SlideShare a Scribd company logo

WLAN:VPN Security

Download as PPTX, PDF
@zenafaris91
@zenafaris91

VPN (virtual private network) allows users to connect securely over a public network like the internet. It uses encryption and authentication to provide a secure connection through an otherwise insecure network. The main benefits of VPNs are reduced costs compared to dedicated private networks using leased lines or dial-up. VPNs work by encapsulating packets inside packets of another protocol, called "tunneling", to create and maintain a virtual private circuit between two endpoints.

Engineering
1 of 27
WLAN:VPN SECURITY Zena Mohammed
What is VPN? o A VPN is a closed (private) network provided on shared infrastructure. o A Virtual Private Network (VPN) connects the components and resources of a private network over a public network. o VPNs can be provided over both packet-switched and circuit-switched public networks. o The shared infrastructure can be the Internet, Frame Relay, or ATM network, or the Public Voice Networks (PSTN).
Objectives of VPN  From the user’s perspective, the VPN is a point-to-point connection between the user’s computer and a corporate server.  VPNs allow tele-commuters, remote employees, or even branch offices to connect in a secure fashion.
Is VPN a Solution to All Online Security Threats? the manager faces a fundamental requirement: security. Use of a public network exposes corporate traffic to eavesdropping and provides an entry point for unauthorized users. To counter this problem, a VPN is needed. In essence, a VPN uses encryption and authentication in the lower protocol layers to provide a secure connection through an otherwise insecure network, typically the Internet. VPNs are generally cheaper than real private networks using private lines but rely on having the same encryption and authentication system at both ends. The encryption may be performed by firewall software or possibly by routers. The most common protocol mechanism used for this purpose is at the IP level and is known as IPsec.
Brief Overview of How it Works o Two connections – one is made to the Internet and the second is made to the VPN. o Datagrams – contains data, destination and source information. o Firewalls – VPNs allow authorized users to pass through the firewalls. o Protocols – protocols create the VPN tunnels.
Four Critical Functions Authentication – validates that the data was sent from the sender. Access control – limiting unauthorized users from accessing the network. Confidentiality – preventing the data to be read or copied as the data is being transported. Data Integrity – ensuring that the data has not been altered
Encryption o Encryption -- is a method of “scrambling” data before transmitting it onto the Internet. oPublic Key Encryption Technique oDigital signature – for authentication
Network Isolation:VPN  Idea: I want to create a collection of hosts which operate in a coordinated way E.g., a virtual security perimeter over physical network  Hosts work as if they are isolated from malicious hosts  Solution: Virtual Private Networks Create virtual network topology over physical network  Use communications security protocol suites to secure virtual links “tunneling”  Manage networks as if they are physically separate  Hosts can route traffic to regular networks (split-tunneling)
Tunneling A virtual point-to-point connection made through a public network.It transports encapsulated datagrams Encrypted Inner Datagram Original Datagram Outer Datagram Data AreaDatagram Header Data Encapsulation [From Comer] Two types of end points: Remote Access Site-to-Site
Remote Access Virtual Private Network Remote User Access over the Internet • To connect remote users to a corporate intranet using an Internet Service Provider (ISP) network. • The VPN software creates a secure connection between the dial-up user and the corporate intranet over the Internet.
Site-to-Site VPNs
Figure 19.7b shows how tunnel mode operation can be used to set up a virtual private network. Case 2. Security is provided only between gateways (routers, firewalls, etc.) and no hosts implement IPsec. This case illustrates simple virtual private network support. The security architecture document specifies that only a single tunnel SA is needed for this case. The tunnel could support AH, ESP, or ESP with the authentication option. Nested tunnels are not required, because the IPsec services apply to the entire inner packet.
Four Protocols used in VPN  PPTP : Point-to-Point Tunneling Protocol  L2TP : Layer 2 Tunneling Protocol  IPsec : Internet Protocol Security  SOCKS : is not used as much as the ones above
PPTP VPN The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets It is a VPN protocol only, and relies on various authentication methods to provide security Pros  Client built-in to just about all platforms  Very easy to set up  Fast Cons  Not at all secure (the vulnerable MS CHAPv2 authentication is still the most common in use)  Definitely compromised by the NSA
L2TP Layer 2 Tunnel Protocol is a VPN protocol that on its own does not provide any encryption or confidentiality to traffic that passes through it. For this reason it is usually implemented with the IPsec encryption suite (similar to a cipher) to provide security and privacy. Pros  Usually considered very secure  Easy to set up  Available on all modern platforms Cons  Faster than OpenVPN Cons  May be compromised by the NSA (unproven)  Likely deliberately weakened by the NSA ( unproven)  Can struggle with restrictive firewalls
IPSec and SOCKS VPN
Device Types: Hardware  Usually a VPN type of router Pros o Highest network throughput o Plug and Play o Dual-purpose Cons o Cost o Lack of flexibility
Device Types: Firewall Pros  “Harden” Operating System  Tri-purpose  Cost-effective Cons • Still relatively costly
Device Types: Software o Ideal for 2 end points not in same org. o Great when different firewalls implemented Pros o Flexible o Low relative cost Cons • Lack of efficiency • More labor training required • Lower productivity; higher labor costs
Advantages:  Cost Savings  Reducing the long-distance telephone charges for remote access.  Transferring the support burden to the service providers  Operational costs  Scalability  Flexibility of growth  Efficiency with broadband technology
Disadvantages
Requirements for Internet-Based VPNs  Security Requirements: User Authentication , User’s identity must be verified, and VPN access must be restricted to authorized users.  Address Management and Privacy: Clients’ addresses on the private network must be kept private and managed securely.  Data Integrity: Data carried on the public network must be rendered unreadable to unauthorized clients.  Security can be implemented in hardware or software.
VPN stands for… a) Virtual Public Network b) Virtual Private Network c) Virtual Protocol Network d) Virtual Perimeter Network Q.1 A.1 b) Virtual Private Network VPN stands for… VPN stands for "Virtual Private Network" or "Virtual Private Networking." A VPN is a private network in the sense that it carries controlled information, protected by various security mechanisms, between known parties. VPNs are only "virtually" private, however, because this data actually travels over shared public networks instead of fully dedicated private connections.
What are the acronyms for the 3 most common VPN protocols? Q.2 A.2 • PPTP • L2TP • IPsec 3 most common VPN protocols are… PPTP, IPsec, and L2TP are three of today's most popular VPN tunneling protocols. Each one of these is capable of supporting a secure VPN connection.
What is the main benefit of VPNs compared to dedicated networks utilizing frame relay, leased lines, and traditional dial-up? a) better network performance b) less downtime on average c) reduced cost d) improved security A.3 c) reduced cost The main benefit of VPNs is… The main benefit of a VPN is the potential for significant cost savings compared to traditional leased lines or dial up networking. These savings come with a certain amount of risk, however, particularly when using the public Internet as the delivery mechanism for VPN data. Q.3
Q.4 In VPNs, the term "tunneling" refers to a) an optional feature that increases network performance if it is turned on b) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit c) the method a system administrator uses to detect hackers on the network d) a marketing strategy that involves selling VPN products for very low prices in return for expensive service contracts A.4 b) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit In VPNs, the term "tunneling" refers to…

Recommended

VPN
VPNVPN
VPN
Shiraz316
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)
sonangrai
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network main
Kanika Gupta
 
Vpn
VpnVpn
Vpn
Ankit Anand
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)
sonalikasingh15
 
Vpn ppt
Vpn pptVpn ppt
Vpn ppt
Nikhila Pothukuchi
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and BenefitsVPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and Benefits
qaisar17
 

Recommended

VPN
VPNVPN
VPN
Shiraz316
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)
sonangrai
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network main
Kanika Gupta
 
Vpn
VpnVpn
Vpn
Ankit Anand
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)
sonalikasingh15
 
Vpn ppt
Vpn pptVpn ppt
Vpn ppt
Nikhila Pothukuchi
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and BenefitsVPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and Benefits
qaisar17
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
Ram Bharosh Raut
 
Virtual Private Network VPN
Virtual Private Network VPNVirtual Private Network VPN
Virtual Private Network VPN
Farah M. Altufaili
 
Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
Debasis Chowdhury
 
Firewall
FirewallFirewall
Firewall
Apo
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
Rajendra Dangwal
 
Vpn
VpnVpn
Vpn
surendrabane
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
Firewalls
FirewallsFirewalls
Firewalls
University of Central Punjab
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
Anthony Daniel
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
Peter R. Egli
 
Virtual private network, vpn presentation
Virtual private network, vpn presentationVirtual private network, vpn presentation
Virtual private network, vpn presentation
Amjad Bhutto
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
Netwax Lab
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
Patten John
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
Kuldeep Padhiyar
 
VPN Virtual Private Network
VPN Virtual Private NetworkVPN Virtual Private Network
VPN Virtual Private Network
Rama Krishna Nakka
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
VC Infotech
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
Goutham Royal
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 
Vpn networks kami
Vpn networks kamiVpn networks kami
Vpn networks kami
kamran_share
 
Vpn
VpnVpn
Vpn
Kajal Thakkar
 

More Related Content

What's hot

Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
Debasis Chowdhury
 
Firewall
FirewallFirewall
Firewall
Apo
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
Peter R. Egli
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
Goutham Royal
 

What's hot (20)

Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
 
Virtual Private Network VPN
Virtual Private Network VPNVirtual Private Network VPN
Virtual Private Network VPN
 
Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).
 
Firewall
FirewallFirewall
Firewall
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Vpn
VpnVpn
Vpn
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Wireshark
WiresharkWireshark
Wireshark
 
Firewalls
FirewallsFirewalls
Firewalls
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
 
Virtual private network, vpn presentation
Virtual private network, vpn presentationVirtual private network, vpn presentation
Virtual private network, vpn presentation
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
 
VPN Virtual Private Network
VPN Virtual Private NetworkVPN Virtual Private Network
VPN Virtual Private Network
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
 
Firewall
Firewall Firewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 

Similar to WLAN:VPN Security

Virtual private network
Virtual private networkVirtual private network
Virtual private network
Sowmia Sathyan
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
Rajan Kumar
 
csevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfcsevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdf
HirazNor
 
Describe the major types of VPNs and technologies- protocols- and serv.docx
Describe the major types of VPNs and technologies- protocols- and serv.docxDescribe the major types of VPNs and technologies- protocols- and serv.docx
Describe the major types of VPNs and technologies- protocols- and serv.docx
earleanp
 

Similar to WLAN:VPN Security (20)

Vpn networks kami
Vpn networks kamiVpn networks kami
Vpn networks kami
 
Vpn
VpnVpn
Vpn
 
Vp npresentation 2
Vp npresentation 2Vp npresentation 2
Vp npresentation 2
 
Insights of vpn
Insights of vpnInsights of vpn
Insights of vpn
 
Virtual private network
Virtual private networkVirtual private network
Virtual private network
 
Vp npresentation
Vp npresentationVp npresentation
Vp npresentation
 
VPN
VPN VPN
VPN
 
Vp npresentation (1)
Vp npresentation (1)Vp npresentation (1)
Vp npresentation (1)
 
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALAVIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
 
Lan Virtual Networks
Lan Virtual NetworksLan Virtual Networks
Lan Virtual Networks
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptx
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
VPN & FIREWALL
VPN & FIREWALLVPN & FIREWALL
VPN & FIREWALL
 
csevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfcsevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdf
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 
The vpn
The vpnThe vpn
The vpn
 
V P N
V P NV P N
V P N
 
Describe the major types of VPNs and technologies- protocols- and serv.docx
Describe the major types of VPNs and technologies- protocols- and serv.docxDescribe the major types of VPNs and technologies- protocols- and serv.docx
Describe the major types of VPNs and technologies- protocols- and serv.docx
 
What Technology Lies Behind VPN
What Technology Lies Behind VPNWhat Technology Lies Behind VPN
What Technology Lies Behind VPN
 
V P N
V P NV P N
V P N
 

More from @zenafaris91

More from @zenafaris91 (13)

Implementation of Digital Communication by using Matlab
Implementation of Digital Communication by using MatlabImplementation of Digital Communication by using Matlab
Implementation of Digital Communication by using Matlab
 
PSEUDONOISE SEQUENCE IN CDMA EXAMPLE
PSEUDONOISE SEQUENCE IN CDMA EXAMPLEPSEUDONOISE SEQUENCE IN CDMA EXAMPLE
PSEUDONOISE SEQUENCE IN CDMA EXAMPLE
 
Advanced Digital Signal Processing book
Advanced Digital Signal Processing bookAdvanced Digital Signal Processing book
Advanced Digital Signal Processing book
 
IWSN with OMNET++ Simulation
IWSN with OMNET++ SimulationIWSN with OMNET++ Simulation
IWSN with OMNET++ Simulation
 
IWSN with OMNET++ Simulation
IWSN with OMNET++ SimulationIWSN with OMNET++ Simulation
IWSN with OMNET++ Simulation
 
face recognition based on PCA
face recognition based on PCAface recognition based on PCA
face recognition based on PCA
 
Network Mnagement for WSN
Network Mnagement for WSNNetwork Mnagement for WSN
Network Mnagement for WSN
 
advancsed microprocessor and interfacing
advancsed microprocessor and interfacingadvancsed microprocessor and interfacing
advancsed microprocessor and interfacing
 
optical transmitter
optical transmitteroptical transmitter
optical transmitter
 
DSR Protocol
DSR ProtocolDSR Protocol
DSR Protocol
 
Equalization
EqualizationEqualization
Equalization
 
Multirate DSP
Multirate DSPMultirate DSP
Multirate DSP
 
Multirate DSP
Multirate DSPMultirate DSP
Multirate DSP
 

Recently uploaded

Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
Kamal Acharya
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
Epec Engineered Technologies
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdf
Kamal Acharya
 
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills KuwaitKuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
jaanualu31
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
AldoGarca30
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
HenryBriggs2
 
Query optimization and processing for advanced database systems
Query optimization and processing for advanced database systemsQuery optimization and processing for advanced database systems
Query optimization and processing for advanced database systems
meharikiros2
 

Recently uploaded (20)

Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
Path loss model, OKUMURA Model, Hata Model
Path loss model, OKUMURA Model, Hata ModelPath loss model, OKUMURA Model, Hata Model
Path loss model, OKUMURA Model, Hata Model
 
fitting shop and tools used in fitting shop .ppt
fitting shop and tools used in fitting shop .pptfitting shop and tools used in fitting shop .ppt
fitting shop and tools used in fitting shop .ppt
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
Introduction to Data Visualization,Matplotlib.pdf
Introduction to Data Visualization,Matplotlib.pdfIntroduction to Data Visualization,Matplotlib.pdf
Introduction to Data Visualization,Matplotlib.pdf
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
Online food ordering system project report.pdf
Online food ordering system project report.pdfOnline food ordering system project report.pdf
Online food ordering system project report.pdf
 
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills KuwaitKuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
 
Query optimization and processing for advanced database systems
Query optimization and processing for advanced database systemsQuery optimization and processing for advanced database systems
Query optimization and processing for advanced database systems
 

WLAN:VPN Security

  • 2. What is VPN? o A VPN is a closed (private) network provided on shared infrastructure. o A Virtual Private Network (VPN) connects the components and resources of a private network over a public network. o VPNs can be provided over both packet-switched and circuit-switched public networks. o The shared infrastructure can be the Internet, Frame Relay, or ATM network, or the Public Voice Networks (PSTN).
  • 3. Objectives of VPN  From the user’s perspective, the VPN is a point-to-point connection between the user’s computer and a corporate server.  VPNs allow tele-commuters, remote employees, or even branch offices to connect in a secure fashion.
  • 4. Is VPN a Solution to All Online Security Threats? the manager faces a fundamental requirement: security. Use of a public network exposes corporate traffic to eavesdropping and provides an entry point for unauthorized users. To counter this problem, a VPN is needed. In essence, a VPN uses encryption and authentication in the lower protocol layers to provide a secure connection through an otherwise insecure network, typically the Internet. VPNs are generally cheaper than real private networks using private lines but rely on having the same encryption and authentication system at both ends. The encryption may be performed by firewall software or possibly by routers. The most common protocol mechanism used for this purpose is at the IP level and is known as IPsec.
  • 5. Brief Overview of How it Works o Two connections – one is made to the Internet and the second is made to the VPN. o Datagrams – contains data, destination and source information. o Firewalls – VPNs allow authorized users to pass through the firewalls. o Protocols – protocols create the VPN tunnels.
  • 6.
  • 7. Four Critical Functions Authentication – validates that the data was sent from the sender. Access control – limiting unauthorized users from accessing the network. Confidentiality – preventing the data to be read or copied as the data is being transported. Data Integrity – ensuring that the data has not been altered
  • 8. Encryption o Encryption -- is a method of “scrambling” data before transmitting it onto the Internet. oPublic Key Encryption Technique oDigital signature – for authentication
  • 9. Network Isolation:VPN  Idea: I want to create a collection of hosts which operate in a coordinated way E.g., a virtual security perimeter over physical network  Hosts work as if they are isolated from malicious hosts  Solution: Virtual Private Networks Create virtual network topology over physical network  Use communications security protocol suites to secure virtual links “tunneling”  Manage networks as if they are physically separate  Hosts can route traffic to regular networks (split-tunneling)
  • 10. Tunneling A virtual point-to-point connection made through a public network.It transports encapsulated datagrams Encrypted Inner Datagram Original Datagram Outer Datagram Data AreaDatagram Header Data Encapsulation [From Comer] Two types of end points: Remote Access Site-to-Site
  • 11. Remote Access Virtual Private Network Remote User Access over the Internet • To connect remote users to a corporate intranet using an Internet Service Provider (ISP) network. • The VPN software creates a secure connection between the dial-up user and the corporate intranet over the Internet.
  • 13. Figure 19.7b shows how tunnel mode operation can be used to set up a virtual private network. Case 2. Security is provided only between gateways (routers, firewalls, etc.) and no hosts implement IPsec. This case illustrates simple virtual private network support. The security architecture document specifies that only a single tunnel SA is needed for this case. The tunnel could support AH, ESP, or ESP with the authentication option. Nested tunnels are not required, because the IPsec services apply to the entire inner packet.
  • 14. Four Protocols used in VPN  PPTP : Point-to-Point Tunneling Protocol  L2TP : Layer 2 Tunneling Protocol  IPsec : Internet Protocol Security  SOCKS : is not used as much as the ones above
  • 15. PPTP VPN The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets It is a VPN protocol only, and relies on various authentication methods to provide security Pros  Client built-in to just about all platforms  Very easy to set up  Fast Cons  Not at all secure (the vulnerable MS CHAPv2 authentication is still the most common in use)  Definitely compromised by the NSA
  • 16. L2TP Layer 2 Tunnel Protocol is a VPN protocol that on its own does not provide any encryption or confidentiality to traffic that passes through it. For this reason it is usually implemented with the IPsec encryption suite (similar to a cipher) to provide security and privacy. Pros  Usually considered very secure  Easy to set up  Available on all modern platforms Cons  Faster than OpenVPN Cons  May be compromised by the NSA (unproven)  Likely deliberately weakened by the NSA ( unproven)  Can struggle with restrictive firewalls
  • 18. Device Types: Hardware  Usually a VPN type of router Pros o Highest network throughput o Plug and Play o Dual-purpose Cons o Cost o Lack of flexibility
  • 19. Device Types: Firewall Pros  “Harden” Operating System  Tri-purpose  Cost-effective Cons • Still relatively costly
  • 20. Device Types: Software o Ideal for 2 end points not in same org. o Great when different firewalls implemented Pros o Flexible o Low relative cost Cons • Lack of efficiency • More labor training required • Lower productivity; higher labor costs
  • 21. Advantages:  Cost Savings  Reducing the long-distance telephone charges for remote access.  Transferring the support burden to the service providers  Operational costs  Scalability  Flexibility of growth  Efficiency with broadband technology
  • 23. Requirements for Internet-Based VPNs  Security Requirements: User Authentication , User’s identity must be verified, and VPN access must be restricted to authorized users.  Address Management and Privacy: Clients’ addresses on the private network must be kept private and managed securely.  Data Integrity: Data carried on the public network must be rendered unreadable to unauthorized clients.  Security can be implemented in hardware or software.
  • 24. VPN stands for… a) Virtual Public Network b) Virtual Private Network c) Virtual Protocol Network d) Virtual Perimeter Network Q.1 A.1 b) Virtual Private Network VPN stands for… VPN stands for "Virtual Private Network" or "Virtual Private Networking." A VPN is a private network in the sense that it carries controlled information, protected by various security mechanisms, between known parties. VPNs are only "virtually" private, however, because this data actually travels over shared public networks instead of fully dedicated private connections.
  • 25. What are the acronyms for the 3 most common VPN protocols? Q.2 A.2 • PPTP • L2TP • IPsec 3 most common VPN protocols are… PPTP, IPsec, and L2TP are three of today's most popular VPN tunneling protocols. Each one of these is capable of supporting a secure VPN connection.
  • 26. What is the main benefit of VPNs compared to dedicated networks utilizing frame relay, leased lines, and traditional dial-up? a) better network performance b) less downtime on average c) reduced cost d) improved security A.3 c) reduced cost The main benefit of VPNs is… The main benefit of a VPN is the potential for significant cost savings compared to traditional leased lines or dial up networking. These savings come with a certain amount of risk, however, particularly when using the public Internet as the delivery mechanism for VPN data. Q.3
  • 27. Q.4 In VPNs, the term "tunneling" refers to a) an optional feature that increases network performance if it is turned on b) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit c) the method a system administrator uses to detect hackers on the network d) a marketing strategy that involves selling VPN products for very low prices in return for expensive service contracts A.4 b) the encapsulation of packets inside packets of a different protocol to create and maintain the virtual circuit In VPNs, the term "tunneling" refers to…