Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Published byLillian Townsend Modified over 8 years ago

Similar presentations

Presentation on theme: "Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol."— Presentation transcript:

1 Securing Data Transmission and Authentication

2 Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol IPSec has two principle goals: To protect the contents of IP packets To provide defense against network attacks through packet filtering and the enforcement of trusted communication. Attacks that IPSec can prevent and reduce: Packet SniffingMan in the Middle Data ModificationDenial of Service Identity Spoofing

3 Understanding IPSec IPSec can be deployed in the following scenarios: LAN – Client/Server and peer to peer LANs WAN – Router to Router Remote Access – Dial up clients and Internet access from private networks Both sides require a shared IPSec policy to establish the security settings that will be used. IPSec can be configured to use one of two modes: Transport mode – Use this mode when you require packet filtering and when you require end-to-end security. Tunnel mode – Use tunnel mode for site-to-site communications that cross the Internet. Gateway-to- Gateway protection

4 Understanding IPSec contd. IPSec provides security using a combination of individual protocols. Authentication Header (AH) – protocol provides authentication, integrity, and anti-replay for the packet. This protocol does not encrypt, but protects from modification. Encapsulating Security Payload (ESP) – provides confidentiality of the packet (encryption).

5 Understanding Security Associations SA – is the combination of security services, protection mechanisms, and keys agreed to by communicating peers. When traffic meets a filter that is defined in the policy, the security parameters much then be negotiated. The SA is what is agreed upon. Internet Key Exchange (IKE) – an algorithm used to generate the secret keys agreed upon in the SA.

6 IPSec Policies Policies are the security rules that define the desired security levels negotiated in the SA. The policy also define which traffic is “interesting” and whether or not to negotiate IPSec or just send the information with out modification. Components of a Policy: Tunnel setting Network Type IP filter IP protocol Port IP filter list Filter Action Authentication method

7 Creating IPSec Policies Go to local security Policy Use “IP security policies” for policies that must be compatible with versions of Windows older than Vista/Server 2008 Use Windows Firewall with Advanced Security for Vista/Server 2008 systems.

8 Breaking it all down Example on board

9 Configuring Network Authentication When a computer connects to a network it must be authenticated. Typically this is done through Active Directory and Kerberos. However, if there is no AD domain or you have older clients you may need to change the Authentication type to NTLM. Computer Configuration->Policies->Windows Setting- > Security Settings->Security Options->Network Security:NTLM

Download ppt "Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.

IP Security. Overview In 1994, Internet Architecture Board (IAB) issued a report titled “Security in the Internet Architecture”. This report identified.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.

Chapter 6 IP Security. Outline Internetworking and Internet Protocols (Appendix 6A) IP Security Overview IP Security Architecture Authentication Header.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Security Data Transmission and Authentication

Security Data Transmission and Authentication

Similar presentations

Ads by Google