V P N

818 views

Published on

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
818
On SlideShare
0
From Embeds
0
Number of Embeds
28
Actions
Shares
0
Downloads
39
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

V P N

  1. 1. Network Admin Virtual Private Networks Colm Bennett
  2. 2. VPN - Contents <ul><li>What is a VPN? </li></ul><ul><li>Key Advantages </li></ul><ul><li>Key Features </li></ul><ul><li>Example </li></ul>
  3. 3. What is a VPN? <ul><li>Real world definition </li></ul><ul><ul><li>a VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together </li></ul></ul><ul><li>As opposed to constructing a WAN using private lines (leased lines, microwave connection etc.) </li></ul>
  4. 4. Key Advantages <ul><li>Cost </li></ul><ul><ul><li>Main Reason! </li></ul></ul><ul><ul><li>Old style private networks with leased lines were exponentially more expensive </li></ul></ul><ul><ul><li>Remote access via dial up modem pools was also very costly for international users </li></ul></ul><ul><li>Scalability </li></ul><ul><ul><li>Much easier to scale than old style private networks where lead time on leased lines might be in months </li></ul></ul>
  5. 5. Evolution <ul><li>Large Companies/Leased Lines </li></ul><ul><li>3 rd Party VPN providers (large telecoms providers mainly, e.g. BT/Concert in 90's) </li></ul><ul><li>Move to in house VPNs </li></ul><ul><ul><li>Reduced cost of equipment </li></ul></ul><ul><ul><li>Increased confidence in security </li></ul></ul><ul><li>Currently there is emergence of 3 rd Party involvement again as VPN management is outsourced </li></ul>
  6. 6. VPN – Key Features <ul><li>Tunneling </li></ul><ul><li>Encryption </li></ul><ul><li>Enhanced Authentication </li></ul><ul><li>Standardised client security features </li></ul>
  7. 7. VPN - Tunneling <ul><li>Tunneling means encapsulating private network traffic before sending it via public network </li></ul><ul><li>Three protocols involved </li></ul><ul><ul><li>Carrier protocol – the public network protocol, usually IP </li></ul></ul><ul><ul><li>Encapsulating protocol – protocol used to encapsulate the data, e.g. GRE, IPSec </li></ul></ul><ul><ul><li>Passenger Protocol – protocol used on private network, e.g. IP (private address space possible) </li></ul></ul>
  8. 8. VPN - Encryption <ul><li>Data confidentiality and integrity are vital in a VPN solution </li></ul><ul><li>Encapsulated packet is encrypted so that packet sniffing on public network cannot unravel private communication </li></ul><ul><li>Various schemes to ensure integrity of data including tamper proofing and checking origin of source </li></ul>
  9. 9. VPN - IPSec <ul><li>IPSec is a suite of protocols that covers a number of aspects relevant to VPNs </li></ul><ul><li>Tunnel Mode encrypts both header and data, i.e. IPSec can be the encapsulating protocol </li></ul><ul><li>Also provides integrity and authentication and non-repudiation </li></ul><ul><li>Default protocol used for most Cisco VPN solutions </li></ul>
  10. 10. VPN - SSL <ul><li>Standard Cisco IPSec VPN remote access requires local software installation </li></ul><ul><li>User pressure for no-install, use anywhere remote access </li></ul><ul><li>SSL VPN allows remote access via an SSL secuted web site </li></ul><ul><li>Usually paired with two factor device for added security </li></ul>
  11. 11. Authentication <ul><li>As well as normal network authentication for users, VPN connection has special authentication </li></ul><ul><li>Site to site may use Digital Signature </li></ul><ul><li>Remote users may be asked to use a two factor token device like RSA SecurID (demo) </li></ul>
  12. 12. Standardised Security <ul><li>Move to a VPN within a company will also usually invovle standardising security across all connecting LANs </li></ul><ul><li>Small sub offices joining main network – much greater potential impact of a virus outbreak in small office </li></ul><ul><li>Remote access users may be forced to run standard firewall/anti virus </li></ul>
  13. 13. Example <ul><li>Discussion of current live project (European VPN) </li></ul>

×