information Security Best PracticesCh09 Information Security Best Practices
Ch09 Information Security Best Practices
 

Similar to Learn Virtual Private Networks in 11 Steps

Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRajan Kumar
 
Virtual private network
Virtual private networkVirtual private network
Virtual private networkVINAY GATLA
 
csevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfcsevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfHirazNor
 
Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefitsAnthony Daniel
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRicha Singh
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Ertugrul Akbas
 
Developing a VPN Policy and EnforcingVPN Best PracticesEnt.docx
Developing a VPN Policy and EnforcingVPN Best PracticesEnt.docxDeveloping a VPN Policy and EnforcingVPN Best PracticesEnt.docx
Developing a VPN Policy and EnforcingVPN Best PracticesEnt.docxlynettearnold46882
 
Top vpn interview question and answer
Top vpn interview question and answerTop vpn interview question and answer
Top vpn interview question and answerHub4Tech.com
 
Implementing vpn using direct access technology
Implementing vpn using direct access technologyImplementing vpn using direct access technology
Implementing vpn using direct access technologyferasfarag
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)sonalikasingh15
 

Similar to Learn Virtual Private Networks in 11 Steps (20)

Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Insights of vpn
Insights of vpnInsights of vpn
Insights of vpn
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 
csevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfcsevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdf
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 
Virtual private network feature and benefits
Virtual private network feature and benefitsVirtual private network feature and benefits
Virtual private network feature and benefits
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
WLAN:VPN Security
WLAN:VPN SecurityWLAN:VPN Security
WLAN:VPN Security
 
Vp npresentation 2
Vp npresentation 2Vp npresentation 2
Vp npresentation 2
 
Vpn alternative whitepaper
Vpn alternative whitepaperVpn alternative whitepaper
Vpn alternative whitepaper
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
 
VPN
VPN VPN
VPN
 
Vp npresentation (1)
Vp npresentation (1)Vp npresentation (1)
Vp npresentation (1)
 
Developing a VPN Policy and EnforcingVPN Best PracticesEnt.docx
Developing a VPN Policy and EnforcingVPN Best PracticesEnt.docxDeveloping a VPN Policy and EnforcingVPN Best PracticesEnt.docx
Developing a VPN Policy and EnforcingVPN Best PracticesEnt.docx
 
Top vpn interview question and answer
Top vpn interview question and answerTop vpn interview question and answer
Top vpn interview question and answer
 
Implementing vpn using direct access technology
Implementing vpn using direct access technologyImplementing vpn using direct access technology
Implementing vpn using direct access technology
 
Vpn rsvp
Vpn rsvpVpn rsvp
Vpn rsvp
 
Vp npresentation
Vp npresentationVp npresentation
Vp npresentation
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)
 
Shradhamaheshwari vpn
Shradhamaheshwari vpnShradhamaheshwari vpn
Shradhamaheshwari vpn
 

More from phanleson

Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Sparkphanleson
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hackingphanleson
 
Authentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless ProtocolsAuthentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless Protocolsphanleson
 
E-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server AttacksE-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server Attacksphanleson
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applicationsphanleson
 
HBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table designHBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table designphanleson
 
HBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - OperationsHBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - Operationsphanleson
 
Hbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBaseHbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBasephanleson
 
Learning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlibLearning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlibphanleson
 
Learning spark ch10 - Spark Streaming
Learning spark ch10 - Spark StreamingLearning spark ch10 - Spark Streaming
Learning spark ch10 - Spark Streamingphanleson
 
Learning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQLLearning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQLphanleson
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Clusterphanleson
 
Learning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark ProgrammingLearning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark Programmingphanleson
 
Learning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your DataLearning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your Dataphanleson
 
Learning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value PairsLearning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value Pairsphanleson
 
Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Sparkphanleson
 
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about LibertagiaHướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagiaphanleson
 
Lecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLLecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLphanleson
 
Lecture 4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the WebLecture 4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the Webphanleson
 

More from phanleson (20)

Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
 
Authentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless ProtocolsAuthentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless Protocols
 
E-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server AttacksE-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server Attacks
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
HBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table designHBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table design
 
HBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - OperationsHBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - Operations
 
Hbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBaseHbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBase
 
Learning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlibLearning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlib
 
Learning spark ch10 - Spark Streaming
Learning spark ch10 - Spark StreamingLearning spark ch10 - Spark Streaming
Learning spark ch10 - Spark Streaming
 
Learning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQLLearning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQL
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Cluster
 
Learning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark ProgrammingLearning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark Programming
 
Learning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your DataLearning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your Data
 
Learning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value PairsLearning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value Pairs
 
Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
 
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about LibertagiaHướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
 
Lecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLLecture 1 - Getting to know XML
Lecture 1 - Getting to know XML
 
Lecture 4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the WebLecture 4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the Web
 

Recently uploaded

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Recently uploaded (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Learn Virtual Private Networks in 11 Steps

  • 2. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques. Understand the types of VPN systems.
  • 3. Define Virtual Private Networks Characteristics of VPNs: Traffic is encrypted to prevent eavesdropping. The remote site is authenticated. Multiple protocols are supported over the VPN. The connection is point to point.
  • 4. Define Virtual Private Networks To access a central server, VPNs may require authentication or that both ends of the VPN authenticate each other. VPNs can handle various protocols, especially application layer protocols. Each VPN channel is distinct and uses encryption to separate traffic. There are two types of VPNs, user VPNs and site VPNs.
  • 5. Deploy User VPNs VPNs between individual users’ machines and an organization’s site or network are called User VPNs. User VPNs are used for employees who either travel or telecommute. The VPN server may either be the organization’s firewall or a separate VPN server.
  • 6. Deploy User VPNs While establishing a VPN, the site will request user authentication. On successful authentication, the user is allowed to access the internal network. Although the user has a VPN connection back to the organization, they still have access to the Internet.
  • 7. Deploy User VPNs Benefits of User VPNs. Issues with User VPNs. Managing User VPNs.
  • 8. Benefits of User VPNs Employees who are traveling can access e-mail, files, and internal systems without expensive equipment. Employees working from home can access the network’s services, just as employees working from within the organization’s facilities.
  • 9. Issues with User VPNs User VPNs, if optimally utilized, can reduce an organization’s costs. Significant security risks and implementation issues must be addressed. The largest concern for security is the employee’s simultaneous connection to the Internet. The risk of malicious code being sent through the computer is high.
  • 10. Issues with User VPNs Use of Trojan horse program to access an organization’s internal network.
  • 11. Issues with User VPNs User VPNs require paying the same attention to user management issues as internal systems. The use of a two-factor authentication process is recommended, since VPN permits access to internal resources. Additional support for VPN users must include a personal firewall and updated anti-virus software to protect the internal network.
  • 12. Managing User VPNs Managing user VPNs is primarily an issue of managing the users and their computer systems. The appropriate user management procedures should be in place and followed during employee separation. A good anti-virus software package must be installed on the user’s computer.
  • 13. Deploy Site VPNs Site VPNs allow organizations to connect locations without the cost of expensive leased lines. Site VPNs authenticate each other with the use of certificates or shared secrets. Site VPNs save costs.
  • 14. Deploy Site VPNs Issues: Policies and restrictions allow the organization to limit what a remote site can access or do once connected. VPNs are an extension of the company’s sites. A weak remote site is a risk, as it allows an intruder to access the internal network. A coherent and logical IP addressing scheme should be used for all sites.
  • 15. Deploy Site VPNs Managing site VPNs: Monitoring the site ensures smooth communication between the sites and compliance with the policies. Routes to remote sites will need to be created on the internal network. They should be well documented to ensure that they are not deleted.
  • 16. Understand Standard VPN Techniques A VPN comprises four key components: VPN server Encryption algorithms Authentication system VPN protocol
  • 17. Understand Standard VPN Techniques A proper VPN architecture depends on properly identifying its requirements, including: The length of time for which information should be protected. The number of simultaneous user connections. The types of user connection expected.
  • 18. Understand Standard VPN Techniques A proper VPN architecture depends on properly identifying its requirements, including (continued): The number of remote site connections. The types of VPNs that will need to connect. The amount of traffic to and from remote sites. The security policy governing the security configuration.
  • 19. VPN Server The VPN server is the computer system that acts as the end for the VPN. Most VPN software vendors should be able to provide a recommended processor speed and memory configuration based on the number of simultaneous VPN connections. Some vendors also provide a means of fail-over and allow for redundant VPN servers.
  • 20. VPN Server Firewall policy rules including a VPN DMZ
  • 21. Encryption Algorithms The encryption used on the VPN should be a well-known, strong algorithm. If an intruder successfully intercepts a VPN communication, it indicates that they: Must have a sniffer on the path traveled by the packets, which captures the entire session. Have substantial computing power to brute-force the key and decrypt it.
  • 22. Authentication System The VPN authentication system should be a two-factor system. Users can be authenticated either by what they are, have or know. Smart cards with a PIN or password are a good two-factor combination for authenticating users. If an organization chooses to use only passwords for the VPN, they should be strong and changed on a regular basis.
  • 23. VPN Protocol In general, a standard protocol versus a proprietary protocol should be used with VPN. IPSec is the current standard for VPN. The primary alternative to IPSec is SSL (Secure Socket Layer).
  • 24. Understand the Types of VPN Systems The primary types of VPN systems are: Hardware systems Software systems Web-based systems
  • 25. Hardware Systems A hardware appliance should be used as the VPN server. This appliance runs the manufacturer’s software and may include some special hardware to improve the encryption capability of the system.
  • 26. Hardware Systems Benefits are: Speed: The hardware is most likely optimized to support the VPN and thus will provide a speed advantage over a general- purpose computer system. Increased capacity: This translates into an ability to handle a greater number of simultaneous VPN connections. Security: If the hardware appliance has been specifically built for the VPN application, all extraneous software and processes must be removed from the system.
  • 27. Software Systems Software VPNs are loaded on a general-purpose computer system. They may be either installed on a system dedicated to the VPN or in conjunction with other software, such as a firewall. Software VPNs can be used in the same manner as the hardware VPNs. Software is available for handling user VPNs as well as site VPNs.
  • 28. Web-based Systems Using web-based VPNs does not require software to be loaded on the client, thus decreasing the administrative and managerial workload. Web-based VPNs are limited to what applications can be used and how the client connects to them.
  • 29. Summary VPNs may require authentication to access a central server or that both VPN ends authenticate each other. There are two types of VPNs: user VPNs and site VPNs. While establishing a VPN, the site will request user authentication. Successful authentication allows the user to access the internal network. Although the user has a VPN connection back to the organization, they still have access to the Internet.