Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Intel / Shiva VPN Solutions Stephen Wong System Engineer.

Published byCheyenne Bonifas Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Intel / Shiva VPN Solutions Stephen Wong System Engineer."— Presentation transcript:

1 1 Intel / Shiva VPN Solutions Stephen Wong System Engineer

2 2 Agenda VPN Concept VPN Benefit Shiva VPN Suite Case Study - Open University Conclusion VPN Concept VPN Benefit Shiva VPN Suite Case Study - Open University Conclusion

3 3 A VPN (Virtual Private Network) Is a Technology That Connects Individuals and Systems Securely Over the Internet. Internet ISPModemsISPModems VPNGatewayVPNGateway VPN GatewayVPN Corporate LAN Corporate LAN Remote LAN Remote LAN Headquarters Branch Office Traveling Employee or Telecommuter VPN Client VPN Client VPN Provides a New Option

4 4 Secure VPN Tunnel Internet ISPModemsISPModems CorporateModemsCorporateModems LAN Local Long Distance VPN Gateway VPN Gateway Telephone Network VPN Client VPN Client Router/FirewallRouter/Firewall Remote Access: Dial and VPN

5 5 San Francisco New York Dallas Chicago Fully Meshed Leased Line or Frame Relay Network San Francisco New York Dallas Chicago Internet Fully meshed VPN network LAN-to-LAN: Leased Line and VPN

6 6 VPN Benefits Save Money (Reduce NW Costs by 30-60%) –Eliminate long distance charges –Reduce private leased line charges Increase Business Speed and Flexibility –Internet can be accessed everywhere through many technologies –Internet capacity is available on demand Save Money (Reduce NW Costs by 30-60%) –Eliminate long distance charges –Reduce private leased line charges Increase Business Speed and Flexibility –Internet can be accessed everywhere through many technologies –Internet capacity is available on demand

7 7 VPN Technology Basic VPN Concepts –Tunneling –Encryption –Authentication Associated VPN Concepts –Routing –Firewalling –Load Balancing Basic VPN Concepts –Tunneling –Encryption –Authentication Associated VPN Concepts –Routing –Firewalling –Load Balancing

8 8 Definition Tunnels are a method of transmitting private data over public networks Tunnels employ a technique called “encapsulation” Secure Tunnels are tunnels that guarantee the privacy and integrity of the transmitted data and the authenticity of the parties communicating Standards Alternatives PPTP, L2F, L2TP (Layer 2, Remote Access Only, Not Secure) IPSec (Layer 3, Remote Access AND LAN-to-LAN, Strong Security) Tunneling Benefits hides network topology and application information connect “un-routed” networks across the Internet Definition Tunnels are a method of transmitting private data over public networks Tunnels employ a technique called “encapsulation” Secure Tunnels are tunnels that guarantee the privacy and integrity of the transmitted data and the authenticity of the parties communicating Standards Alternatives PPTP, L2F, L2TP (Layer 2, Remote Access Only, Not Secure) IPSec (Layer 3, Remote Access AND LAN-to-LAN, Strong Security) Tunneling Benefits hides network topology and application information connect “un-routed” networks across the Internet Internet Basics: Tunneling

9 9 Basics: Encryption Encryption Ensures the Privacy and Integrity of Transmitted Data Encryption Terms –DES - encryption standard (also known as 56-bit) –3DES - 168-bit encryption standard; most secure –Public and Private keys –IKE - Internet Key Exchange Level of Security Is Dependent On: –Strength of the underlying algorithm –Key length (512, 1024, or 2048-bit) –Frequency of key change Encryption Ensures the Privacy and Integrity of Transmitted Data Encryption Terms –DES - encryption standard (also known as 56-bit) –3DES - 168-bit encryption standard; most secure –Public and Private keys –IKE - Internet Key Exchange Level of Security Is Dependent On: –Strength of the underlying algorithm –Key length (512, 1024, or 2048-bit) –Frequency of key change

10 10 Basics: Authentication Authentication Guarantees the Identity and Authority of the VPN Participants Choices Include: –Technologies: passwords, challenge phrase, tokens with one- time passwords, and X.509 digital certificates –Products: NT Domains, NDS, RADIUS, SDI, Entrust, Shiva CA A VPN Solution Should Allow You to Choose the Authentication Method That Matches Your Needs Authentication Guarantees the Identity and Authority of the VPN Participants Choices Include: –Technologies: passwords, challenge phrase, tokens with one- time passwords, and X.509 digital certificates –Products: NT Domains, NDS, RADIUS, SDI, Entrust, Shiva CA A VPN Solution Should Allow You to Choose the Authentication Method That Matches Your Needs

11 11 Shiva’s VPN Suite

12 12 VPN Components LanRover VPN Gateway –Dedicated Hardware Platform –Dedicated Triple-DES acceleration hardware –Integrated ICSA-certified firewall & routing –Scalability (load balancing & redundancy) Shiva VPN Client for Windows 95, 98 and NT –Transparent to end user –Works with existing client and server applications Shiva Certificate Authority –Best security available Shiva VPN Manager –Centralized management of distributed gateways LanRover VPN Gateway –Dedicated Hardware Platform –Dedicated Triple-DES acceleration hardware –Integrated ICSA-certified firewall & routing –Scalability (load balancing & redundancy) Shiva VPN Client for Windows 95, 98 and NT –Transparent to end user –Works with existing client and server applications Shiva Certificate Authority –Best security available Shiva VPN Manager –Centralized management of distributed gateways

13 13 Shiva VPN Client Client Software for Windows 95, 98, and NT Platforms Establishes an Encrypted Tunnel From the Client to the LanRover VPN Gateway –Supports the same tunneling, encryption and authentication protocols as LanRover VPN Gateway Interoperates Transparently With Existing Business Applications Such As E-mail and Databases Supports Dial-up, Cable Modem, DSL and LAN Connections Supports Compression for Improved Performance Client Software for Windows 95, 98, and NT Platforms Establishes an Encrypted Tunnel From the Client to the LanRover VPN Gateway –Supports the same tunneling, encryption and authentication protocols as LanRover VPN Gateway Interoperates Transparently With Existing Business Applications Such As E-mail and Databases Supports Dial-up, Cable Modem, DSL and LAN Connections Supports Compression for Improved Performance

14 14 Case Studies - Open University (Intel / Shiva VPN Solution) Remote Access

15 15 ISSUES –Security for remote users (encryption, tunneling, authentication) –Sensitive information (Course material, etc) –Long distance charges for oversea students –Protect internal network with Firewall –Same username and password in different applications(e.g. RAS, VPN, Mail, etc) ISSUES –Security for remote users (encryption, tunneling, authentication) –Sensitive information (Course material, etc) –Long distance charges for oversea students –Protect internal network with Firewall –Same username and password in different applications(e.g. RAS, VPN, Mail, etc) Case Study - Open University

16 16 Case Study - Open University Open University: –An University base in Hong Kong SOLUTION –Shiva VPN Client provides access through VPN tunnels –Security with encryption, tunneling and digital certificates –No long distance charges –ICSA-Certified firewall in Shiva VPN Gateway –In process of replacing frame relay with office to office VPN across the Internet –Shiva Access Manager provide Integrated VPN and RAS solution and provide proxy services to UNIX, KEBEROS Open University: –An University base in Hong Kong SOLUTION –Shiva VPN Client provides access through VPN tunnels –Security with encryption, tunneling and digital certificates –No long distance charges –ICSA-Certified firewall in Shiva VPN Gateway –In process of replacing frame relay with office to office VPN across the Internet –Shiva Access Manager provide Integrated VPN and RAS solution and provide proxy services to UNIX, KEBEROS

17 17 Case Study: Education Internet Router Management Consultant dialing any local ISP Benefits: Extend the campus network to remote students Eliminate long distance toll charges Supplement direct- dial capacity Single Login for UNIX, RAS, VPN Open University Library System File Servers Shiva Access Manager Shiva VPN Client ISP POP LanRover VPN Gateway

18 18 Conclusion Save Money (Reduce NW Costs by 30-60%) Increase Business Speed and Flexibility Improve Security Use Existing Applications, Infrastructure and User Environments Build a secured, easy to use, scalable and standard base Business Network Increase your Business competitiveness thru Intel / Shiva VPN Save Money (Reduce NW Costs by 30-60%) Increase Business Speed and Flexibility Improve Security Use Existing Applications, Infrastructure and User Environments Build a secured, easy to use, scalable and standard base Business Network Increase your Business competitiveness thru Intel / Shiva VPN

19 19 Thank You stephen.wong@intel.com

Download ppt "1 Intel / Shiva VPN Solutions Stephen Wong System Engineer."

Similar presentations

Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.

Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.

VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
91.527 - Human Computer Interaction - Fall 2010 Class project By Khang Nguyen Virtual Private Network Design for Remote Access Cambridge - SFO Airport.

Human Computer Interaction - Fall 2010 Class project By Khang Nguyen Virtual Private Network Design for Remote Access Cambridge - SFO Airport.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.

VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.

Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?

In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
Virtual Private Networks Globalizing LANs Timothy Hohman.

Virtual Private Networks Globalizing LANs Timothy Hohman.
Virtual Private Networking Karlene R. Samuels COSC513.

Virtual Private Networking Karlene R. Samuels COSC513.
Internet Security Seminar Class CS591 Presentation Topic: VPN.

Internet Security Seminar Class CS591 Presentation Topic: VPN.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

Similar presentations

Ads by Google