Download - Shradhamaheshwari vpn
![Page 1: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/1.jpg)
VIRTUAL PRIVATE NETWORK
Presented by: Shradha Maheshwari
CS-08
![Page 2: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/2.jpg)
Traditional Networking
Corporate Headquarters
Remote Locations
Customers, Suppliers & Consultants
Remote Users
Leased Lines
Modem Bank
![Page 3: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/3.jpg)
A New Solution: VPNVirtual Private Networking
Internet
Telecommuters & Mobile Users
Remote Locations
Customers, Suppliers & Consultants
Corporate Headquarters
Allowing cost effective expansion of private and secure networks
![Page 4: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/4.jpg)
VPN Introduction
• Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate.
• Users only make a local call to the ISP instead of expensive long distance telephone calls to the remote access server.
![Page 5: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/5.jpg)
Types of VPN
TRUSTED VPN: Use dedicated circuitry. Path must be set and consistent. Rely on the security of a single provider’s network to protect the traffic.
Technologies used MPLS and L2F
![Page 6: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/6.jpg)
![Page 7: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/7.jpg)
SECURE VPN: All traffic is encrypted and authenticated The security properties of the VPN must be agreed
to by all parties in the VPN. No one outside the VPN can affect the security
properties of the VPN.
Technologies usedIPSecSSL/TLSPPTP
![Page 8: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/8.jpg)
HYBRID VPN:
The address boundaries of the secure VPN within the trusted VPN must be extremely clear.
Technologies usedAny supported secure VPN technologies running
over any supported trusted VPN technology.
![Page 9: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/9.jpg)
Brief Overview Of How VPN Works
1. Two connections – one is made to the Internet and the second is made to the VPN.
2. Datagrams – contains data, destination and source information.
3. Firewalls – VPNs allow authorized users to pass through the firewalls.
4. Protocols – protocols create the VPN tunnels.
![Page 10: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/10.jpg)
![Page 11: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/11.jpg)
Four Critical Functions
• Authentication – validates that the data was sent by the sender.
• Access control – limiting unauthorized users from accessing the network.
• Confidentiality – preventing the data to be read or copied as the data is being transported.
• Data Integrity – ensuring that the data has not been altered
![Page 12: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/12.jpg)
VPN Security
Encryption
AAA servers
IPSec
Firewalls
![Page 13: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/13.jpg)
Encryption
• It is a method of “scrambling” data before transmitting it onto the Internet.
• Two common techniques used for encryption are:
a) Symmetric key encryption
b) Public key encryption
![Page 14: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/14.jpg)
AAA Servers• Authentication in VPN is determining if the remote
VPN user is who or what it is declared to be.
• The use of digital certificates is considered as the strong mechanism for authentication.
• Authorization in VPN is determining what the user is allowed to do.
• Accounting in VPN is determining what the user actually does.
![Page 15: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/15.jpg)
IPSec
• Internet Protocol Security (IPSec) is an industry standard enabling secure communications over the Internet.
• IPSec is a peer-negotiated network layer protocol that can be implemented in one of the two modes:a) Transport mode
b) Tunnel mode
• The disadvantage of IPSec is that it might be incompatible with many NAT implementations.
![Page 16: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/16.jpg)
IPSec VPN
![Page 17: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/17.jpg)
SSL/TLS
• TLS and it’s predecessor, SSL, are cryptographic protocols that provide communications security over the Internet.
• Operate at the session layer.
• It can force the browser to run applets.
![Page 18: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/18.jpg)
SSL v/s IPSec
SSL VPN
• Implemented through every web browser without the need of additional client s/w.
• Works at the session layer of OSI model.
• Lower support costs.
• Network Address Translation is not a problem.
• Relatively simple.
IPSec
• Requires installation of client program on the end user machine.
• Works at the network layer of OSI model.
• Higher support costs
• It is incompatible with Network Address Translation.
• Complex in nature.
![Page 19: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/19.jpg)
Firewalls
• Monitors traffic crossing network parameters and protects enterprises from unauthorized access.
• Packet-level firewall checks source and destination.
• Application-level firewall acts as a host computer between the organization’s network and the Internet.
![Page 20: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/20.jpg)
VPN Tunneling
Secure VPN Tunnel
Intranet
Server
A tunnel establishes a secure connection between two private networks over a public medium like the Internet.
![Page 21: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/21.jpg)
• A VPN tunnel software has a management protocol that creates, maintains and terminates a tunnel.
• Data is transferred through the VPN tunnel using a datagram based protocol.
• PPTP-Point to point tunneling protocol/L2TP-Layer 2 Tunneling protocol encapsulates private network traffic in packets to be transmitted over public networks (TCP/IP).
![Page 22: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/22.jpg)
Data encapsulation[from corner]
Original Datagram
Encrypted inner datagram
Datagram Header Outer Datagram Data Area
![Page 23: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/23.jpg)
PPTP
• It is a proposed standard sponsored by Microsoft and other companies.
• PPTP creates another layer of security within TCP/IP.
• It encapsulates IP packets for transmission over an IP based network.
• Main benefit- You can create a link from any network with Internet access.
![Page 24: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/24.jpg)
L2TP
• Represents the best features of PPTP nad L2F protocol.
• L2TP can be used over the internet as well as over private intranets.
• It sets up an IP security connection thereby making the VPN connection more secure.
• Provides data confidentiality which is not present in PPTP.
![Page 25: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/25.jpg)
Two types of tunneling
• Voluntary Tunneling: In this the client starts the process of initiating a connection with the VPN server. In this case the user's computer is the end point and acts as a VPN client.
• Compulsory Tunneling: In this the connection is created between two VPN servers and two VPN access devices i.e. the routers. In this the user computer is not the end point.
VPN tunnels can be created either at the data link layer or at the network layer of the OSI model.
![Page 26: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/26.jpg)
![Page 27: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/27.jpg)
Advantages
• Eliminating the need for expensive long-distance leased lines.
• Reducing the long-distance telephone charges for remote access.
• Greater scalability and easy to add/remove users.
• Centralization of shared data.
![Page 28: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/28.jpg)
Disadvantages
• VPNs require an in-depth understanding of public network security issues and proper deployment of precautions
• Availability and performance depends on factors largely outside of their control
• VPNs need to accommodate protocols other than IP and existing internal network technology
• Unpredictable Internet traffic
![Page 29: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/29.jpg)
Industries that may use VPN
• Healthcare
• Manufacturing
• Retail
• Banking/Financial
• General business
![Page 30: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/30.jpg)
50%
63%
79%
90%
0% 20% 40% 60% 80% 100%
Access to network forbusiness
partners/customers
Site-to-site connectivitybetween offices
Remote access foremployees while
traveling
Remote access foremployees working out
of homes
% of Respondents
Percentages
![Page 31: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/31.jpg)
Implementation
• Can be done in following ways:1. Site-to-site connection:
Intranet : within an organization Extranet : outside an organization
2. Remote access : employee to business
![Page 32: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/32.jpg)
Site-to-site
![Page 33: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/33.jpg)
Applications of site-to-site vpn
• Large-scale encryption between multiple fixed sites such as remote offices and central offices.
• Network traffic is sent over the branch office Internet connection.
• This saves the company hardware and management expenses
![Page 34: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/34.jpg)
• Remote access
![Page 35: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/35.jpg)
Applications of remote access
• Encrypted connections between mobile or remote users and their corporate networks
• Remote user can make a local call to an ISP, as opposed to a long distance call to the corporate remote access server.
• Ideal for a telecommuter or mobile sales people.
• VPN allows mobile workers & telecommuters to take advantage of broadband connectivity i.e. DSL, Cable.
![Page 36: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/36.jpg)
REFERENCES
• Mitchell, Bradley. "VPN Tutorial." About.Com. 2007. 8 Mar. 2007 <http://compnetworking.about.com/od/vpn/l/aa010701a.htm>.
• Tyson, Jeff. "How Virtual Private Networks Work." How Stuff Works. 6 Mar. 2007 <http://computer.howstuffworks.com/vpn.htm>.
• "Virtual Private Network." Wikipedia: the Free Encyclopedia. 6 Mar. 2007. 9 Mar. 2007 <http://en.wikipedia.org/wiki/Vpn>.
• http://compnetworking.about.com/od/vpn/VPN_Virtual_Private_Networking.htm
• http://www.authorstream.com/Presentation/quangthanh-168465-vpn-abc-entertainment-ppt-powerpoint/
• www.vpntools.com
![Page 37: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/37.jpg)
THANK YOU
![Page 38: Shradhamaheshwari vpn](https://reader035.vdocument.in/reader035/viewer/2022062707/55839221d8b42af07a8b4c05/html5/thumbnails/38.jpg)
ANY QUERIES??