1 / 17

Virtual Private Networks

Virtual Private Networks. By: Jacob Anderson. What is a Virtual Private network?. A secure network connection on top of a wider network Hence virtual Uses a larger network, like the internet, to connect a remote site and users together Taking advantage of availability

haven
Download Presentation

Virtual Private Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virtual Private Networks By: Jacob Anderson

  2. What is a Virtual Private network? • A secure network connection on top of a wider network • Hence virtual • Uses a larger network, like the internet, to connect a remote site and users together • Taking advantage of availability • Mimics a physical network • Convenient accessibility • Better alternative to a leased line

  3. leased lines • Pay a provider for a “symmetric telecommunications” line • Monthly price • Each side of the cable is permanently connected • No telephone number • Advantage in speed • Normally fiber optic • Dedicated • Most of the time infeasible

  4. VPN vs. SSH • SSH works at the application layer • Port specific • SSH establishes connections on a one-to-one basis • A single client to a server or another single entity • A VPN can connect a user to a whole network • Great for business off-site extension • A VPN is not limited to single-port connections • Network layer connectivity

  5. VPN with SSH • In some cases, security may be necessary within the local network as well • Confidential data that only some employees are eligible to view • VPN handles the security over the internet • Encapsulates SSH protocol packet • SSH, then, provides application to application security within • Only sending and receiving employees will be able to view

  6. How a VPN works • An IP packet is wrapped in an extra layer • Which provides security • The extra layer is processed by a router • Not at a higher level in the OSI protocol stack

  7. VPN Router • VPN is accomplished using a specific type of router and/or VPN software • Designed to handle the IP layer security protocol • Cost for a small business VPN router is between 150 to 400 dollars • This one is $150

  8. VPN Protocols • PPTP • L2TP • L2F • IPSEC • Most commonly used

  9. IPSEC • Consists of two main protocol sets: • Authentication Header (AH) • Encapsulating Security Payload (ESP)

  10. Authentication Header • Known as “Tunnel Mode” • Replay bit • Triggered when viewed (Know whether compromised) • Process: • 1) IP header and data payload is hashed • 2) Hash is used to build a new header, which is appended • 3) New packet is transmitted to the VPN router • 4) The receiving router hashes the IP header and data payload as well, and the result must match the previously appended hash (the authentication header)

  11. AH Diagram

  12. Encapsulating Security Payload (ESP) • Known as “Transport Mode” • Provides source authentication, integrity, an anti-replay service, and limited traffic flow confidentiality • Encryption of the IP Packet Layer is performed • Standard is 56-bit DES • But others can be used

  13. ESP Diagram

  14. When to use each mode Between IPSec Gateways End station to IPSec Gateway IPSec router to server End station to end station

  15. Advantages of VPN • Cost • Security • Scalability • Increase infrastructure without physical addition • Compatibility with broadband • Multi-point communication • Business communication links • LAN to LAN • Mobile workers access to LAN • Off-site remote work more possible

  16. References • http://en.wikipedia.org/wiki/Virtual_private_network • http://computer.howstuffworks.com/vpn7.htm • http://www.schumi.ch/partner/SSHvsVPN.htm • http://www.ciscopress.com/articles/article.asp?p=24833&seqNum=3 • http://cba.unomaha.edu/faculty/garfathr/web/vpn_pros_cons.html

More Related