VIRTUAL PRIVATE NETWORKS (VPN)

UNIT 3

INDEX
2

WHAT IS VPN? Need Use of Tunneling with VPN Authentication Mechanisms Types of VPNs and their Usage Security Concerns in VPN

What is a VPN?
3

VPN is a network of virtual circuits that carries private traffic through public or shared networks such as the Internet or those provided by network service providers. VPN allows a trusted network to communicate with another trusted network over untrusted/ public networks like Internet. VPN are used to extend an enterprises internal private network across networks

What is a VPN?
4

Virtual Private Network (VPN) with tunneling over the Internet

Need/ Advantage
5

The need of VPN are as follows:

Extends

geographic connectivity Improves security Improves productivity Reduces transit time & transpiration costs Simplifies network topology Provides global networking opportunities Provides a broadband networking compatibility Provides a better ROI than a traditional WAN

Disadvantages
6

VPNs require an in-depth understanding of public network security issues and proper deployment of precautions Availability and performance depends on factors largely outside of their control Immature standards VPNs need to accommodate protocols other than IP and existing internal network technology

Tunneling
7

Tunneling is the process of placing an entire data packet within another packet (which provides the routing information) and sending it over the Internet. The path through which the packets travel is called a tunnel. For a tunnel to be established, both the tunnel client and the tunnel server must be using the same tunneling protocol A trusted VPN does not use cryptographic tunneling, instead it relies on the security of a

Tunneling
8

A virtual point-to-point connection made through a public network. It transports encapsulated datagrams.
Original Datagram Encrypted Inner Datagram Datagram Header Outer Datagram Data Area

Data Encapsulation [From Comer]

Two types of end points: Remote Access Site-to-Site

Example of packet encapsulation

9

Authentication Mechanism
10

A VPN involve two entities

Protected

network (inside an organization) Untrusted network (outside an organization)

A firewall sits remains between the remote users workstation and the server. As the client establish the communication with firewall, the client may pass authentication data to an authentication service inside the perimeter

Authentication Mechanism
11

For better security, VPN client can be configure to require that all the traffic must pass through the tunnel while VPN is active. Therefore, each employee would ensure that their data are kept safe and secure even if other computer in the network is infected

VPN Topology: Types of VPNs

12

Remote access VPN Site-to Site VPN

Intranet VPN Extranet VPN

13

VPN Topology: Remote Access VPN

VPN Topology: Site-to-Site VPN

14

Security Concern
15