1 / 12

Virtual Private Networks

Virtual Private Networks. COSC541 Project Jie Qin & Sihua Xu October 4, 2014. Outline. Definitions of Virtual Private Network (VPN) Three types of VPN Intranet VPNs Remote access VPNs Extranet VPNs Advantages and Disadvantages of VPNs. Virtual Private Network (VPN)

ada
Télécharger la présentation

Virtual Private Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 4, 2014

  2. Outline • Definitions of Virtual Private Network (VPN) • Three types of VPN • Intranet VPNs • Remote access VPNs • Extranet VPNs • Advantages and Disadvantages of VPNs

  3. Virtual Private Network (VPN) • A network that uses the Internet or other network service as its Wide Area Network (WAN) backbone. • Dial-up connections to remote users and leased lines • Frame Relay connections to remote sites • Local connections to ISP or other service provider’s point of presence (POP) • Some more common definitions • IP tunnels between a remote user and a corporate firewall • IP tunnels between an ISP and a corporate firewall • IP tunnels between sites over the public Internet, or over a service provider’s IP network • ISDN, Frame Relay or ATM connections between sites with ISDN B channels, PVCs or SVCs used to separate traffic from other users

  4. VPNs Based on IP Tunnels Encapsulate a data packet within a normal IP packet for forwarding over an IP-based network. IPX, AppleTalk, etc. Encryption (privacy) Authentication (integrity)

  5. VPNs Based on ISDN, Frame Relay or ATM public switched data network services and ISDN B channels, PVCs, or SVCs to separate traffic from other users. Single or multiple B channels, PVCs, or SVCs may be used between sites with additional features such as backup and bandwidth on demand.

  6. VPN Types • 1. Intranet VPNs (site-to-site or LAN-to-LAN VPNs) • private networks extended across the Internet or other public network service in a secure way • 2. Remote access VPNs (dial VPNs) • individual dial-up users to connect to a central site across the Internet or other public network service in a secure way.   • 3. Extranet VPNs • secure connections with business partners, suppliers and customers • extension of intranet VPNs with the addition of firewalls to protect the internal network.

  7. Remote Access VPNs

  8. Intranet VPNs

  9. VPN Benefits • long-distance connections are replaced with local connections to an ISP's point of presence (POP), or local connections to a service provider or carrier network. • Reduced Costs: • reduce the overall operational cost of WAN through reduced telecom costs. • as the ISP or service provider manages the WAN equipment, allowing fewer networking staff to manage the security aspects of the VPN. • more use is made of an existing dedicated Internet connection. • Flexibility: • For VPNs based on IP tunnels, particularly Internet-based VPNs, greater flexibility when deploying mobile computing, telecommuting and branch office networking considering corporation explosive growth

  10. VPN Issues Security: shared-access, routed network, security is the main area of concern. use of encryption, secure key exchange/re-keying, session and per-packet authentication, security negotiation, private address space confidentiality, complex filtering, and a host of other precautions.Performance and Quality of Service (QoS): IP datagrams sent across the VPN carrier service may experience packet loss (silent discards) and packet reordering.Packet loss tends to be greatly increased by stateful algorithms designed for point-to-point reliable links, for example, PPP compression and encryption algorithms. Throughput may also vary from POP to POP, country to country, and even hour to hour. Reordering will cause problems for some LAN protocols, for example, when running bridging over a VPN.

  11. References: • http://www.networkcomputing.com/905/905colmoskowitz.html • http://www.securecomputing.com/pdf/wp_vpn.pdf • http://www.internetwk.com/VPN/paper2.htm • http://msdn.microsoft.com/workshop/server/feature/vpnovw.asp Thanks for your attention

More Related