2. Objectives
โข What is VPN
โข Discuss Various VPN Technologies
โข Compare and Contrast VPN technologies
โข Determine which CPN technology is best suited to tackle various security issues
3. What is VPN
โข VPN allows the creation of an encrypted connection over a public network.
โข Such as a network owned by a service provider or the internet.
6. IPSec
โข The IPSec protocol is implemented in the network layer.
โข Two basic features are provided by IPSec; authentication and confidentiality.
โข IPSec Uses two protocols to ensure Confidentiality and Authentication.
โข Authentication header (AH): authenticates the origin of IP packets (datagrams)
and guarantees the integrity of the data.
โข Encapsulation Security Payload (ESP): it provides origin authenticity, integrity
and confidentiality protection of packets.
โข IPSec uses two modes to transmit data:
โข Tunnel mode: delivers services to and from gateways in the same organisation
โข Transport mode: delivers services from host to host or from host to gate way
within an organisation or even end-to-end devices across the entire network
7. SSL
โข The SSL is a two-layer protocol that operates between the application layer and
the transport layer of the OSI mode.
โข Two layers are provided by SSL:
โข SSL Record Protocol: provides confidentiality and message integrity
โข Upper-layer carrying protocol: provides data encryption.
โข SSL Handshake Protocol: allows the server and client to authenticate each other.
โข Negotiate an encryption and message authentication code (MAC) algorithm.
โข Negotiate cryptographic keys to be used to protect data sent in an SSL record.
โข Change Cipher Spec: consists of a single message causes the pending state to be copied
into the current state, which updates the cipher suite to be used on this connection.
โข SSL Alert Protocol: used to convey SSL-related alerts to the peer entity.
9. Conclusion
โข The use of SSL and IPSec technologies in VPNs have major advantages and
disadvantages.
โข Both technology operate at different levels and both have different mode of
operation.
โข Therefore, it will be inaccurate the conclude that one is generally better than the
other is, especially when it comes to taking into consideration different factors
such as security, cost, accessibility, scalability and maintenance.
โข The most suitable VPN technology for securing end-to-end systems is the IPSec
technology.
โข for unlimited accessibility and mobility, ease of use, management and cost
effectiveness, the SSL technology could bring greater benefits
โข Notwithstanding, to enjoy a more comfortable network environment that will be
of great benefit in terms of security, cost, accessibility, scalability and
maintenance, the power of both technologies can be combined to actualize a safer
and more flexible network environment
10. References
โข Chaki, R., Saeed, K., Choudhury, S. & Chaki, N., 2014. Applied Computation and Security
Systems: Volume One. 1st ed. New Delhi: Springer India.
โข Gregory, P., 2015. CISSP Guide to Security Essentials. 2nd ed. Boston, MA: Cengage
Learning.
โข Olifer, N. & Olifer, V., 2016. Computer Networks: Principles, Technologies and Protocols for
Network Design. 1st ed. Pennsylvania: John Wiley & Sons.
โข Pagani, M., 2005. Encyclopedia of Multimedia Technology and Networking. 1st ed. Hershey,
PA: Idea Group Inc (IGI).
โข Stair, R. & Reynolds, G., 2015. Fundamentals of Information. 8th ed. Boston, MA: Cengage
Learning.
โข Stallings, W., 2016. CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE.
7th ed. New York: Pearson Education.
โข Stapleton, J., 2014. Security without Obscurity: A Guide to Confidentiality, Authentication,
and Integrity. 1st ed. Boca Raton,FL: CRC Press.