Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran.

Published byAlexina Watson Modified over 8 years ago

Similar presentations

Presentation on theme: "©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran."— Presentation transcript:

1 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran

2 2 2©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Agenda Market Overview Requirement for Remote Access Technology VPN IPSEC VPN SSL VPN NAC Business Continuity with Remote Access

3 3 3©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Intranet Email Applications Files Extranet Portal Applications Files Extranet access Partner computers Day Extenders Email Basic applications Home computer Teleworkers Email Applications Company computer Mobile workers Email Basic applications Company computer or public computer Remote Access Overview More remote workers and locations More device types Different resource needs More unmanaged devices Smarter criminals and malware More privacy and security regulations, Need to reduce TCO More remote workers and locations More device types Different resource needs More unmanaged devices Smarter criminals and malware More privacy and security regulations, Need to reduce TCO Corporate Office Remote Access Gateway New Business Realities

4 4 4©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | The Dilemma: Security vs. Business Needs Connectivity Freedom Availability Performance Cost Management Isolation Control Compliance Policies Rules Restrictions BUSINESS SECURITY S N A P !

5 5 5©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Now that we have seen the business need lets take a close look on the technologies which will enable us to address the needs… Lets take a dive in to the technology… ;)

6 6 6©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | A DEEP DIVE IN TECHNOLOGY

7 7 7©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Traditional Technology Leased Line between sites No Internet High Expense Issues in Manageability

8 8 8©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Virtual Private Network Secured Internet Connectivity Less Expensive Remote work force Less administrative over head

9 9 9©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Virtual Private Network VPN can be broadly classified into 2 main technologies IPSEC VPN Works on Layer 3 Network based control End points would be fixed SSL VPN Works in Layer 7 Application based access End point can be fixed as well as mobile

10 10 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | IPSEC VPN

11 11 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | IPSEC VPN Its uses mainly 2 wire level protocol AH – Authentication Header Encrypts the header and the payload. Offers strong protection, covers everything that can possible considered immutable. But issue is its in compatible with NAT ESP – Encapsulating Security Payload Encapsulates the security payload. Includes Header and trailer pads to support encryption and authentication. Widely used technology for IPSEC VPN

12 12 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | IPSEC VPN Allows secure communication between locations. Internet Key Exchange – Diffie Hellman Authentication – MD5, SHA1 Encryption – DES, 3DES, AES Phase 1 – Gateway (bidirectional) Phase 2 – Data VPN (uni-directional)

13 13 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | IPSEC VPN’s / Cryptography Symmetric ciphers having both the sender and the receiver to use the same key. The same key is used by to encrypt and decrypt the data. Asymmetric ciphers where sender uses one key and the reciever uses another key is asymmetric. Sender and receiver both has keys called as public and private. Data is encrypted with public key and decrypted with private key.

14 14 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Encryption/ Authenication Technologies Just Maths…  Des, 3Des Aes MD5, SHA1 for authentication PKI

15 15 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check List for Implementing VPN Check the following in configuring VPN What is the Authentication – MD5, SHA1 What is the encryption Technology Encryption – DES, 3DES, AES Symmetric / Asymmetric Key

16 16 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SSL VPN

17 17 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Need for SSL VPN Easy browser Access Application based Authorization End point can be Managed as well as Unmanaged End point connection can mobile as well as fixed

18 18 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SSL VPN Secure Socket Layer SSL 3.0 found by Netscape Navigator IETF created TLS Privacy connection Identity Authentication Reliability

19 19 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SSL Operation Browser Generates a pseudo random And generates a symmetric Key Server sends Public key Generated symmetric key sent to server Secure communication is established Client requests for Public Key Server decrypts the symmetric key

20 20 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SSL VPN Again lot of Maths  Asymmetric Cryptography PKI

21 21 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Network Access Control NAC enforces a comprehensive NAC policy controlling network access and ensuring that each endpoint is current with the latest antivirus, critical patches, service packs, and applications such as browsers and VPN agents.

22 22 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | NAC Provides End Point Compliance Provides Co Operative enforcement Provides auto remediation Centrally Managed

23 23 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Business continuity with Remote Access

24 24 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Remote Workforce Challenges Home Office Workers Examples ► Isolate and protect your corporate data from your kids’ peer-to-peer file-sharing activity ► Prevent the transfer of sensitive employee data—via email or un-managed device—by one of your HR managers who frequently works from home “42% of US employers allowed staff to work remotely this year—up from 30%.” —World at Work 2009 (Survey of 2,288 U.S. employers)

25 25 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Disaster-Recovery Challenges The Case of H1N1 Flu Examples ► Maintain productivity even when you require large numbers of your workers to stay home during a swine flu outbreak ► Sustain business continuity when a snow-day forces the closure of your office “The H1N1 pandemic could cause absenteeism rates of 40 percent or higher for enterprises.” —Gartner 2009

26 26 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Virtual Windows workspace Virtual Windows workspace Plug-and-play with no software install or system reboot required Securely access and work with corporate data from any PC Securely access and work with corporate data from any PC Data Leak Prevention from Mobile Users Centrally managed by SmartCenter

27 27 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Check Point Abra at Work Standard Windows Environment Launch approved applications Access encrypted files on USB drive Access approved websites Toggle easily between secure workspace and host PC

28 28 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Questions?

29 29 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Thank You!!!

Download ppt "©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
Secure Mobile IP Communication

Secure Mobile IP Communication
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.

McGraw-Hill © ©The McGraw-Hill Companies, Inc., 2004 Chapter 31 Security Protocols in the Internet.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
Virtual Private Networking Karlene R. Samuels COSC513.

Virtual Private Networking Karlene R. Samuels COSC513.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

Similar presentations

Ads by Google