virtual private networkstwente.hcc.nl/downloads/vpns.pdfvpn protocols - ikev2 internet key exchange...
TRANSCRIPT
![Page 1: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/1.jpg)
![Page 2: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/2.jpg)
VirtualPrivate
Networks
Rudi Engelbertink CISSP
![Page 3: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/3.jpg)
Introduction
● Purpose of VPNs● Types of VPNs● Types of VPN Protocols● OSI model● VPN types in depth● VPN providers● Do I need a VPN ?● Questions ?
![Page 4: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/4.jpg)
Purposes of VPNs
● Connect networks● Protect your data transmission● Hide your location● Anonymous access● Gain geo-restricted access
![Page 5: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/5.jpg)
VPN Types
● Site - to - Site VPNs– Intranet based VPN– Extranet based VPN
● Remote Access VPNs– Access to private networks– Bypass regional restrictions– Enhance security & privacy
![Page 6: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/6.jpg)
OSI model
![Page 7: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/7.jpg)
OSI model
![Page 8: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/8.jpg)
TCP/IP Protocol
![Page 9: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/9.jpg)
VPN protocols
● MPLS/hybrid● IPsec● IKEv2● L2TP● PPTP● SSL / TLS / SSTP● SSH● OpenVPN
![Page 10: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/10.jpg)
VPN protocols - MPLS/Hybrid
![Page 11: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/11.jpg)
VPN protocols - IPsec
● Transport mode● Tunnel mode
![Page 12: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/12.jpg)
IPsec - Transport mode
![Page 13: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/13.jpg)
IPsec - Tunnel mode
![Page 14: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/14.jpg)
VPN protocols - IKEv2
● Internet Key Exchange version 2● handles request and response actions● handling the SA (Security Association)
attribute● responsible for establishing a secure tunnel● The IKE protocol uses UDP port 500● supports PFS (Perfect Forward Secrecy).
![Page 15: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/15.jpg)
VPN protocols - L2TP
![Page 16: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/16.jpg)
VPN protocols - PPTP
![Page 17: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/17.jpg)
VPN protocols - SSL/TLS/SSTP
![Page 18: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/18.jpg)
VPN protocols - SSH tunnel
![Page 19: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/19.jpg)
VPN protocols - OpenVPN
![Page 20: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/20.jpg)
Do I need a VPN ?
It depends– Access ‘home’ services– Protect against eavesdropping– Hide your real location– Protect your remote device– Access blocked content– Hide your identity
![Page 21: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/21.jpg)
VPN providers
● Setup a home OpenVPN server– Site-2-Site– Remote Access
● Authentication– Username/password– Preshared Secret– TLS Authentication– Certificates
● Own Certificate Authority● Strickt certificate checking
![Page 22: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/22.jpg)
VPN providers
● 99 VPN products are owned or operated by only 23 companies (6 Chinese)
● 5/9/14 eyes countries● Russia / China based● Logging
![Page 23: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/23.jpg)
VPN providers
● Top 5 VPN– Express VPN– CyberGhost– NordVPN– Surfshark– PIA
● All support – Windows, Mac, iOS, Android, Linux
● All claim “NO logging”
![Page 24: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/24.jpg)
Do I need a VPN ?
● Yes– #1 Data privacy– #2 Data security
● No
– # 1 Nothing to hide– # 2 Nothing to protect
![Page 25: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/25.jpg)
Questions ?
![Page 26: Virtual Private Networkstwente.hcc.nl/downloads/VPNs.pdfVPN protocols - IKEv2 Internet Key Exchange version 2 handles request and response actions handling the SA (Security Association)](https://reader030.vdocuments.us/reader030/viewer/2022040811/5e526f7037c0382da1314df2/html5/thumbnails/26.jpg)
References
● http://www.tcpipguide.com/index.htm● https://community.openvpn.net/openvpn/
wiki/Hardening● https://vpnpro.com/blog/hidden-vpn-
owners-unveiled-97-vpns-23-companies/● https://vpnoverview.com/privacy/
anonymous-browsing/5-9-14-eyes/● https://vpnoverview.com/best-vpn/top-5-
best-vpn/