Download Solution: Virtual Private Network (VPN)

Virtual Private Network (VPN)
• Course: COSC513
• Instructor: Professor M. Anvari
• Student: Xinguang Wang
1
Content
•
•
•
•
•
Introduction
VPN Technologies
VPN Products
Advantages and Disadvantages of VPN
Conclusion
2
Public vs Private Network
•
Public Network
• Accessible freely to everyone, no
boundaries and few rules to manage it.
• Problem of security
• Ideal medium for illegal activity
3
Public vs Private Network
• Private network
• Owned by a single corporation
• Gateway routers exist between private
network and public network
• Firewall prevents intruders coming from
public network
4
Limit to Private Network
• Separate branches or offices
• Need for remote access
• Traditional method—using leased lines,
not flexible and expensive
5
Solution: Virtual Private
Network (VPN)
• Definition: a way to simulate a private
network over a public network (Internet)
• Allow creation of a secure, private
network over a public network such as
the Internet
• Done through IPSec (IP Security
Protocol), encryption, packet tunneling,
and firewalls
6
Functions provided by VPN
• Authentication: ensuring that the data originates
at the source that it claims
• access control: restricting unauthorized users
from gaining admission to the
network
• Confidentiality: preventing anyone from reading
or copying data as it travels
across the Internet
• data integrity: ensuring that no one tampers with
data as it travels across the
Internet
7
An Important property of VPN
• Virtual means dynamic—Network
formed logically, no permanent links.
When connection no longer needed the
links is torn down—bandwidth saved.
8
How to create tunnels
• A tunnel is a virtual connection between
locations that are connected in a VPN
• Host A generates an IP packet with the destination
address of Host B
• The packet is routed to a firewall or secure router at
the boundary of A’s network.
• The firewall filters all packets to determine the need for
IPSec processing.
9
How to create a tunnel(cont)
• The packet is now routed to B’s firewall
• After detected the packet is delivered to B
10
IP Security Protocols (IPSec)
• IPSec is a protocol suitea set of IP
extensions that provide security services
at the network level. IPSec technology is
based on modern cryptographic
technologies, making very strong data
authentication and privacy guarantees
possible.
11
IPSec functions
• Three facilities provided by IPSec
• Authentication-only
• Authentication/encryption
• Key exchange
12
Other protocols for VPN
• Point to point tunnel protocol (PPTP)
• Layer-2 forwarding (L2F)
• Layer-2 tunneling protocol (L2TP)
13
VPN Products
• Hardware-based system
• Encrypting routers
• Secure and easy to use
• Not flexible
• Firewall-based system
• Using farewall’s security system
• Restrict the access to the internal network
• Performance not as good as hard-ware based
14
VPN Product (cont)
• Software-based system, ideal when
• Both ends not controlled by the same corp.
• Different firewalls and routers implemented
within the same system
• Harder to manage than encrypting routers
15
Advantages of VPN
•
•
•
•
Lower cost
Remote access
Platform independent
Can be used both as extranet and
intranet
16
Disadvantages of VPN
• Lower bandwidth available compared to
dial-in line
• Inconsistent remote access performance
due to changes in Internet connectivity
• No entrance into the network if the
Internet connection is broken
17
Conclusion
• The driving force for VPN is the
requirement to make more secure
information communication and to
decrease the communication cost
• IPSec is the mostly used protocols for
VPN
18
References
• 1.
•
•
•
•
2.
3.
4.
5.
Virtual private networks: making the right
connection, Dennis Fowler, San Francisco, CA,
Morgan Kaufmann Publishers, 1999;
http://kubarb.phsx.ukans.edu/~third/vpn.html;
http://www.vpnc.rog;
http://www.vpncon.com;
http://www.iec.org/turtorials/vpn/;
19