Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5."— Presentation transcript:

1 1 IP VPN Nikolay Scarbnik

2 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5 VPN types……………………………………………………………6 OSI……………………………………………………………………7 VPNs classification………………………………………………….8 Example:IPSec Tunnel Mode…………………………………………10 VPN example- IPSec………………………………………………11 IPSec Overview…………………………………………………….12 Algorithms for encryption … ……………...…………………………11 Public Key Encryption……………………………………………...14 Diffie-Hellman Key Exchange……………………………………..15 IPSec Security Protocols…………………………………………..16 IPSec AH & ESP …………………………………………….………17 Secure Protocol- ESP……………………………………………...18 Secure Protocol- AH………………………………………………..20 References…………………………………………………………..22

3 3 Introduction This project describes VPNs, or Virtual Private Networks. I’ll try to briefly describe the main components, technologies and advantages. The audience is expected to have some basic knowledge the TCP/IP protocols, as well as general security concepts.

4 4 VPN concept definition VPN- Virtual Private Network. The VPN concept is all about combining several separated Private Networks using public infrastructure. Virtual- because it’s dynamic connection over public infrastructure. Private- data security is preserved. Network- connects several LANs or single computers to a mainframe/LAN

5 5 VPN advantages Cost saving. Accessibility& secure connection. Application transparent.

6 6 VPN types PPTP- point-to-point tunneling protocol L2F- layer-2 forwarding L2TP- layer-2 tunneling protocol IPSec- IP security protocol GRE- generic routing encapsulation MPLS- multiprotocol label switching ATM- asynchronous transfer mode Frame Relay

7 7 7 Layers Model VPN uses the 2’nd or the 3’d layer of the OSI model.

8 8 VPNs classification Layer 2 VPN P2P over VC ATM Frame Relay Layer 3 VPN P2P, Any2Any GREMPLSIPSec

9 9 VPNs classification ATM Site-to-site VPNs Static Frame Relay GREMPLS Remote access VPNs Dynamic IPSecLT2P

10 10 Example:IPSec Tunnel Mode

11 11 VPN example- IPSec Whats IPSec? IPSecs goal is to secure IP packets (IPv6/v4). What is it good for? IPSec provides authentication, integrity, access control, and confidentiality.

12 12 IPSec Overview Fundamental components of IPSec : Algorithms for encryption Key management ISAKMP, IKE, SKEME Security protocols Authentication header (AH) and encapsulation security payload (ESP)

13 13 Algorithms for encryption Symmetric Algorithms: DES, 3DES, and AES. Asymmetric Algorithms-public key algorithms: IKE (Internet Key Exchange ) In 1999, the DES key was cracked in less than 24 hours by using an exhaustive key search. IPSec

14 14 Public Key Encryption

15 15 Diffie-Hellman Key Exchange

16 16 IPSec Security Protocols Encapsulating security payload (ESP) Authentication header (AH) >> IP datagram security <<

17 17 IPSec AH & ESP Packet in IPSec Transport Mode IP Packet in IPSec Tunnel Mode

18 18 Secure Protocol- ESP IP Packet Protected by ESP

19 19 Secure Protocol- ESP IP Packet Protected by ESP in Transport Mode IP Packet Protected by ESP in Tunnel Mode

20 20 Secure Protocol- AH AH provides: connectionless integrity, data authentication, and optional replay protection. IP Packet Protected by AH

21 21 Secure Protocol- AH IP Packet Protected by AH in Transport Mode IP Packet Protected by AH in Tunnel Mode

22 22 References http://www.iec.org/ http://www.raduniversity.com/2004/vpn/ Cisco Press IPSec VPN Design Cisco - Safe VPN - IPSec In Depth

Download ppt "1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.

VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.

Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
WAN Technologies Dial-up modem connections Cheap Slow

WAN Technologies Dial-up modem connections Cheap Slow
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Configuration of a Site-to-Site IPsec Virtual Private Network Anuradha Kallury CS 580 Special Project August 23, 2005.

Configuration of a Site-to-Site IPsec Virtual Private Network Anuradha Kallury CS 580 Special Project August 23, 2005.
Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.

Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.
Internet Security Seminar Class CS591 Presentation Topic: VPN.

Internet Security Seminar Class CS591 Presentation Topic: VPN.
CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity

CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.
Network Security Philadelphia UniversitylAhmad Al-Ghoul 2010-20111 Module 12 Module 12 Virtual Private Networks  MModified by :Ahmad Al Ghoul  PPhiladelphia.

Network Security Philadelphia UniversitylAhmad Al-Ghoul Module 12 Module 12 Virtual Private Networks  MModified by :Ahmad Al Ghoul  PPhiladelphia.

Similar presentations

Ads by Google