* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Solution: Virtual Private Network (VPN)
Internet protocol suite wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Net neutrality law wikipedia , lookup
Computer security wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Wireless security wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Computer network wikipedia , lookup
Deep packet inspection wikipedia , lookup
Network tap wikipedia , lookup
Packet switching wikipedia , lookup
Airborne Networking wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Virtual Private Network (VPN) • Course: COSC513 • Instructor: Professor M. Anvari • Student: Xinguang Wang 1 Content • • • • • Introduction VPN Technologies VPN Products Advantages and Disadvantages of VPN Conclusion 2 Public vs Private Network • Public Network • Accessible freely to everyone, no boundaries and few rules to manage it. • Problem of security • Ideal medium for illegal activity 3 Public vs Private Network • Private network • Owned by a single corporation • Gateway routers exist between private network and public network • Firewall prevents intruders coming from public network 4 Limit to Private Network • Separate branches or offices • Need for remote access • Traditional method—using leased lines, not flexible and expensive 5 Solution: Virtual Private Network (VPN) • Definition: a way to simulate a private network over a public network (Internet) • Allow creation of a secure, private network over a public network such as the Internet • Done through IPSec (IP Security Protocol), encryption, packet tunneling, and firewalls 6 Functions provided by VPN • Authentication: ensuring that the data originates at the source that it claims • access control: restricting unauthorized users from gaining admission to the network • Confidentiality: preventing anyone from reading or copying data as it travels across the Internet • data integrity: ensuring that no one tampers with data as it travels across the Internet 7 An Important property of VPN • Virtual means dynamic—Network formed logically, no permanent links. When connection no longer needed the links is torn down—bandwidth saved. 8 How to create tunnels • A tunnel is a virtual connection between locations that are connected in a VPN • Host A generates an IP packet with the destination address of Host B • The packet is routed to a firewall or secure router at the boundary of A’s network. • The firewall filters all packets to determine the need for IPSec processing. 9 How to create a tunnel(cont) • The packet is now routed to B’s firewall • After detected the packet is delivered to B 10 IP Security Protocols (IPSec) • IPSec is a protocol suitea set of IP extensions that provide security services at the network level. IPSec technology is based on modern cryptographic technologies, making very strong data authentication and privacy guarantees possible. 11 IPSec functions • Three facilities provided by IPSec • Authentication-only • Authentication/encryption • Key exchange 12 Other protocols for VPN • Point to point tunnel protocol (PPTP) • Layer-2 forwarding (L2F) • Layer-2 tunneling protocol (L2TP) 13 VPN Products • Hardware-based system • Encrypting routers • Secure and easy to use • Not flexible • Firewall-based system • Using farewall’s security system • Restrict the access to the internal network • Performance not as good as hard-ware based 14 VPN Product (cont) • Software-based system, ideal when • Both ends not controlled by the same corp. • Different firewalls and routers implemented within the same system • Harder to manage than encrypting routers 15 Advantages of VPN • • • • Lower cost Remote access Platform independent Can be used both as extranet and intranet 16 Disadvantages of VPN • Lower bandwidth available compared to dial-in line • Inconsistent remote access performance due to changes in Internet connectivity • No entrance into the network if the Internet connection is broken 17 Conclusion • The driving force for VPN is the requirement to make more secure information communication and to decrease the communication cost • IPSec is the mostly used protocols for VPN 18 References • 1. • • • • 2. 3. 4. 5. Virtual private networks: making the right connection, Dennis Fowler, San Francisco, CA, Morgan Kaufmann Publishers, 1999; http://kubarb.phsx.ukans.edu/~third/vpn.html; http://www.vpnc.rog; http://www.vpncon.com; http://www.iec.org/turtorials/vpn/; 19