by kevin stevens uat nts4150. definition: a virtual private network (vpn) is a technology that...
TRANSCRIPT
VPN BASICSBy Kevin Stevens
UATNTS4150
VPN
Definition: A Virtual Private Network (VPN) is a
technology that allows secure communication via a “tunnel,” across public networks
Types of VPN’s
Hardware – A dedicated appliance specifically for use as a VPN.
-High performance-Quick implementation for large scale
deployment
Examples: SonicWALL NSA E8500
Types of VPN’s
Software – Software based VPN that can be installed on existing infrastructure.
-Lower capex (Possibly free)-Better compatibility with mixed
environments
Examples: OpenVPN, OpenSwan
VPN Advantages
Cost efficient compared to dedicated lines
Ability to secure traffic through public networks
Faster deployment than other solutions
VPN Disadvantages
No control over Internet bandwidth Increase in network administration Incompatibility issues Can open remote vectors of attack
VPN Configurations
Remote Access – establishes a remote connection on a client/server basis. Typically seen with telecommuters.
Network to network (site to site) – connects remote offices via end points.
VPN Tunneling Protocols
IPSec – Operates at the network layer. Provides functionality to encrypt and authenticate IP data.
PPTP – Point-to-Point tunneling protocol. Operates at the Data link layer. Uses PPP to encapsulate data.
L2TP – Layer 2 Tunneling Protocol. Operates at the Data link layer. Uses PPP to encapsulate data. A combination of L2F and PPTP.
SSL – Works at different levels of the OSI, giving it flexibility.
VPN Encryption Schemes
VPN’s can be setup with a myriad of encryption schemes. Here are some of the basics:
PPP – can provide encryption through Microsoft's Point-to-Point Encryption Protocol (MPPE). MPPE uses the RSA RC4 encryption algorithm.IPsec – provides encryption through the Encapsulating Security Payload (ESP). Supports various encryption algorithms.
SSL/TLS – provides a variety of encryption algorithms.
*Note*
The Virtual Private Network Consortium only supports the following secure VPN
technologies:
IPsec with encryption L2TP inside of IPsec SSL with encryption
References
Krutz L., R., & Vines, R. D. (2007). The CISSP and CAP Prep Guide. Indianapolis: Wiley Publishing.
Merkow, M., & Breithaupt, J. (2006). Information Security Principles and Practice. Upper Saddle River: Prentice Hall.
Northcutt, S., Zeltser, L., Winters, S., & Kent, K. R. (2005). Inside Network Security. Sams Publishing.
VPN Technologies: Definitions and Requirements. (n.d.). Retrieved November 28, 2010, from http://www.vpnc.org/vpn-technologies.html