Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange...
Transcript of Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange...
VirtualPrivate
Networks
Rudi Engelbertink CISSP
Introduction
● Purpose of VPNs● Types of VPNs● Types of VPN Protocols● OSI model● VPN types in depth● VPN providers● Do I need a VPN ?● Questions ?
Purposes of VPNs
● Connect networks● Protect your data transmission● Hide your location● Anonymous access● Gain geo-restricted access
VPN Types
● Site - to - Site VPNs– Intranet based VPN– Extranet based VPN
● Remote Access VPNs– Access to private networks– Bypass regional restrictions– Enhance security & privacy
OSI model
OSI model
TCP/IP Protocol
VPN protocols
● MPLS/hybrid● IPsec● IKEv2● L2TP● PPTP● SSL / TLS / SSTP● SSH● OpenVPN
VPN protocols - MPLS/Hybrid
VPN protocols - IPsec
● Transport mode● Tunnel mode
IPsec - Transport mode
IPsec - Tunnel mode
VPN protocols - IKEv2
● Internet Key Exchange version 2● handles request and response actions● handling the SA (Security Association)
attribute● responsible for establishing a secure tunnel● The IKE protocol uses UDP port 500● supports PFS (Perfect Forward Secrecy).
VPN protocols - L2TP
VPN protocols - PPTP
VPN protocols - SSL/TLS/SSTP
VPN protocols - SSH tunnel
VPN protocols - OpenVPN
Do I need a VPN ?
It depends– Access ‘home’ services– Protect against eavesdropping– Hide your real location– Protect your remote device– Access blocked content– Hide your identity
VPN providers
● Setup a home OpenVPN server– Site-2-Site– Remote Access
● Authentication– Username/password– Preshared Secret– TLS Authentication– Certificates
● Own Certificate Authority● Strickt certificate checking
VPN providers
● 99 VPN products are owned or operated by only 23 companies (6 Chinese)
● 5/9/14 eyes countries● Russia / China based● Logging
VPN providers
● Top 5 VPN– Express VPN– CyberGhost– NordVPN– Surfshark– PIA
● All support – Windows, Mac, iOS, Android, Linux
● All claim “NO logging”
Do I need a VPN ?
● Yes– #1 Data privacy– #2 Data security
● No
– # 1 Nothing to hide– # 2 Nothing to protect
Questions ?
References
● http://www.tcpipguide.com/index.htm● https://community.openvpn.net/openvpn/
wiki/Hardening● https://vpnpro.com/blog/hidden-vpn-
owners-unveiled-97-vpns-23-companies/● https://vpnoverview.com/privacy/
anonymous-browsing/5-9-14-eyes/● https://vpnoverview.com/best-vpn/top-5-
best-vpn/