AN OVERVIEW OF REMOTE ACCESS VPNS: ARCHITECTURE AND EFFICIENT INSTALLATION
|
|
- Marjorie Martin
- 8 years ago
- Views:
Transcription
1 AN OVERVIEW OF REMOTE ACCESS VPNS: ARCHITECTURE AND EFFICIENT INSTALLATION DR. P. RAJAMOHAN SENIOR LECTURER, SCHOOL OF INFORMATION TECHNOLOGY, SEGi UNIVERSITY, TAMAN SAINS SELANGOR, KOTA DAMANSARA, PJU 5, PJ, SELANGOR DARUL EHSAN, MALAYSIA. ABSTRACT A Virtual Private Network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. This paper presents the analysis and special performances of in communication especially the Remote Access Virtual Private Networks architectures and efficient installation to achieve by the way of secure alternative to traditional remote access is IP-based Virtual Private Networking (IP- VPN). In IP-VPNs, all connections to corporate intranets are calls to a local ISP, carried by the Internet to a corporate VPN gateway. Keywords:- VPN - Virtual Private Networks, RA-VPN - Remote Access Virtual Private Networks, ISP - Internet Service Provider, RRAS - The Routing and Remote Access Service, RADIUS - Remote Authentication Dial-In User Service. 1. INTRODUCTION A Virtual Private Network (VPN) is a public network being used for private communication. The VPN connection is an authenticated and encrypted communications channel, or tunnel, across this public network, such as the Internet. Because the network is considered insecure, encryption and authentication are used to protect data while in transit. VPN service is considered to be independent, in that client operation is transparent to the user and that all information exchanged between the two hosts World Wide Web, File Transfer Protocol, , etc. is transmitted across the encrypted channel. A Virtual Private Network (VPN) is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. A virtual private network can be contrasted with a system of owned or leased lines that can only be used by one company. The main purpose of a VPN is to give the company the same capabilities as private leased lines at much lower cost by using the shared public infrastructure.[1]. 1.1 Routing A router is a device that manages the flow of data between network segments, or subnets. A router directs incoming and outgoing packets based on the information about the state of its own network interfaces and a list of possible sources and destinations for network traffic. By projecting network traffic and routing needs based on the number and types of hardware devices and applications used in your environment. We may decide whether to use a dedicated hardware router, a software-based router, or a combination of both. Generally, dedicated hardware routers handle heavier routing demands best, and less expensive software-based routers handle lighter routing loads. A software-based routing solution, such as RRAS in Windows, can be ideal on a small, segmented network with relatively light traffic between subnets. Enterprise network environments that have a large number of network segments and a wide range of performance requirements might need a variety of hardware-based routers to perform different roles throughout the network[1]. 1.2 Remote access By configuring RRAS to act as a remote access server, we can connect remote networks. Remote users can work as if their computers are directly connected to the network. All services typically available to a directly connected user including file and printer sharing, Web server access, and messaging are enabled by means of the remote access connection. An RRAS server provides two different types of remote access connectivity: Virtual Private Networking. A virtual private network (VPN) is a secured, point-to-point connection across a public network, such as the Internet. A VPN client uses special TCP/IP-based protocols called tunneling protocols to make a connection to a port on a remote VPN server. The VPN server accepts the connection, authenticates the connecting user and computer, and then transfers data between the VPN client and the corporate network. Volume 2, Issue 11, November 2014 Page 1
2 Dial-Up Networking. In dial-up networking, a remote access client makes a dial-up telephone connection to a physical port on a remote access server by using the service of a telecommunications provider, such as analog telephone or ISDN. Dial-up networking over an analog phone or ISDN is a direct physical connection between the dial-up networking client and the dial-up networking server. Remote access is best defined as providing access to fixed site resources for users who are not at a fixed workstation at that same site's Local Area Network (LAN). The largest remote access user community is mobile or telecommuting users, such as a sales force or field engineering team. Figure - 1 illustrates a traditional remote access network using the Public Switched Telephone Network (PSTN) or the Integrated Services Digital Network (ISDN). Figure - 1. Traditional Remote Access (PSTN/ISDN Transport) Traditional Remote Access connectivity is achieved with users dialing into a dedicated PSTN/ISDN modem pool, maintained either by a corporate Information Systems/Information Technology staff or by the network service provider. A secure alternative to traditional remote access is IP-based Virtual Private Networking (IP-VPN). In IP- VPNs, all connections to corporate intranets are calls to a local ISP, carried by the Internet to a corporate VPN gateway[1]-[3]. 1.3 VPN Connection VPN can be broadly classified into two types of connections. They are: Remote access VPN and Site-to-site VPN. Figure - 1: Classification of VPN connection Remote Access VPN A Remote Access VPN connection enables a user working at home or on the road to access a server on a private network by using the infrastructure provided by a public network, such as the Internet. From the user s perspective, the VPN is a point-to-point connection between the client computer and the organization s server. The infrastructure of the shared or public network is irrelevant because it appears logically as if the data is sent over a dedicated private link Site-to-Site VPN A Site-to-Site VPN connection (sometimes called a router-to-router VPN connection) enables an organization to have routed connections between separate offices or with other organizations over a public network while helping to maintain secure communications. When networks are connected over the Internet, as shown in the following figure - 2: a VPN-enabled router forwards packets to another VPN-enabled router across a VPN connection. To the routers, the VPN connection appears logically as a dedicated, data-link layer link. A Site-to-Site VPN connection the calling router authenticates itself to the answering router, and, for mutual authentication, the answering router authenticates itself to the calling router. In a Site-to-Site VPN connection, the packets sent from either router across the VPN connection typically do not originate at the routers. Site to site VPN can be further classified into two types. They are Intranetbased VPN Intranet-Based VPN and Extranet-based VPN[2]. Volume 2, Issue 11, November 2014 Page 2
3 Figure - 2: VPN connecting two remote sites across the Internet Intranet-Based VPN : If a Company has more remote locations that it wishes to join in a single private network, it can create an Intranet VPN to connect LAN to LAN. Extranet-Based VPN : When a Company has close relationship with another company, it can build an Extranet VPN that connects LAN to LAN and allows all of the various companies to work in a shared environment. Remote access VPN can be also called as virtual private dial-up network (VPDN). This Remote access VPN establishes the User-to- LAN connection. Thus an authenticated User can logon to the VPN tunnel from anywhere using a laptop[2][3]. 2. AUTHENTICATION Authentication is the first major component of a VPN. Authentication is the process of identifying the entity ( user, router, or network device) requiring access. This authentication is often done by means of a cryptographic function, such as with challenge/response algorithms. The following sections discuss the other authentication methods[3]: Point-to-Point Tunneling Protocol Password Authentication Protocol/Challenge Handshake Protocol (PPTP- PAP/CHAP) Digital certificates RADIUS servers 2. 1 PPTP-PAP/CHAP Password Authentication Protocol (PAP) is the most insecure authentication method available today because both the username and password are sent across the link in clear text. Anyone monitoring the connection could collect and use the information to gain access to the network. The Challenge Handshake Authentication Protocol (CHAP) works as follows : 1. The client establishes a connection with the server and the server sends a challenge back to the client. 2. The client then performs a hash (mathematical) function, adds some extra information, and sends the response back to the server for verification. 3. The server looks in its database and computes the hash with the challenge. 4. If these two answers are the same, authentication succeeds. While CHAP eliminates a dictionary attack, the hashing functions could still be attacked. CHAP also supports the (user transparent) periodic challenge of the client username/password during the session to protect against wire-tapping[2][3] Digital Certificates Digital certificates include information about the owner of the certificate; therefore, when users visit the (secured) web site, their web browsers will check information on the certificate to see whether it matches the site information included in the URL. A digital certificate could be likened to a security driver's license. Certificates are issued by Certificate Authorities (CAs). The contents of a digital certificate as inclusive of the certificate holder's identity, the certificate's serial number, valid, unchangeable date for the transaction, certificate's expiration dates, a copy of the certificate holder's public key for encryption and/or signature and group name & City and state. 2.3 RADIUS Servers Remote Authentication Dial-In User Service (RADIUS) is a distributed system securing network remote access and network resources against unauthorized access. RADIUS authentication includes two components : Authentication server - Installed at the customer's site and holds all user authentication and network access information Client protocols - RADIUS works on the client sending authentication requests to the RADIUS server, and the client acts on server acknowledgements sent back to the client. RADIUS is not limited to dial-up service; many firewall vendors support a RADIUS server implementation.[2][3] Volume 2, Issue 11, November 2014 Page 3
4 3. ARCCHITECTURE VPN TUNNELING PROTOCOLS Tunneling enables the encapsulation of a packet from one type of protocol within the datagram of a different protocol. For example, VPN uses Point-to-Point Tunneling Protocol (PPTP) to encapsulate IP packets over a public network, such as the Internet. Configure a VPN solution based on PPTP, Layer Two Tunneling Protocol (L2TP), Secure Socket Tunneling Protocol (SSTP), or Internet Protocol security (IPsec) using Internet Key Exchange version 2 (IKEv2). PPTP, L2TP, and SSTP depend heavily on the features originally specified for Point-to-Point Protocol (PPP). PPP was designed to send data across dial-up or dedicated point-to-point connections. For IP, PPP encapsulates IP packets within PPP frames and then transmits the encapsulated PPP packets across a point-to-point link. PPP was originally defined as the protocol to use between a dial-up client and a network access server. [2][3]. 3.1 PPTP PPTP allows multiprotocol traffic to be encrypted and then encapsulated in an IP header to be sent across an IP network or a public IP network, such as the Internet. PPTP can be used for remote access and site-to-site VPN connections. When using the Internet as the public network for VPN, the PPTP server is a PPTP-enabled VPN server with one interface on the Internet and a second interface on the intranet[1],[3] Encapsulation PPTP encapsulates PPP frames in IP datagram's for transmission over the network. PPTP uses a TCP connection for tunnel management and a modified version of Generic Routing Encapsulation (GRE) to encapsulate PPP frames for tunneled data. The payloads of the encapsulated PPP frames can be encrypted, compressed or both Structure of a PPTP packet containing an IP datagram Figure - 3: PPTP - IP Datagram Encryption The PPP frame is encrypted with Microsoft Point-to-Point Encryption (MPPE) by using encryption keys generated from the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) or Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) authentication process. Virtual private networking clients must use the MS-CHAP v2 or EAP-TLS authentication protocols in order for the payloads of PPP frames to be encrypted. PPTP is taking advantage of the underlying PPP encryption and encapsulating a previously encrypted PPP frame. Only 128-bit RC4 encryption algorithm is supported. 40 and 56-bit RC4 support was removed starting with Windows Vista and Windows Server 2008, but can be added by changing a registry key[2][9]. 3.2 L2TP/IPsec L2TP/IPsec allows multiprotocol traffic to be encrypted and then sent over any medium that supports point-to-point datagram delivery, such as IP or Asynchronous Transfer Mode (ATM). L2TP is a combination of PPTP and Layer 2 Forwarding (L2F), a technology developed by Cisco Systems, Inc. L2TP represents the best features of PPTP and L2F. Unlike PPTP, the Microsoft implementation of L2TP does not use MPPE to encrypt PPP datagrams. L2TP uses IPsec in Transport Mode for encryption services. The combination of L2TP and IPsec is known as L2TP/IPsec. Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows remote access clients, and VPN server support for L2TP is built in to the Windows Server operating system. L2TP/IPsec is installed with the TCP/IP protocol[1][3] Encapsulation Encapsulation for L2TP/IPsec packets consists of two layers: First Layer: L2TP encapsulation A PPP frame (an IP datagram) is wrapped with an L2TP header and a UDP header. The following figure shows the structure of an L2TP packet containing an IP datagram Structure of an L2TP packet containing an IP datagram Figure - 4: L2TP - IP Datagram Volume 2, Issue 11, November 2014 Page 4
5 Second Layer: IPsec encapsulation The resulting L2TP message is then wrapped with an IPsec Encapsulating Security Payload (ESP) header and trailer, an IPsec Authentication trailer that provides message integrity and authentication, and a final IP header. In the IP header is the source and destination IP address that corresponds to the VPN client and VPN server. The following illustration shows L2TP and IPsec encapsulation for a PPP datagram[2][9][10] Encryption of L2TP traffic with IPsec ESP Figure - 5: L2TP Traffic with IPSec ESP Encryption The L2TP message is encrypted with one of the following protocols by using encryption keys generated from the IKE negotiation process: Advanced Encryption Standard (AES) 256, AES 192, AES 128, and 3DES encryption algorithms. Data Encryption Standard (DES) encryption algorithm with Message Digest 5 (MD5) integrity check support has been removed, but can be added (not recommended) by changing a registry key[3]. 3.3 SSTP Secure Socket Tunneling Protocol (SSTP) is a tunneling protocol that uses the HTTPS protocol over TCP port 443 to pass traffic through firewalls and Web proxies that might block PPTP and L2TP/IPsec traffic. SSTP provides a mechanism to encapsulate PPP traffic over the Secure Sockets Layer (SSL) channel of the HTTPS protocol. The use of PPP allows support for strong authentication methods, such as EAP-TLS. SSL provides transport-level security with enhanced key negotiation, encryption, and integrity checking. When a client tries to establish a SSTP-based VPN connection, SSTP first establishes a bidirectional HTTPS layer with the SSTP server. Over this HTTPS layer, the protocol packets flow as the data payload[3][9][10] Encapsulation SSTP encapsulates PPP frames in IP datagram for transmission over the network. SSTP uses a TCP connection (over port 443) for tunnel management as well as PPP data frames Encryption The SSTP message is encrypted with the SSL channel of the HTTPS protocol IKEv2 IKEv2 is a tunneling protocol that uses the IPsec Tunnel Mode protocol over UDP port 500. An IKEv2 VPN provides resilience to the VPN client when the client moves from one wireless hotspot to another or when it switches from a wireless to a wired connection. The use of IKEv2 and IPsec allows support for strong authentication and encryption methods Encapsulation IKEv2 encapsulates datagram by using IPsec ESP or AH headers for transmission over the network Encryption The message is encrypted with one of the following protocols by using encryption keys generated from the IKEv2 negotiation process: Advanced Encryption Standard (AES) 256, AES 192, AES 128, and 3DES encryption algorithms. 3.4 Choosing Between Tunneling Protocols for Remote Access VPNs When choosing between PPTP, L2TP/IPsec, SSTP, and IKEv2 remote access VPN solutions, consider the following: PPTP can be used with a variety of Microsoft clients, including Microsoft Windows 2000 and later versions of Windows. Unlike L2TP/IPsec and IKEv2, PPTP does not require the use of a public key infrastructure (PKI). By using encryption, PPTP-based VPN connections provide data confidentiality (captured packets cannot be interpreted without the encryption key). PPTP-based VPN connections, however, do not provide data integrity (proof that the data was not modified in transit) or data origin authentication (proof that the data was sent by the authorized user). L2TP can be used with client computers running Windows 2000 and later versions of Windows. L2TP supports either computer certificates or a preshared key as the authentication method for IPsec. Computer certificate authentication, the recommended authentication method, requires a PKI to issue computer certificates to the VPN server computer and all VPN client computers. By using IPsec, L2TP/IPsec VPN connections provide data Volume 2, Issue 11, November 2014 Page 5
6 confidentiality, data integrity, and data authentication. Unlike PPTP and SSTP, L2TP/IPsec enables machine authentication at the IPsec layer and user level authentication at the PPP layer. SSTP can only be used with client computers running Windows Vista Service Pack 1 (SP1), Windows Server 2008, and later versions of Windows. By using SSL, SSTP VPN connections provide data confidentiality, data integrity, and data authentication. IKEv2 is supported only on computers running Windows 7 and Windows Server 2008 R2. By using IPsec, IKEv2 VPN connections provide data confidentiality, data integrity, and data authentication. IKEv2 supports the latest IPsec encryption algorithms. Because of its support for mobility (MOBIKE), it is much more resilient to changing network connectivity, making it a good choice for mobile users who move between access points and even switch between wired and wireless connections[4]. 4. VPN ARCHITECTURE Several VPN network architectures are deployed by enterprise organizations for VPN services. The following list of Remote Access VPN network architectures is discussed in the following sections[2]-[5]: Firewall Based Black-Boxbbased Router Based Remote-Access Based 4.1 Firewall-Based VPNs With firewall-based VPNs, it is considered a safe presumption that a firewall will be used and placed at the network perimeter, as illustrated in Figure - 6:. Figure - 6:. Firewall-Based VPN This presumption leads to a natural extension that this device also can support the VPN connections, providing a central point of management of both the firewall and network access security policies. A drawback to this combined firewall/vpn-access method is performance. 4.2 Black-Box-Based VPNs In the black-box scenario, a vendor offers just that, a black box; a device loaded with encryption software to create a VPN tunnel. Black-box VPN vendors should be supporting all three tunneling protocols -PPTP, L2TP, and IPSec.. The black-box VPN sits behind or with the firewall, as illustrated in Figure - 7:. Figure - 7 :. Black-Box-Based VPN The firewall provides security to the organization, not the data, whereas the VPN device provides security to the data, but not the organization. If the firewall is in front of the VPN device, a rule-based policy on that firewall will need to be implemented. 4.3 Router-Based VPNs Router-based VPNs are for an organization that has a large capital investment in routers and an experienced IT staff. Many router vendors support router-based VPN configurations. There are two ways to go about implementing routerbased VPNs: Software is added to the router to allow an encryption process to occur. An external card from a thirdparty vendor is inserted into the router chassis. This method is designed to off-load the encryption process from the router CPU to the additional card. Volume 2, Issue 11, November 2014 Page 6
7 Figure - 8:. Router-Based VPN Some vendors support hot swapping (replacing hardware) and redundancy (backup solutions), which are built into their router-based VPN products. Performance can be an issue with router-based VPNs because of the addition of an encryption process to the routing process; a heavier burden may be added to the router CPU, more than ever if the router is handling a large number of routes or implementing an intensive routing algorithm. Figure - 8: Illustrates a router-based VPN, where packets are encrypted from source to destination. The drawback to a router-based VPN is security. Routers are considered to be poor at providing network security compared to a firewall. It is possible that an attacker will spoof traffic past the router, in turn fooling the firewall because the firewall will interpret these packets as originating from the other side of the VPN tunnel. This spoofing allows the attacker to gain access to services that are not visible from other locations on the Internet[4]-[7]. 4.4 Internet-Based VPN Connections Using an Internet-based VPN connection, an organization can avoid long-distance charges while taking advantage of the global availability of the Internet Remote Access VPN Connections over the Internet A remote access VPN connection over the Internet enables a remote access client to initiate a dial-up connection to a local ISP instead of connecting to a corporate or outsourced network access server (NAS). By using the established physical connection to the local ISP, the remote access client initiates a VPN connection across the Internet to the organization s VPN server. When the VPN connection is created, the remote access client can access the resources of the private intranet[5]-[7] VPN Connecting a Remote Client to a Private Intranet Figure - 9: Remote Access Over the Internet Site-to-Site VPN Connections Over the Internet When networks are connected over the Internet, as shown in the following figure, a router forwards packets to another router across a VPN connection. To the routers, the VPN connection operates as a data-link layer link VPN Connecting Two Remote Sites Across the Internet Figure - 10: Connecting Two Remote Sites Across the Internet. 4.5 Intranet-Based VPN Connections Volume 2, Issue 11, November 2014 Page 7
8 The intranet-based VPN connection takes advantage of IP connectivity in an organization s Local Area Network (LAN) Remote Access VPN Connections over an Intranet In some organization intranets, the data of a department, such as human resources, is so sensitive that the network segment of the department is physically disconnected from the rest of the intranet. While this protects the data of the human resources department, it creates information accessibility problems for authorized users not physically connected to the separate network segment. VPN connections help provide the required security to enable the network segment of the human resources department to be physically connected to the intranet. In this configuration, a VPN server can be used to separate the network segments. The VPN server does not provide a direct routed connection between the corporate intranet and the separate network segment. Users on the corporate intranet with appropriate permissions can establish a remote access VPN connection with the VPN server and gain access to the protected resources. Additionally, all communication across the VPN connection is encrypted for data confidentiality. The following figure shows remote access over an intranet[5]-[10] VPN Connection Allowing Remote Access to a Secured Network over an Intranet Figure - 11: VPN Connection Allowing Remote Access to a Secured Network over an Intranet Site-to-Site VPN Connections over an Intranet Two networks can be connected over an intranet using a site-to-site VPN connection. This type of VPN connection might be necessary, for example, for two departments in separate locations, whose data is highly sensitive, to communicate with each other. For instance, the finance department might need to communicate with the human resources department to exchange payroll information. The finance department and the human resources department are connected to the common intranet with computers that can act as VPN clients or VPN servers. When the VPN connection is established, users on computers on either network can exchange sensitive data across the corporate intranet. The following figure shows two networks connected over an intranet[5]-[10] VPN Connecting Two Networks over an Intranet Figure - 12: VPN Connecting Two Networks Over the Intranet. 5. EFFICIENT INSTALLATION OF REMOTE ACCESS VPNS Before a VPN can be established, certain requirements must be met. These include the following: Each network site must be set up with a VPN-capable device (router, firewall, or some other VPN dedicated device) on the network edge. Each site must know the IP addressing scheme (host, network, and network mask) in use by the other side of the intended connection. Both sites must agree on the authentication method and, if required, exchange digital certificates and Both sites also must agree on the encryption method and exchange the keys required. VPNs are used to replace both dial-in modem pools and dedicated wide area network (WAN) links. A VPN solution for remote dial-in users can reduce support costs because there are no phone lines or 800-number charges. A VPN solution offers advantages over a dedicated WAN environment when sites are geographically diverse or mobile, saving the cost Volume 2, Issue 11, November 2014 Page 8
9 of dedicated facilities and hardware. A VPN is made up of three technologies that when used together form the secure connection; authentication, tunneling, and encryption. We need to do the following before we configure an RRAS server as a remote access VPN server[5]-[9]. Determine which network interface connects to the Internet and which network interface connects to your private network. During configuration, you will be asked to choose which network interface connects to the Internet. If you specify the incorrect interface, your remote access VPN server will not operate correctly. Determine whether remote clients will receive IP addresses from a DHCP server on your private network or directly from the remote access VPN server that you are configuring. If you have a DHCP server on your private network, the remote access VPN server can lease 10 addresses at a time from the DHCP server and assign those addresses to remote clients. If you do not have a DHCP server on your private network, the remote access VPN server can assign IP addresses to remote clients from a predefined pool of addresses. You must determine that range based on your network infrastructure. If you are using DHCP, determine whether VPN clients are able to send DHCP messages to the DHCP server on your private network. If a DHCP server is on the same subnet as your remote access VPN server, DHCP messages from VPN clients will be able to reach the DHCP server after the VPN connection is established. If a DHCP server is on a different subnet from your remote access VPN server, make sure that the router between subnets can relay DHCP messages between clients and the server. Determine whether you want connection requests from VPN clients to be authenticated by a Remote Authentication Dial-In User Service (RADIUS) server or by the remote access VPN server that you are configuring. Adding a RADIUS server is useful if you plan to install multiple remote access VPN servers, wireless access points, or other RADIUS clients to your private network. For more information, see Network Policy Server Help. Verify that all users have user accounts that are configured for dial-up access. Before users can connect to the network, they must have user accounts on the remote access VPN server or in Active Directory Domain Services (ADDS). Each user account on a stand-alone server or a domain controller contains properties that determine whether that user can connect. On a stand-alone server, you can set these properties by right-clicking the user account in Local Users and Groups and clicking Properties. On a domain controller, you can set these properties by right-clicking the user account in the Active Directory Users and Computers console and clicking Properties. 6. CONCLUSION Remote access solutions are deployed by enterprise organizations to provide access to fixed site resources to remote users (not at a fixed workstation) at a site's LAN. A virtual private network (VPN) is a public network being used for this private and secure communication between the remote ( telecommuting or mobile) user and the organization's LAN. This VPN connection is authenticated and encrypted across the public network. Often times this public network is the Internet. REFERENCES [1] Dave Kosiur, Wiley & Sons, Building and Managing Virtual Private Networks ; ISBN: , pp [2] John Mains, VPNs A Beginners Guide, McGraw Hill; ISBN: , pp [3] Dr.S.S.Riaz Ahamed & P.Rajamohan, Comprehensive performance Analysis and special issues of Virtual Private Network Strategies in the computer Communication: a Novel Study, International Journal of Engineering Science and Technology (IJEST), ISSN : Vol. 3 No. 7 July 2011, pp [4] Wei Luo, Carlos Pignataro, Dmitry Bokotey, Anthony Chan (Cisco Press 2005), Layer 2 VPN Architectures, pp [5] Cisco Press, Network Sales and Services Handbook (Cisco Press Networking Technology) - Chapter 16, Remote Access VPNs, page 138 [6] Alwin Thomas and George Kelley, Cost-Effective VPN-Based Remote Network Connectivity Over the Internet, [7] Ronald, F.J. (Ed 2003). CCSP Cisco Secure VPN. Types of VPN, pp [8] Ronald, F.J. (Ed 2003). CCSP Cisco Secure VPN. VPN Over IPSec., pp [9] Ronald, F.J. (Ed 2003). CCSP Cisco Secure VPN. Explanation of the IPSec protocols, pp [10] B. Gleeson et al., IP Based Virtual Private Networks, RFC 2764, February Volume 2, Issue 11, November 2014 Page 9
10 AUTHOR DR. P. RAJAMOHAN received his Bachelor of Science Degree in Physics later he obtained his Post Graduate Diploma in Computer Applications (PGDCA), Master Degree in Computer Applications (MCA) and PhD in Computer Science. His primary research interest in Virtual Private Network Implementation for Efficient Data Communication, Wireless Networks and Sensor Communications. He is the member of the Institution of Engineers (India), Member of Associate in Cisco Certified Networks and Member of the International Association of Engineers (IAENG). Dr. P. Rajamohan, over all his 20 years experiences in both academic and IT industry. He is currently working as a Senior Lecturer in School of Information Technology, SEGi University, Malaysia. Volume 2, Issue 11, November 2014 Page 10
Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer
Other VPNs TLS/SSL, PPTP, L2TP Advanced Computer Networks SS2005 Jürgen Häuselhofer Overview Introduction to VPNs Why using VPNs What are VPNs VPN technologies... TLS/SSL Layer 2 VPNs (PPTP, L2TP, L2TP/IPSec)
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationVPN SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region
VPN SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the
More informationConnecting Remote Users to Your Network with Windows Server 2003
Connecting Remote Users to Your Network with Windows Server 2003 Microsoft Corporation Published: March 2003 Abstract Business professionals today require access to information on their network from anywhere
More informationCisco Which VPN Solution is Right for You?
Table of Contents Which VPN Solution is Right for You?...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 NAT...2 Generic Routing Encapsulation Tunneling...2
More informationAppendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
More informationWindows Server 2003 Remote Access Overview
Windows Server 2003 Remote Access Overview Microsoft Corporation Published: March 2003 Abstract Remote access allows users with remote computers to create a logical connection to an organization network
More informationJoe Davies Principal Writer Windows Server Documentation
Joe Davies Principal Writer Windows Server Documentation Presented at Seattle Windows Networking User Group monthly meeting September 1, 2010 Agenda Brief VPN technology overview VPN features in Windows
More informationApplication Note: Onsight Device VPN Configuration V1.1
Application Note: Onsight Device VPN Configuration V1.1 Table of Contents OVERVIEW 2 1 SUPPORTED VPN TYPES 2 1.1 OD VPN CLIENT 2 1.2 SUPPORTED PROTOCOLS AND CONFIGURATION 2 2 OD VPN CONFIGURATION 2 2.1
More information7.1. Remote Access Connection
7.1. Remote Access Connection When a client uses a dial up connection, it connects to the remote access server across the telephone system. Windows client and server operating systems use the Point to
More informationVPN. VPN For BIPAC 741/743GE
VPN For BIPAC 741/743GE August, 2003 1 The router supports VPN to establish secure, end-to-end private network connections over a public networking infrastructure. There are two types of VPN connections,
More informationTechnical papers Virtual private networks
Technical papers Virtual private networks This document has now been archived Virtual private networks Contents Introduction What is a VPN? What does the term virtual private network really mean? What
More informationAPNIC elearning: IPSec Basics. Contact: training@apnic.net. esec03_v1.0
APNIC elearning: IPSec Basics Contact: training@apnic.net esec03_v1.0 Overview Virtual Private Networks What is IPsec? Benefits of IPsec Tunnel and Transport Mode IPsec Architecture Security Associations
More informationI. What is VPN? II. Types of VPN connection. There are two types of VPN connection:
Table of Content I. What is VPN?... 2 II. Types of VPN connection... 2 III. Types of VPN Protocol... 3 IV. Remote Access VPN configuration... 4 a. PPTP protocol configuration... 4 Network Topology... 4
More informationVPN Solutions. Lesson 10. etoken Certification Course. April 2004
VPN Solutions Lesson 10 April 2004 etoken Certification Course VPN Overview Lesson 10a April 2004 etoken Certification Course Virtual Private Network A Virtual Private Network (VPN) is a private data network
More informationVirtual Private Network and Remote Access Setup
CHAPTER 10 Virtual Private Network and Remote Access Setup 10.1 Introduction A Virtual Private Network (VPN) is the extension of a private network that encompasses links across shared or public networks
More informationModule 6. Configuring and Troubleshooting Routing and Remote Access. Contents:
Configuring and Troubleshooting Routing and Remote Access 6-1 Module 6 Configuring and Troubleshooting Routing and Remote Access Contents: Lesson 1: Configuring Network Access 6-3 Lesson 2: Configuring
More informationIP Security. IPSec, PPTP, OpenVPN. Pawel Cieplinski, AkademiaWIFI.pl. MUM Wroclaw
IP Security IPSec, PPTP, OpenVPN Pawel Cieplinski, AkademiaWIFI.pl MUM Wroclaw Introduction www.akademiawifi.pl WCNG - Wireless Network Consulting Group We are group of experienced professionals. Our company
More informationFirewalls and Virtual Private Networks
CHAPTER 9 Firewalls and Virtual Private Networks Introduction In Chapter 8, we discussed the issue of security in remote access networks. In this chapter we will consider how security is applied in remote
More informationRemote Access VPNs Performance Comparison between Windows Server 2003 and Fedora Core 6
Remote Access VPNs Performance Comparison between Windows Server 2003 and Fedora Core 6 Ahmed A. Joha, Fathi Ben Shatwan, Majdi Ashibani The Higher Institute of Industry Misurata, Libya goha_99@yahoo.com
More informationChapter 17 Determining Windows 2000 Network Security Strategies
625 CHAPTER 17 Determining Windows 2000 Network Security Strategies Today, most organizations want their computer infrastructure connected to the Internet because it provides valuable services to their
More informationThis chapter describes how to set up and manage VPN service in Mac OS X Server.
6 Working with VPN Service 6 This chapter describes how to set up and manage VPN service in Mac OS X Server. By configuring a Virtual Private Network (VPN) on your server you can give users a more secure
More informationStep-by-Step Guide for Setting Up VPN-based Remote Access in a
Page 1 of 41 TechNet Home > Products & Technologies > Server Operating Systems > Windows Server 2003 > Networking and Communications Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test
More informationHow Virtual Private Networks Work
How Virtual Private Networks Work by Jeff Tyson This article has been reprinted from http://computer.howstuffworks.com/ Please note that the web site includes two animated diagrams which explain in greater
More informationVirtual Private Network and Remote Access
Virtual Private Network and Remote Access Introduction A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. A
More informationModule 10: Supporting Remote Users
Module 10: Supporting Remote Users Contents Overview 1 Establishing Remote Access Connections 2 Connecting to Virtual Private Networks 13 Configuring Inbound Connections 17 Configuring Authentication Protocols
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationMCTS Guide to Microsoft Windows 7. Chapter 14 Remote Access
MCTS Guide to Microsoft Windows 7 Chapter 14 Remote Access Objectives Understand remote access and remote control features in Windows 7 Understand virtual private networking features in Windows 7 Describe
More informationExperiment # 6 Remote Access Services
Experiment # 6 Remote Access Services 7-1 : Introduction Businesses today want access to their information anywhere, at any time. Whether on the road with customers or working from home, employees need
More informationCase Study for Layer 3 Authentication and Encryption
CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client
More informationCCNA Security 1.1 Instructional Resource
CCNA Security 1.1 Instructional Resource Chapter 8 Implementing Virtual Private Networks 2012 Cisco and/or its affiliates. All rights reserved. 1 Describe the purpose and types of VPNs and define where
More informationSophos UTM. Remote Access via PPTP. Configuring UTM and Client
Sophos UTM Remote Access via PPTP Configuring UTM and Client Product version: 9.000 Document date: Friday, January 11, 2013 The specifications and information in this document are subject to change without
More informationCreating a VPN Using Windows 2003 Server and XP Professional
Creating a VPN Using Windows 2003 Server and XP Professional Recommended Instructor Preparation for Learning Activity Instructor Notes: There are two main types of VPNs: User-to-Network This type of VPN
More informationGPRS / 3G Services: VPN solutions supported
GPRS / 3G Services: VPN solutions supported GPRS / 3G VPN soluti An O2 White Paper An O2 White Paper Contents Page No. 3 4-6 4 5 6 6 7-10 7-8 9 9 9 10 11-14 11-12 13 13 13 14 15 16 Chapter No. 1. Executive
More informationVirtual Private Networks Solutions for Secure Remote Access. White Paper
Virtual Private Networks Solutions for Secure Remote Access White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information
More informationSite to Site Virtual Private Networks (VPNs):
Site to Site Virtual Private Networks Programme NPFIT DOCUMENT RECORD ID KEY Sub-Prog / Project Information Governance NPFIT-FNT-TO-IG-GPG-0002.01 Prog. Director Mark Ferrar Owner Tim Davis Version 1.0
More informationStep-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab
Página 1 de 54 Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab This guide provides detailed information about how you can use five computers to create a test lab with which to configure
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationIntroduction to Security and PIX Firewall
Introduction to Security and PIX Firewall Agenda Dag 28 Föreläsning LAB PIX Firewall VPN A Virtual Private Network (VPN) is a service offering secure, reliable connectivity over a shared, public network
More informationStep-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab
Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide describes how to create
More informationChapter 4: Security of the architecture, and lower layer security (network security) 1
Chapter 4: Security of the architecture, and lower layer security (network security) 1 Outline Security of the architecture Access control Lower layer security Data link layer VPN access Wireless access
More informationOverview. Protocols. VPN and Firewalls
Computer Network Lab 2015 Fachgebiet Technische h Informatik, Joachim Zumbrägel Overview VPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls VPN-Definition VPNs (Virtual Private Networks)
More informationObjectives. Remote Connection Options. Teleworking. Connecting Teleworkers to the Corporate WAN. Providing Teleworker Services
ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Providing Teleworker Services Describe the enterprise requirements for providing teleworker services Explain how
More informationVPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls
Overview VPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls Computer Net Lab/Praktikum Datenverarbeitung 2 1 VPN - Definition VPNs (Virtual Private Networks) allow secure data transmission
More informationUnderstanding the Cisco VPN Client
Understanding the Cisco VPN Client The Cisco VPN Client for Windows (referred to in this user guide as VPN Client) is a software program that runs on a Microsoft Windows -based PC. The VPN Client on a
More informationChapter 12 Supporting Network Address Translation (NAT)
[Previous] [Next] Chapter 12 Supporting Network Address Translation (NAT) About This Chapter Network address translation (NAT) is a protocol that allows a network with private addresses to access information
More informationImplementing and Managing Security for Network Communications
3 Implementing and Managing Security for Network Communications............................................... Terms you ll need to understand: Internet Protocol Security (IPSec) Authentication Authentication
More informationIntranet Security Solution
Intranet Security Solution 1. Introduction With the increase in information and economic exchange, there are more and more enterprises need to communicate with their partners, suppliers, customers or their
More informationCS 393/682 Network Security. Nasir Memon Polytechnic University Module 7 Virtual Private Networks
CS 393/682 Network Security Nasir Memon Polytechnic University Module 7 Virtual Private Networks Course Logistics Midterm next week. Old exams posted Brief review at end of this module HW 4 assigned, due
More informationVirtual Private Networks: IPSec vs. SSL
Virtual Private Networks: IPSec vs. SSL IPSec SSL Michael Daye Jr. Instructor: Dr. Lunsford ICTN 4040-001 April 16 th 2007 Virtual Private Networks: IPSec vs. SSL In today s society organizations and companies
More informationVirtual Private Networks
Virtual Private Networks ECE 4886 Internetwork Security Dr. Henry Owen Definition Virtual Private Network VPN! Virtual separation in protocol provides a virtual network using no new hardware! Private communication
More informationVPN s and Mobile Apps for Security Camera Systems: EyeSpyF-Xpert
VPN s and Mobile Apps for Security Camera Systems: EyeSpyF-Xpert Contents: 1.0 Introduction p2 1.1 Ok, what is the problem? p2 1.2 Port Forwarding and Edge based Solutions p2 1.3 What is a VPN? p2 1.4
More informationIP-VPN Architecture and Implementation O. Satty Joshua 13 December 2001. Abstract
Abstract Virtual Private Networks (VPNs) are today becoming the most universal method for remote access. They enable Service Provider to take advantage of the power of the Internet by providing a private
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More informationVirtual Private Networks (VPN) Connectivity and Management Policy
Connectivity and Management Policy VPN Policy for Connectivity into the State of Idaho s Wide Area Network (WAN) 02 September 2005, v1.9 (Previous revision: 14 December, v1.8) Applicability: All VPN connections
More informationBackbone. Taking a Peek Into Virtual Private Networks POP. Internet
Taking a Peek Into Virtual Private Networks Backbone POP Internet Copyright 2001-2002 Global TechPro. All rights reserved. Joseph Alvarez Global TechPro, LLC 5659 Columbia Pike #200 Falls Church, Virginia
More informationRemote Connectivity for mysap.com Solutions over the Internet Technical Specification
Remote Connectivity for mysap.com Solutions over the Technical Specification June 2009 Remote Connectivity for mysap.com Solutions over the page 2 1 Introduction SAP has embarked on a project to enable
More informationL2F Case Study Overview
LF Case Study Overview Introduction This case study describes how one Internet service provider (ISP) plans, designs, and implements an access virtual private network (VPN) by using Layer Forwarding (LF)
More informationEnterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere
Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere White Paper 7KH#&KDOOHQJH Virtual Private Networks (VPNs) provides a powerful means of protecting the privacy and integrity
More informationA Performance Analysis of Gateway-to-Gateway VPN on the Linux Platform
A Performance Analysis of Gateway-to-Gateway VPN on the Linux Platform Peter Dulany, Chang Soo Kim, and James T. Yu PeteDulany@yahoo.com, ChangSooKim@yahoo.com, jyu@cs.depaul.edu School of Computer Science,
More informationVirtual Private Networks
Virtual Private Networks The Ohio State University Columbus, OH 43210 Jain@cse.ohio-State.Edu http://www.cse.ohio-state.edu/~jain/ 1 Overview Types of VPNs When and why VPN? VPN Design Issues Security
More informationSecure Network Design: Designing a DMZ & VPN
Secure Network Design: Designing a DMZ & VPN DMZ : VPN : pet.ece.iisc.ernet.in/chetan/.../vpn- PPTfinal.PPT 1 IT352 Network Security Najwa AlGhamdi Introduction DMZ stands for DeMilitarized Zone. A network
More informationChapter 2 Virtual Private Networking Basics
Chapter 2 Virtual Private Networking Basics What is a Virtual Private Network? There have been many improvements in the Internet including Quality of Service, network performance, and inexpensive technologies,
More informationCommon Remote Service Platform (crsp) Security Concept
Siemens Remote Support Services Common Remote Service Platform (crsp) Security Concept White Paper April 2013 1 Contents Siemens AG, Sector Industry, Industry Automation, Automation Systems This entry
More informationAstaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client
Astaro Security Gateway V8 Remote Access via L2TP over IPSec Configuring ASG and Client 1. Introduction This guide contains complementary information on the Administration Guide and the Online Help. If
More informationDirectAccess in Windows 7 and Windows Server 2008 R2. Aydin Aslaner Senior Support Escalation Engineer Microsoft MEA Networking Team
DirectAccess in Windows 7 and Windows Server 2008 R2 Aydin Aslaner Senior Support Escalation Engineer Microsoft MEA Networking Team 0 Introduction to DirectAccess Increasingly, people envision a world
More information13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode
13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) PPP-based remote access using dial-in PPP encryption control protocol (ECP) PPP extensible authentication protocol (EAP) 13.2 Layer 2/3/4
More informationChapter 5. Data Communication And Internet Technology
Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN
More informationMatrix Technical Support Mailer 167 NAVAN CNX200 PPTP VPN with Windows Client
Matrix Technical Support Mailer 167 NAVAN CNX200 PPTP VPN with Windows Client 22/07/2014 Dear Friends, This mailer helps you in understanding and configuring PPTP VPN of Matrix NAVAN CNX200 with Windows
More informationSecuring Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
More informationThe BANDIT Products in Virtual Private Networks
encor! enetworks TM Version A.1, March 2010 2010 Encore Networks, Inc. All rights reserved. The BANDIT Products in Virtual Private Networks One of the principal features of the BANDIT products is their
More informationCTS2134 Introduction to Networking. Module 07: Wide Area Networks
CTS2134 Introduction to Networking Module 07: Wide Area Networks WAN cloud Central Office (CO) Local loop WAN components Demarcation point (demarc) Consumer Premises Equipment (CPE) Channel Service Unit/Data
More informationCisco 3745. Cisco 3845 X X X X X X X X X X X X X X X X X X
Data Sheet Virtual Private Network (VPN) Advanced Integration Module (AIM) for the 1841 Integrated Services Router and 2800 and 3800 Series Integrated Services Routers The VPN Advanced Integration Module
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationIntegrated Services Router with the "AIM-VPN/SSL" Module
Virtual Private Network (VPN) Advanced Integration Module (AIM) for the 1841 Integrated Services Router and 2800 and 3800 Series Integrated Services Routers The VPN Advanced Integration Module (AIM) for
More informationZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004
ZyWALL 5 Internet Security Appliance Quick Start Guide Version 3.62 (XD.0) May 2004 Introducing the ZyWALL The ZyWALL 5 is the ideal secure gateway for all data passing between the Internet and the LAN.
More informationVIRTUAL PRIVATE NETWORKS SECURITY
87-10-26 DATA SECURITY MANAGEMENT VIRTUAL PRIVATE NETWORKS SECURITY John R. Vacca INSIDE Public Key Encryption; Public Key-Based Certificates; Audit Verification between Discovered Security Policy and
More informationTechnical Notes TN 1 - ETG 3000. FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection?
FactoryCast Gateway TSX ETG 3021 / 3022 modules How to Setup a GPRS Connection? 1 2 Table of Contents 1- GPRS Overview... 4 Introduction... 4 GPRS overview... 4 GPRS communications... 4 GPRS connections...
More informationSecuring an IP SAN. Application Brief
Securing an IP SAN Application Brief All trademark names are the property of their respective companies. This publication contains opinions of StoneFly, Inc., which are subject to change from time to time.
More informationSecure SCADA Network Technology and Methods
Secure SCADA Network Technology and Methods FARKHOD ALSIHEROV, TAIHOON KIM Dept. Multimedia Engineering Hannam University Daejeon, South Korea sntdvl@yahoo.com, taihoonn@paran.com Abstract: The overall
More informationViewing VPN Status, page 335. Configuring a Site-to-Site VPN, page 340. Configuring IPsec Remote Access, page 355
VPN This chapter describes how to configure Virtual Private Networks (VPNs) that allow other sites and remote workers to access your network resources. It includes the following sections: About VPNs, page
More informationHow to configure VPN function on TP-LINK Routers
How to configure VPN function on TP-LINK Routers 1. VPN Overview... 2 2. How to configure LAN-to-LAN IPsec VPN on TP-LINK Router... 3 3. How to configure GreenBow IPsec VPN Client with a TP-LINK VPN Router...
More informationIPSec vs. SSL: Why Choose?
Remote VPN Access from Anywhere An OpenReach Backgrounder Comparing VPN Technologies 660 Main Street Woburn, MA 01801 888.783.0383 www.openreach.com Copyright 2002,, which is solely responsible for its
More informationChapter 10 Security Protocols of the Data Link Layer
Chapter 10 Security Protocols of the Data Link Layer IEEE 802.1x Point-to-Point Protocol (PPP) Point-to-Point Tunneling Protocol (PPTP) [NetSec], WS 2006/2007 10.1 Scope of Link Layer Security Protocols
More informationTable of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2
Table of Contents 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2 2 Features and Benefits 2-1 Key Features 2-1 Support for the Browser/Server Resource Access Model 2-1 Support for Client/Server
More information"ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT"
To Study the Overall Cloud Computing Security Using Virtual Private Network. Aparna Gaurav Jaisingpure/Gulhane Email id: aparnagulhane@gmail.com Dr.D.Y.Patil Vidya Pratishthan s Dr. D.Y Patil College of
More informationPre-lab and In-class Laboratory Exercise 10 (L10)
ECE/CS 4984: Wireless Networks and Mobile Systems Pre-lab and In-class Laboratory Exercise 10 (L10) Part I Objectives and Lab Materials Objective The objectives of this lab are to: Familiarize students
More informationIntegrated Services Router with the "AIM-VPN/SSL" Module
Virtual Private Network (VPN) Advanced Integration Module (AIM) for the 1841 Integrated Services Router and 2800 and 3800 Series Integrated Services Routers The VPN Advanced Integration Module (AIM) for
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationToday s Topics SSL/TLS. Certification Authorities VPN. Server Certificates Client Certificates. Trust Registration Authorities
SSL/TLS Today s Topics Server Certificates Client Certificates Certification Authorities Trust Registration Authorities VPN IPSec Client tunnels LAN-to-LAN tunnels Secure Sockets Layer Secure Sockets Layer
More informationVIRTUAL PRIVATE NETWORKS: SECURE REMOTE ACCESS OVER THE INTERNET
51-10-38 DATA COMMUNICATIONS MANAGEMENT VIRTUAL PRIVATE NETWORKS: SECURE REMOTE ACCESS OVER THE INTERNET John R. Vacca INSIDE Remote User Access over the Internet; Connecting Networks over the Internet;
More informationIPsec VPN Security between Aruba Remote Access Points and Mobility Controllers
IPsec VPN Security between Aruba Remote Access Points and Mobility Controllers Application Note Revision 1.0 10 February 2011 Copyright 2011. Aruba Networks, Inc. All rights reserved. IPsec VPN Security
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationSophos UTM. Remote Access via SSL. Configuring UTM and Client
Sophos UTM Remote Access via SSL Configuring UTM and Client Product version: 9.000 Document date: Friday, January 11, 2013 The specifications and information in this document are subject to change without
More informationGuideline for setting up a functional VPN
Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationChapter 4 Virtual Private Networking
Chapter 4 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FVL328 Firewall. VPN tunnels provide secure, encrypted communications between
More informationHow to configure VPN function on TP-LINK Routers
How to configure VPN function on TP-LINK Routers 1. VPN Overview... 2 2. How to configure LAN-to-LAN IPsec VPN on TP-LINK Router... 3 3. How to configure GreenBow IPsec VPN Client with a TP-LINK VPN Router...
More informationLicenses are not interchangeable between the ISRs and NGX Series ISRs.
Q&A Cisco IOS SSL VPN Q. What is Cisco IOS SSL VPN or SSL VPN? A. Secure Sockets Layer (SSL)-based VPN is an emerging technology that provides remote-access connectivity from almost any Internet-enabled
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More information