Download presentation
Presentation is loading. Please wait.
1
1 IP VPN Nikolay Scarbnik
2
2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5 VPN types……………………………………………………………6 OSI……………………………………………………………………7 VPNs classification………………………………………………….8 Example:IPSec Tunnel Mode…………………………………………10 VPN example- IPSec………………………………………………11 IPSec Overview…………………………………………………….12 Algorithms for encryption … ……………...…………………………11 Public Key Encryption……………………………………………...14 Diffie-Hellman Key Exchange……………………………………..15 IPSec Security Protocols…………………………………………..16 IPSec AH & ESP …………………………………………….………17 Secure Protocol- ESP……………………………………………...18 Secure Protocol- AH………………………………………………..20 References…………………………………………………………..22
3
3 Introduction This project describes VPNs, or Virtual Private Networks. I’ll try to briefly describe the main components, technologies and advantages. The audience is expected to have some basic knowledge the TCP/IP protocols, as well as general security concepts.
4
4 VPN concept definition VPN- Virtual Private Network. The VPN concept is all about combining several separated Private Networks using public infrastructure. Virtual- because it’s dynamic connection over public infrastructure. Private- data security is preserved. Network- connects several LANs or single computers to a mainframe/LAN
5
5 VPN advantages Cost saving. Accessibility& secure connection. Application transparent.
6
6 VPN types PPTP- point-to-point tunneling protocol L2F- layer-2 forwarding L2TP- layer-2 tunneling protocol IPSec- IP security protocol GRE- generic routing encapsulation MPLS- multiprotocol label switching ATM- asynchronous transfer mode Frame Relay
7
7 7 Layers Model VPN uses the 2’nd or the 3’d layer of the OSI model.
8
8 VPNs classification Layer 2 VPN P2P over VC ATM Frame Relay Layer 3 VPN P2P, Any2Any GREMPLSIPSec
9
9 VPNs classification ATM Site-to-site VPNs Static Frame Relay GREMPLS Remote access VPNs Dynamic IPSecLT2P
10
10 Example:IPSec Tunnel Mode
11
11 VPN example- IPSec Whats IPSec? IPSecs goal is to secure IP packets (IPv6/v4). What is it good for? IPSec provides authentication, integrity, access control, and confidentiality.
12
12 IPSec Overview Fundamental components of IPSec : Algorithms for encryption Key management ISAKMP, IKE, SKEME Security protocols Authentication header (AH) and encapsulation security payload (ESP)
13
13 Algorithms for encryption Symmetric Algorithms: DES, 3DES, and AES. Asymmetric Algorithms-public key algorithms: IKE (Internet Key Exchange ) In 1999, the DES key was cracked in less than 24 hours by using an exhaustive key search. IPSec
14
14 Public Key Encryption
15
15 Diffie-Hellman Key Exchange
16
16 IPSec Security Protocols Encapsulating security payload (ESP) Authentication header (AH) >> IP datagram security <<
17
17 IPSec AH & ESP Packet in IPSec Transport Mode IP Packet in IPSec Tunnel Mode
18
18 Secure Protocol- ESP IP Packet Protected by ESP
19
19 Secure Protocol- ESP IP Packet Protected by ESP in Transport Mode IP Packet Protected by ESP in Tunnel Mode
20
20 Secure Protocol- AH AH provides: connectionless integrity, data authentication, and optional replay protection. IP Packet Protected by AH
21
21 Secure Protocol- AH IP Packet Protected by AH in Transport Mode IP Packet Protected by AH in Tunnel Mode
22
22 References http://www.iec.org/ http://www.raduniversity.com/2004/vpn/ Cisco Press IPSec VPN Design Cisco - Safe VPN - IPSec In Depth
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.