Virtual Private Networks Ed Wagner CS 7493. Overview Introduction Types of VPNs Encrypting and...
-
Upload
lorraine-green -
Category
Documents
-
view
216 -
download
0
description
Transcript of Virtual Private Networks Ed Wagner CS 7493. Overview Introduction Types of VPNs Encrypting and...
Virtual Private NetworksEd WagnerCS 7493
Overview
• Introduction• Types of VPNs• Encrypting and Tunneling• Pro/Cons the VPNs• Conclusion
Introduction
• Virtual Private Network o a secure network that uses primarily public
telecommunication infrastructures, such as the internet, to provide remote offices or traveling users an access to a centralized organizational network.
Types of VPNs
• PPTP• IPSEC• L2TP• OpenVPN (SSL)• Hybrid VPN• MPLS VPN
PPTP
• Point to Point Tunneling Protocolo The most common and widely used VPN.o Defined in RFC 2637, in 1999o Developed by Microsof and 3com.o PPTP uses a control channel over TCP and a GRE
tunnel operating to encapsulate PPP packets.o PPTP does not specified encryption or
authentication. Security and authentication provided by the
Microsoft PPTP software stack.o Authentication and Encryption
Authentication - MS-CHAPv2 Encryption - Microsoft Point to Point Encryption
(MPPE) - RC4 stream cipher
PPTP
• Pros/Cons of PPTP+ Cheap to setup - not as
secure+ pre-existing technology - security not
native
IPSEC
• Internet Protocol Security Protocolo a protocol suite for securing IP communications by
authenticating and encrypting each IP packet.o Developed at the Naval Research Lab.o Operates in the OSI layer 3, much lower than other
VPN protocols.o 2 modes of transmission:
Tunnel - entire packet is encrypted , then encapsulated in a new ip packet.• used in network to network vpns, and host to network vpn• NAT transversal
Transport - Only the payload of the IP packet is encrypted
o When the authentication header effects routing, use NAT-T
IPSEC
Pros/Cons of IPSEC+ Highest security+ when used with l2tp, data is encapsulated
twice.- harder to setup- possible routing issues- requires more processing power
L2TP
• Layer 2 Tunneling Protocolo a tunneling protocol used to support vpns.o does not provide any encryption or authentication
usually used encrypted with IPsec.o Proposed in 1999, RFC 2661o Entire packet, both header and payload are sent as
a UDP packet on port 1701.
L2TP
• Pros/Cons of L2TP+ native windows support+ feature rich backend allows use of other
protocols- No native security- slower than other vpn sources
OpenVPN
• An open source software applications that implements VPN techniques for creating secure point to point or site to site connections in routed/bridged networks
• Created in 2002, by James Yonan• Uses SSL for encryption• Authentication is done with pre-shared keys
OpenVPN
Pros/Cons of OpenVPN+ great community support+ free+ easy to setup- SSL can require more processing power.
Hybrid VPNs
• Hybrid VPN servers are able to accept connections from multiple types of VPN clients.
• For example, combining the features of SSL and IPSEC
Hybrid VPNS
Pros/Cons of Hybrid+ Ability to use different protocols to provide
greater usage.- expensive to implement.
MPLS VPN
• Multi-Protocol Label Switchingo a family of methods for harnessing the power of
multiprotocol label switching to create VPNs. o MPLS VPNs give network engineers the flexibility to
transport and route several types of network traffic using the technologies of a MPLS backbone Related to telecommunication standards
MPLS
Pros/Cons of MPLS+ use of different network technologies to
provide a VPN network.- Not easy to setup.
Encrypting and Tunneling
• Encryptingo Encoding a packet of information using a known and
tested algorithm.o Ex: IPsec, MPPE
• Tunnelingo Creating a path where all packets are routed to the
next path in the circuit, whether encrypted or not.o Ex: L2TP, PPTP (not with MPPE)
Conclusion
There are various options for VPNs. The major factors for an SA setting up a VPN network would be the Needs for Mobility, the complexity of security, and the expense that will be used to implement the VPN
Questions?
Works cited• http://en.wikipedia.org/wiki/Virtual_private_network
• http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol
• http://techpp.com/2010/07/16/different-types-of-vpn-protocols/
• http://www.alliancedatacom.com/how-vpn-works.asp
• http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol
• http://en.wikipedia.org/wiki/OpenVPN