vpn
DESCRIPTION
virtual private naetworkTRANSCRIPT
![Page 1: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/1.jpg)
Submitted
BY
Mr.Milan Patel (110090107006)
Mr.Vimal Gajera (110090107014)
Submitted To
Supervisor
Prof. Saurabh Tandel
Virtual Private Network (VPN)
Department of Computer EngineeringC. K. PITHAWALLA COLLEGE OF ENGINEERING
AND TECHNOLOGY, SURAT
![Page 2: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/2.jpg)
Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate.
It is virtual because it exists as a virtual entity within a public network
It is private because it is confined to a set of private users
What is VPN?
![Page 3: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/3.jpg)
Provide users with secured remote access over the Internet to corporate resources
Connect two computer networks securely over the InternetExample: Connect a branch office
network to the network in the head office
Secure part of a corporate network for security and confidentiality purpose
Some Common Uses of VPN
![Page 4: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/4.jpg)
Two connections – one is made to the Internet and the second is made to the VPN.
Datagrams – contains data, destination and source information.
Firewalls – VPNs allow authorized users to pass through the firewalls.
Protocols – protocols create the VPN tunnels.
Brief Overview of How it Works
![Page 5: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/5.jpg)
Remote Access Over the Internet
![Page 6: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/6.jpg)
User Authentication
Address Management
Data Encryption
Key Management
Multi-protocol Support
Basic VPN Requirements
![Page 7: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/7.jpg)
User Authentication
VPN must be able to verify user authentication and allow only authorized users to access the network
![Page 8: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/8.jpg)
Address Management
Assign addresses to clients and ensure that private addresses are kept private on the VPN
![Page 9: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/9.jpg)
Data Encryption
Encrypt and decrypt the data to ensure that others on the not have access to the data
![Page 10: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/10.jpg)
Key Management
Keys must be generated and refreshed for encryption at the server and the client
Note that keys are required for encryption
![Page 11: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/11.jpg)
Multi-protocol Support
The VPN technology must support commons protocols on the Internet such as IP, IPX etc.
![Page 12: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/12.jpg)
Four Protocols used in VPN
PPTP -- Point-to-Point Tunneling Protocol
L2TP -- Layer 2 Tunneling Protocol
IPsec -- Internet Protocol Security
SOCKS – is not used as much as the ones above
![Page 13: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/13.jpg)
Point-to-Point Tunneling Protocol (PPTP)
Encapsulate and encrypt the data to be sent over a corporate or public IP network
![Page 14: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/14.jpg)
Level 2 Tunneling Protocol ( L2TP)
Encrypted and encapsulated to be sent over a communication links that support user datagram mode of transmission Examples of links include X . 2 5,
Frame Relay and ATM
![Page 15: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/15.jpg)
IPSec Tunnel Mode
Encapsulate and encrypt in an IP header for transmission over an IP network
![Page 16: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/16.jpg)
VPN SecurityFIREWALLS
ENCRYPTION
IPSEC PROTOCOL
AAA SERVER
![Page 17: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/17.jpg)
FIREWALLS
![Page 18: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/18.jpg)
Symmetric-key encryption
Public-key encryption
ENCRYPTION
![Page 19: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/19.jpg)
IPSEC PROTOCOL
![Page 20: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/20.jpg)
AAA means Authentication, Authorization and Accounting servers
AAA then checks the following:
Who you are (authentication) What you are allowed to do
(authorization) What you actually do (accounting)
AAA SERVER
![Page 21: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/21.jpg)
Tunneling involves the encapsulation, transmission and decapsulation of data packets
The data is encapsulated with additional headers
The additional headers provide routing information for encapsulated data to be routed between the end points of a tunnel
Tunneling
![Page 22: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/22.jpg)
A virtual point-to-point connection made through a public network. It
transports encapsulated datagrams.
Tunneling (2)
Original Datagram
Encrypted Inner Datagram
Datagram Header Outer Datagram Data Area
Data Encapsulation [From Comer]
![Page 23: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/23.jpg)
Tunneling (3)
![Page 24: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/24.jpg)
Advantages VS.
Disadvantages
![Page 25: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/25.jpg)
Eliminating the need for expensive long-distance leased lines
Reducing the long-distance telephone charges for remote access.
Transferring the support burden to the service providers
Operational costs
Cisco VPN Savings Calculator
Advantages: Cost Savings
![Page 26: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/26.jpg)
Flexibility of growth
Efficiency with broadband technology
Advantages: Scalability
![Page 27: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/27.jpg)
VPNs require an in-depth understanding of public network security issues and proper deployment of precautions
Availability and performance depends on factors largely outside of their control
Immature standards
VPNs need to accommodate protocols other than IP and existing internal network technology
Disadvantages
![Page 28: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/28.jpg)
Large-scale encryption between multiple fixed sites such as remote offices and central offices
Network traffic is sent over the branch office Internet connection
This saves the company hardware and management expenses
Applications: Site-to-Site VPNs
![Page 29: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/29.jpg)
Site-to-Site VPNs
![Page 30: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/30.jpg)
Encrypted connections between mobile or remote users and their corporate networks
Remote user can make a local call to an ISP, as opposed to a long distance call to the corporate remote access server.
Ideal for a telecommuter or mobile sales people.
VPN allows mobile workers & telecommuters to take advantage of broadband connectivity. i.e. DSL, Cable
Applications: Remote Access
![Page 31: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/31.jpg)
Healthcare: enables the transferring of confidential patient information within the medical facilities & health care provider
Manufacturing: allow suppliers to view inventory & allow clients to purchase online safely
Retail: able to securely transfer sales data or customer info between stores & the headquarters
Bankin g /Financial : enables account information to be transferred safely within departments & branches
General Business: communication between remote employees can be securely exchanged
Industries That May Use a VPN
![Page 32: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/32.jpg)
Statistics From Gartner – Consulting*
50%
63%
79%
90%
0% 20% 40% 60% 80% 100%
Access to ne twork forbusiness
partners /customers
Site -to-s ite connectivitybe tween office s
Remote acce ss foremployees while
trave ling
Remote acce ss foremployees working out
of homes
% of Respondents
Percentages
*Source: www.cisco.com
![Page 33: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/33.jpg)
CVS Pharmaceutical Corporation upgraded their frame relay network to an IP VPN
ITW Foilmark secured remote location orders, running reports, & internet / intranet communications w/ a 168 -bit encryption by switching to OpenReach VPN
Bacardi & Co. Implemented a 21 -country, 44-location VPN
Some Businesses using a VPN
![Page 34: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/34.jpg)
VPNs are continually being enhanced. Example: Equant NV
As the VPN market becomes larger, more applications will be created along with more VPN providers and new VPN types.Networks are expected to converge to create an integrated VPNImproved protocols are expected, which will also improve VPNs.
Where Do We See VPNs Going in the Future?
![Page 35: vpn](https://reader033.vdocument.in/reader033/viewer/2022052904/5580fbb3d8b42a9d198b4c90/html5/thumbnails/35.jpg)
THANK YOU !