Virtual Private Networks



Similar documents
Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

Network Security Part II: Standards

Network Access Security. Lesson 10

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Virtual Private Networks Solutions for Secure Remote Access. White Paper

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Technical papers Virtual private networks

Cisco Which VPN Solution is Right for You?

How To Understand And Understand The Security Of A Key Infrastructure

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Virtual Private Networks: IPSec vs. SSL

IP Security. IPSec, PPTP, OpenVPN. Pawel Cieplinski, AkademiaWIFI.pl. MUM Wroclaw

Introduction to Computer Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

VPN. VPN For BIPAC 741/743GE

VPN SECURITY. February The Government of the Hong Kong Special Administrative Region

Joe Davies Principal Writer Windows Server Documentation

CS 4803 Computer and Network Security

VPN. Date: 4/15/2004 By: Heena Patel

"ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT"

Application Note: Onsight Device VPN Configuration V1.1

Case Study for Layer 3 Authentication and Encryption

Computer Networks. Secure Systems

Securing IP Networks with Implementation of IPv6

Introduction to Computer Security

Securing an IP SAN. Application Brief

Network Security. Lecture 3

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

Creating a VPN Using Windows 2003 Server and XP Professional

Electronic Service Agent TM. Network and Transmission Security And Information Privacy

Study on Remote Access for Library Based on SSL VPN

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Executive Summary and Purpose

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

Chapter 9. IP Secure

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Security vulnerabilities in the Internet and possible solutions

This chapter describes how to set up and manage VPN service in Mac OS X Server.

Virtual Private Network VPN IPSec Testing: Functionality Interoperability and Performance

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Chapter 10. Network Security

Virtual Private Networks

Security and the Mitel Networks Teleworker Solution (6010) Mitel Networks White Paper

Site to Site Virtual Private Networks (VPNs):

What is a SSL VPN and How Does it Work?

Lecture 17 - Network Security

Cornerstones of Security

CCNA Security 1.1 Instructional Resource

Virtual Private Network and Remote Access

CS 393/682 Network Security. Nasir Memon Polytechnic University Module 7 Virtual Private Networks

VPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls

Protocol Security Where?

Chapter 4: Security of the architecture, and lower layer security (network security) 1

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

7.1. Remote Access Connection

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

IPsec VPN Security between Aruba Remote Access Points and Mobility Controllers

TLS and SRTP for Skype Connect. Technical Datasheet

Overview. Protocols. VPN and Firewalls

Remote Access VPNs Performance Comparison between Windows Server 2003 and Fedora Core 6

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

MCTS Guide to Microsoft Windows 7. Chapter 14 Remote Access

VPN Modules for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Chapter 17. Transport-Level Security

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

AN OVERVIEW OF REMOTE ACCESS VPNS: ARCHITECTURE AND EFFICIENT INSTALLATION

Virtual Private Networks

Chapter 7 Transport-Level Security

A Web Broker Architecture for Remote Access A simple and cost-effective way to remotely maintain and service industrial machinery worldwide

Bypassing PISA AGM Theme Seminar Presented by Ricky Lou Zecure Lab Limited

Lecture 10: Communications Security

Internet Privacy Options

IP Security. Ola Flygt Växjö University, Sweden

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

Today s Topics SSL/TLS. Certification Authorities VPN. Server Certificates Client Certificates. Trust Registration Authorities

Chapter 12 Supporting Network Address Translation (NAT)

NETWORK SECURITY (W/LAB) Course Syllabus

LECTURE 4 NETWORK INFRASTRUCTURE

CSCI 454/554 Computer and Network Security. Topic 8.1 IPsec

Virtual Private Network and Remote Access Setup

FortiOS Handbook IPsec VPN for FortiOS 5.0

I. What is VPN? II. Types of VPN connection. There are two types of VPN connection:

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Corporate VPN Using Mikrotik Cloud Feature. By SOUMIL GUPTA BHAYA Mikortik Certified Trainer

How To Pass A Credit Course At Florida State College At Jacksonville

Intranet Security Solution

Network Security Fundamentals

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

SSL VPN. Virtual Private Networks based on Secure Socket Layer. Mario Baldi. Politecnico di Torino. Dipartimento di Automatica e Informatica

ICTTEN8195B Evaluate and apply network security

CHAPTER 1 INTRODUCTION

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Exam Questions SY0-401

Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999

Transcription:

Virtual Private Networks ECE 4886 Internetwork Security Dr. Henry Owen

Definition Virtual Private Network VPN! Virtual separation in protocol provides a virtual network using no new hardware! Private communication over VPN is encrypted! Network infrastructure over which computers communicate

VPN Elements Encrypted Tunnel! Privacy of Information Important!! Internet is a public network <- need for secure communications! Data is encrypted upon transmission and decrypted upon arrival at the destination! Two hosts effectively communicate directly! Data is tunneled from one to the other

VPN Elements Authenticated Endpoints! Messages are authenticated! Possible replay attack to reveal crypto key! VPN hashing algorithm If the packet has been changed by one bit, VPN will drop the packet Hackers are reduced to guessing the key Replay attack ineffective

VPN Elements Underlying Transport! Uses existing network connection! TCP/IP Protocol VPN & Internet VPNs can be placed anywhere! Personal network! Internet

VPN Advantages Improved Security Consolidation of Scattered Resources Transparency to Users Reduced Cost Ease of Administration

VPN Disadvantages Time Consuming Setup Troubleshooting Internet Availability Interoperability with other Networks

Implementing VPNs SSH over PPP SSL over PPP IPSec PPTP

VPN via SSH & PPP Point-to-Point Protocol over a Secure Shell connection Establishing a Network Connection! Establish an SSH connection VPN Client " VPN Server! Each have PPP daemons that will communicate through the SSH connection! Viola! A VPN CONNECTION!

VPN via SSL & PPP Point-to-Point Protocol over a Secure Socket Layer connection Secure Socket Layer! Built-in support for Host Authentication! Certificates

VPN via SSL & PPP Establishing a Network Connection! Initial Handshake for secure communication! Hello messages establish: SSL Version, support for Cipher suites, and some random data! Key is determined separately from handshake! SSL Connection Complete!! Data transferred over the link

VPN via IPSec Internet Protocol Security IPSec Security at the IP layer Two Modes! Transport Modifies only upper levels by adding headers and protection between upper level and original IP header Designed for hosts to protect IP traffic between each other

VPN via IPSec Two Modes (Cont d)! Tunnel Treats entire packet as a block Encapsulates the packet into an encrypted payload Designed to tunnel traffic between gateways Relies on sets of rules that specify the type of protection needed for certain packets similar to firewall rules

VPN via PPTP Point-to-Point Tunneling Protocol! Microsoft s Implementation of VPN! Data is first encapsulated inside PPP packets! PPP packets are then encapsulated in GRE packets and sent over the link PPTP uses two connections! One for the data being sent! Another for a control channel

VPN via PPTP PPTP Not Usually Used on Linux! Only for interoperability with Windows machines PPTP VPN can be established without encryption! Possible security issue here Not recommended for Linux systems, since there are easier and more secure VPN implementations

Resources Books:! Building Linux Virtual Private Networks Oleg Kolesnikov, Brian Hatch! Linux Server Hacks Rob Flickenger Websites:! http://vpn.shmoo.com/! http://www.tldp.org/howto/vpn-howto/

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information