Presentation is loading. Please wait.

Presentation is loading. Please wait.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Published bySilvia Griffin Modified over 8 years ago

Similar presentations

Presentation on theme: "Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a."— Presentation transcript:

1 Faten Yahya Ismael

2  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a secure way of connecting to a private Local Area Network at a remote location, using the Internet or any unsecure public network to transport the network data packets privately. The VPN uses authentication to deny access to unauthorized users, and encryption to prevent unauthorized users from reading the private network packets.  The VPN can be used to send any kind of network traffic securely, including voice, video or data.

3 VPN device …hardware or software

4  TUNNELING.  ENCRYPTION.  AUTHENTICATION.  FIREWALL.

5 TUNNELING

6 Virtual Private Network technology is based on the idea of tunneling. VPN tunneling involves establishing and maintaining a logical network connection. Tunneling is the process of placing an entire packet within another packet before it's transported over the Internet. That outer packet protects the contents from public view and ensures that the packet moves within a virtual tunnel.

7

8 1.Voluntary. 2. Compulsory.

9  In voluntary tunneling, the VPN client manages connection setup.  The client first makes a connection to the carrier network provider (an ISP in the case of Internet VPNs).  Then, the VPN client application creates the tunnel to a VPN server over this live connection.

10  In compulsory tunneling, the carrier network provider manages VPN connection setup.  When the client makes an ordinary connection, the carrier in turn immediately brokers a VPN connection between that client and a VPN server.  Service providers must take on the additional burden of installing and maintaining FEP devices.

11  Point-to-Point Tunneling Protocol (PPTP)  Layer Two Tunneling Protocol (L2TP)  Internet Protocol Security (IPsec)

12  It’s the most widely supported VPN method among Windows users and it was created by Microsoft in association with other technology companies.  Compared to other methods, PPTP is faster and it is also available for Linux and Mac users..  Voluntary tunneling method.  Use port (1723) or other ports depend on the type of RRAS.

13  L2TP (Layer 2 Tunneling Protocol) it’s another tunneling protocol that supports VPNs.  The difference between PPTP and L2TP is that the second one provides not only data confidentiality but also data integrity.  L2TP was developed by Microsoft and Cisco as a combination between PPTP and L2F(Layer 2 Forwarding).  Port 500

14  IPsec is actually a collection of multiple related protocols.  It can be used as a complete VPN protocol solution or simply as the encryption scheme with L2TP or PPTP.  IPsec exists at the network layer (Layer Three) of the OSI model.

15 ESP …Encapsulation Security Payloads

16 VPN allows senders to encapsulate their data in IP packets that hide the routing and switching infrastructure of the Internet to ensure data security against unwanted viewers or hackers.

17

18  Encryption is the process of encoding data so that only a computer with the right decoder will be able to read and use it.  VPN client at each end of the tunnel, encrypt the data entering the tunnel and decrypt it at the other end.

19 There are most two common forms of encryption :  1. symmetric-key encryption  2. public-key Encryption

20

21

22 AUTHENTICATION

23  Authentication: Virtual private network (VPN) connections are only accepted for those users and routers that have been authorized. This authorization determined by user account and remote access policies.  There are 3 levels of Authentication.  Computer-Level Authentication  User-level Authentication  Data origin authentication and data integrity

24 To establish security association (SA), the VPN( client & server) use the Internet Key Exchange IKE protocol to exchange computer certificates. Computer certificate authentication is a much stronger authentication method therefore is highly recommended. This type of authentication is used by Layer Two Tunneling Protocol (L2TP)/IPsec or IKE version 2 connections.

25 In user-level authentication the client using a point to point protocol (PPP) to get the authentication from VPN server. If mutual authentication is used, the VPN client also authenticates the VPN server, which provides protection against computers that are masquerading as VPN servers.

26 To verify that the data sent on the VPN connection originated at the other end of the connection and was not modified in transit, the data contains a cryptographic checksum based on an encryption key known only to the sender and the receiver. This type of authentication are available for L2TP/IPsec and IKE version 2 connections.

27

28  Firewall provides network security and business continuity.  It prevents attacks, and secures your data communications with multiple parallel Virtual Private Network (VPN) connections.  There are two approaches to using a firewall with a VPN server:  VPN server in front of the firewall..  VPN server behind the firewall..

29

30

31  Remote access VPN  Intranet VPN  Extranet VPN

32  A remote-access VPN allows individual users to establish secure connections with a remote computer network.  Components required in a remote-access VPN: 1- network access server (NAS). 2- client software.

33

34  Intranet VPNs link corporate headquarters, remote offices, and branch offices over a shared infrastructure using dedicated connections.  The benefits of an intranet VPN are as follows: - Reduces WAN bandwidth costs - Connect new sites easily

35 GRE…generic routing encapsulation

36  Extranet VPNs link customers, suppliers, partners, or communities of interest to a corporate intranet over a shared infrastructure using dedicated connections. In this example, the VPN is often an alternative to fax, snail mail. The extranet VPN facilitates e- commerce.

37

38  Security -- The VPN should protect data while it's traveling on the public network. If intruders attempt to capture the data, they should be unable to read or use it.  Reliability -- Employees and remote offices should be able to connect to the VPN with no trouble at any time (unless hours are restricted), and the VPN should provide the same quality of connection for each user even when it is handling its maximum number of simultaneous connections.

39  Cost Saving  Eliminating the need for expensive long-distance leased lines.  Transferring the support burden to the service providers.  Operational costs.

40 * VPNs require detailed understanding of network security issues and careful installation /configuration to ensure sufficient protection on a public network like the Internet. * The reliability and performance of an Internet-based VPN is not under an organization's direct control. Instead, the solution relies on an ISP and their quality of service.

41 * VPN products and solutions from different vendors have not always been compatible due to issues with VPN technology standards. Attempting to mix and match equipment may cause technical problems, and using equipment from one provider may not give as great a cost savings.

42 Thanks for Listening

Download ppt "Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.

VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.

Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Virtual Private Networks and IPSec

Virtual Private Networks and IPSec
VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.

VIRTUAL PRIVATE NETWORKS (VPN). GROUP MEMBERS ERVAND AKOPYAN ORLANDO CANTON JR. JUAN DAVID OROZCO.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
Virtual Private Networks Globalizing LANs Timothy Hohman.

Virtual Private Networks Globalizing LANs Timothy Hohman.
VPN’s Kristin Belanger. VPN’s Accommodate employees at distant offices Accommodate employees at distant offices Usually set up through internet Usually.

VPN’s Kristin Belanger. VPN’s Accommodate employees at distant offices Accommodate employees at distant offices Usually set up through internet Usually.
Virtual Private Networking Karlene R. Samuels COSC513.

Virtual Private Networking Karlene R. Samuels COSC513.
Internet Security Seminar Class CS591 Presentation Topic: VPN.

Internet Security Seminar Class CS591 Presentation Topic: VPN.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
Remote Networking Architectures

Remote Networking Architectures

Similar presentations

Ads by Google