Shobha Ravikumar - Virtual Private Networks (November 2, 2005)


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Shobha Ravikumar - Virtual Private Networks (November 2, 2005)

  1. 1. Virtual Private Network Presented By: Shobha Ravikumar
  2. 2. Contents <ul><li>What is VPN? </li></ul><ul><li>What Makes VPN? </li></ul><ul><li>Types of VPN </li></ul><ul><li>VPN Security </li></ul><ul><li>Make VPN Connection </li></ul><ul><li>Conclusion </li></ul>
  3. 3. What is VPN? <ul><li>Data transference on a shared network such as public data networks, on which data is delivered securely by applying some security measures on the data packets and the machines on the path, for example hosts (source computer and destination computer), routers (such as gateway routers and peer routers), and bridges. </li></ul><ul><li>VPN is a private network which uses public network (Internet) to connect remote sites or users. </li></ul>
  4. 4. Virtual Private Network A typical VPN might have a main LAN at the corporate headquarters of a company, other LANs at remote offices or facilities and individual users connecting from out in the field.
  5. 5. What Makes VPN? <ul><li>Benefits of having VPN: </li></ul><ul><li>Extend geographic connectivity </li></ul><ul><li>Improve security </li></ul><ul><li>Reduce operational costs versus traditional WAN </li></ul><ul><li>Reduce transit time and transportation costs for remote users </li></ul><ul><li>Improve productivity </li></ul><ul><li>Simplify network topology </li></ul><ul><li>Provide global networking opportunities </li></ul><ul><li>Provide telecommuter support </li></ul><ul><li>Provide broadband networking compatibility </li></ul><ul><li>Provide faster ROI (return on investment) than traditional WAN </li></ul>
  6. 6. Types of VPN <ul><li>Remote Access VPN: </li></ul><ul><li>Virtual private dial up Network (VPDN): is a user to LAN connection used by a company who needs to connect to private network from remote places. </li></ul><ul><li>a corporation that wishes to set up a large remote-access VPN will outsource to an enterprise service provider ( ESP ). The ESP sets up a network access server ( NAS ) and provides the remote users with desktop client software for their computers. The telecommuters can then dial a toll-free number to reach the NAS and use their VPN client software to access the corporate network </li></ul>
  7. 7. Types of VPN <ul><li>Site-to-Site VPN </li></ul><ul><li>Site-to-site VPNs can be one of two types: </li></ul><ul><li>Intranet-based - If a company has one or more remote locations that they wish to join in a single private network, they can create an intranet VPN to connect LAN to LAN </li></ul><ul><li>Extranet-based - When a company has a close relationship with another company (for example, a partner, supplier or customer), they can build an extranet VPN that connects LAN to LAN, and that allows all of the various companies to work in a shared environment. </li></ul>
  8. 8. Type of VPN
  9. 9. VPN: Security <ul><li>A well-designed VPN uses several methods for keeping your connection and </li></ul><ul><li>data secure: </li></ul><ul><ul><ul><ul><ul><li>Firewalls </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Encryption </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>IPSec </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>AAA Server </li></ul></ul></ul></ul></ul>
  10. 10. VPN Security: FireWall <ul><li>A firewall provides a strong barrier between the private network and the Internet. </li></ul><ul><li>We can set firewalls to restrict the number of open ports, what type of packets are passed through and which protocols are allowed through. </li></ul><ul><li>Some VPN products, such as Cisco’s 1700 routers, can be upgraded to include firewall capabilities by running the appropriate Cisco IOS on them. </li></ul><ul><li>Note: You should already have a good firewall in place before you implement a </li></ul><ul><li>VPN, but a firewall can also be used to terminate the VPN sessions. </li></ul>
  11. 11. VPN Security: Encryption <ul><li>taking all the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Most computer encryption system belong in one of two categories: </li></ul><ul><ul><li>Symmetric-key encryption </li></ul></ul><ul><ul><li>Public-key encryption </li></ul></ul>
  12. 12. VPN Security: IPSec <ul><li>Internet Protocol Security Protocol (IPSec) provides enhanced security features such as better encryption algorithms and more comprehensive authentication. </li></ul>
  13. 13. VPN Security: IPSec <ul><li>Two encryption modes: tunnel and transport . </li></ul><ul><li>Tunnel: encrypts the header and the payload of each packet </li></ul><ul><li>Transport: only encrypts the payload. </li></ul><ul><li>Only systems that are IPSec compliant can take advantage of this protocol. Also, all devices must use a common key and the firewalls of each network must have very similar security policies set up. </li></ul>
  14. 14. VPN Security: AAA Servers <ul><li>AAA (authentication, authorization and accounting) servers: </li></ul><ul><li>When a request to establish a session comes in from a dial-up client, the </li></ul><ul><li>request is proxied to the AAA server. AAA then checks the following: </li></ul><ul><ul><ul><ul><ul><li>Who you are (authentication) </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>What you are allowed to do (authorization) </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>What you actually do (accounting) </li></ul></ul></ul></ul></ul>
  15. 15. VPN Technologies <ul><li>Depending on the type of VPN (remote-access or site-to-site), certain </li></ul><ul><li>components are needed to build VPN. They are: </li></ul><ul><li>Desktop software client for each remote user </li></ul><ul><li>Dedicated hardware such as a VPN concentrator or secure PIX firewall </li></ul><ul><li>Dedicated VPN server for dial-up services </li></ul><ul><li>NAS (network access server) used by service provider for remote-user VPN access </li></ul><ul><li>VPN network and policy-management center </li></ul>
  16. 16. Make VPN Connection <ul><li>To make a VPN connection we must be connected to internet. </li></ul><ul><li>Step 1: </li></ul><ul><li>Open Network Connections. (Click Start, click Control Panel, click Network and </li></ul><ul><li>Internet Connections, and then click Network Connections.) </li></ul><ul><li>Step 2: </li></ul><ul><li>Under Network Tasks, click Create a new connection, and then click Next. </li></ul><ul><li>Step 3: </li></ul><ul><li>On the Welcome to the New Connection Wizard page of the New Connection </li></ul><ul><li>Wizard, click Next. </li></ul>
  17. 17. Make VPN Connection <ul><li>Step 4: </li></ul><ul><li>On the Network Connection Type page, click </li></ul><ul><li>Connect to the network at my workplace, and </li></ul><ul><li>then click Next as shown below. </li></ul>
  18. 18. Make VPN Connection <ul><li>Step 5: </li></ul><ul><li>On the Network Connection page, click </li></ul><ul><li>Virtual Private Network connection, and </li></ul><ul><li>then click Next as shown below: </li></ul>
  19. 19. Make VPN Connection <ul><li>Step 6: </li></ul><ul><li>On the Connection Name page, type the </li></ul><ul><li>name of the connection or your company </li></ul><ul><li>name, and then click Next. An example is </li></ul><ul><li>shown below. </li></ul>
  20. 20. Make VPN Connection <ul><li>Step 7: </li></ul><ul><li>If you are using a dial-up connection to an </li></ul><ul><li>ISP to connect to the Internet, the </li></ul><ul><li>Public Network page is displayed. In </li></ul><ul><li>Automatically dial this initial connection, </li></ul><ul><li>select the name of the connection used to </li></ul><ul><li>dial your ISP, and then click Next. </li></ul>
  21. 21. Make VPN Connection <ul><li>Step 8: </li></ul><ul><li>On the VPN Server Selection page, type </li></ul><ul><li>the Domain Name System (DNS) </li></ul><ul><li>name or Internet Protocol (IP) address of </li></ul><ul><li>your company's VPN server on the </li></ul><ul><li>Internet, and then click Next . An example </li></ul><ul><li>is shown below </li></ul>
  22. 22. Make VPN Connection <ul><li>Step 9: </li></ul><ul><li>On the Completing the New Connection </li></ul><ul><li>Wizard page, click Finish. </li></ul><ul><li>Step 10: </li></ul><ul><li>A Connect dialog box is displayed. Type </li></ul><ul><li>the user name and password to </li></ul><ul><li>access your company's private network </li></ul><ul><li>and then click Connect. An example is </li></ul><ul><li>shown below. </li></ul>
  23. 23. Make VPN Connection <ul><li>Notes: </li></ul><ul><li>You can create multiple VPN connections by copying them in the Network Connections folder. You can then rename the connections and modify connection settings. By doing so, you can easily create different connections to accommodate multiple hosts, security options, and so on.   </li></ul><ul><li>If you have an active Winsock Proxy client, you cannot create a VPN connection. A Winsock Proxy client immediately redirects data to a configured proxy server before the data can be processed in the fashion required by a VPN connection. To establish a VPN connection, you should disable the Winsock Proxy client. </li></ul>
  24. 24. Conclusion <ul><li>Let’s summarize the most important points. </li></ul><ul><li>Intranet VPNs provide an interesting and affordable way for internal company communications, because they operate on a portion of the public or shared communication infrastructure. </li></ul><ul><li>They use encryption and tunneling to protect confidential information, and provide the same level of reliability and performance as traditional Wide Area Networks. </li></ul><ul><li>Intranet VPNs enable businesses to refocus their energy on core business objectives instead of networking needs, and reduce operations and bandwidth costs. </li></ul>
  25. 25. Questions?
  26. 26. References <ul><li>[1] How Virtual Private Networks Work </li></ul><ul><li> </li></ul><ul><li>[2] Securing Virtual Private Networks (VPN) </li></ul><ul><li> </li></ul><ul><li>[3] Use Virtual Private Networks for Secure Internet Data Transfer </li></ul><ul><li> </li></ul>