securing data transmission and authentication. securing traffic with ipsec ipsec allows us to...
TRANSCRIPT
![Page 1: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/1.jpg)
Securing Data Transmission and Authentication
![Page 2: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/2.jpg)
Securing Traffic with IPSec IPSec allows us to protect our network from within
IPSec secures the IP protocolIPSec has two principle goals:
To protect the contents of IP packetsTo provide defense against network attacks through
packet filtering and the enforcement of trusted communication.
Attacks that IPSec can prevent and reduce:Packet Sniffing Man in the MiddleData Modification Denial of ServiceIdentity Spoofing
![Page 3: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/3.jpg)
Understanding IPSecIPSec can be deployed in the following scenarios:
LAN – Client/Server and peer to peer LANsWAN – Router to RouterRemote Access – Dial up clients and Internet access
from private networksBoth sides require a shared IPSec policy to
establish the security settings that will be used.IPSec can be configured to use one of two modes:
Transport mode – Use this mode when you require packet filtering and when you require end-to-end security.
Tunnel mode – Use tunnel mode for site-to-site communications that cross the Internet. Gateway-to-Gateway protection
![Page 4: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/4.jpg)
Understanding IPSec contd.IPSec provides security using a combination
of individual protocols.Authentication Header (AH) – protocol
provides authentication, integrity, and anti-replay for the packet. This protocol does not encrypt, but protects from modification.
Encapsulating Security Payload (ESP) – provides confidentiality of the packet (encryption).
![Page 5: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/5.jpg)
Understanding Security AssociationsSA – is the combination of security services,
protection mechanisms, and keys agreed to by communicating peers.
When traffic meets a filter that is defined in the policy, the security parameters much then be negotiated. The SA is what is agreed upon.
Internet Key Exchange (IKE) – an algorithm used to generate the secret keys agreed upon in the SA.
![Page 6: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/6.jpg)
IPSec PoliciesPolicies are the security rules that define the
desired security levels negotiated in the SA.The policy also define which traffic is “interesting”
and whether or not to negotiate IPSec or just send the information with out modification.
Components of a Policy: Tunnel setting Network Type IP filter IP protocol Port IP filter list Filter Action Authentication method
![Page 7: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/7.jpg)
Creating IPSec PoliciesGo to local security Policy
Use “IP security policies” for policies that must be compatible with versions of Windows older than Vista/Server 2008
Use Windows Firewall with Advanced Security for Vista/Server 2008 systems.
![Page 8: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/8.jpg)
Breaking it all downExample on board
![Page 9: Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol](https://reader036.vdocument.in/reader036/viewer/2022080223/5697bfdf1a28abf838cb2b2a/html5/thumbnails/9.jpg)
Configuring Network AuthenticationWhen a computer connects to a network it
must be authenticated. Typically this is done through Active Directory and Kerberos.
However, if there is no AD domain or you have older clients you may need to change the Authentication type to NTLM.
Computer Configuration->Policies->Windows Setting-> Security Settings->Security Options->Network Security:NTLM