1 / 33

VIRTUAL PRIVATE NETWORKS (VPN)

This article explores the intricacies of Virtual Private Networks (VPN) and Wide Area Network (WAN) technologies. It covers different VPN types, including secure and trusted networks, highlighting protocols such as IPsec and SSL/TLS. Additionally, the document compares WAN technologies like frame relay and ISDN, and discusses T-carrier connections and DSL. Key concepts such as data integrity, encryption, and authentication are examined to understand how these technologies provide secure and efficient long-distance communication.

metta
Télécharger la présentation

VIRTUAL PRIVATE NETWORKS (VPN)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VIRTUAL PRIVATE NETWORKS (VPN)

  2. WAN Technology Comparison

  3. long-distance dial-up connection WAN technology - PSTN

  4. Figure 7-9 A WAN using frame relay WAN technology – X.25 and Frame Relay

  5. A BRI link A PRI link WAN technology - ISDN

  6. CSU/DSU point-to-point T-carrier connection T-carrier connecting to a LAN through a router WAN technology T-Carrier

  7. DSL connection DSL Connectivity

  8. SONET ring WAN technology - SONET

  9. What is VPN? • Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate. • Became popular as more employees worked in remote locations.

  10. Remote Access Virtual Private Network (From Gartner Consulting)

  11. VPN: Types • Secure VPNs use cryptographic tunneling protocols. • IPsec, SSL/TLS, OpenVPN, PPTP, L2TP, L2TPv3, VPN-Q and MPVPN • Trusted VPNs rely on the security of a single provider’s network to protect the traffic. • MPLS and L2F

  12. Tunneling A virtual point-to-point connection made through a public network. It transports encapsulated datagrams. Original Datagram Encrypted Inner Datagram Datagram Header Outer Datagram Data Area Data Encapsulation [From Comer] Two types of end points: • Remote Access • Site-to-Site

  13. Tunneling

  14. VPN: Tunneling Figure 1

  15. Tunneling Technology

  16. PPTP Tunnel

  17. Cryptographic Tunneling Factor • Authentication – validates that the data was sent from the sender. • Access control – limiting unauthorized users from accessing the network. • Confidentiality – preventing the data to be read or copied as the data is being transported. • Data Integrity – ensuring that the data has not been altered • Cryptography Technic • Encryption -- is a method of “scrambling” data before transmitting it onto the Internet. • Public Key Encryption Technique • Digital signature – for authentication

  18. Virtual Private Networks • VPN can be deployed in three ways : • Host to host • Site-to-Site • Host-to-Site

  19. Possible Configurations of VPN

  20. VPN Topology: Types of VPNs • Remote access VPN • Intranet VPN • Extranet VPN

  21. VPN Topology: Remote Access VPN

  22. VPN Topology: Intranet VPN

  23. VPN Topology: Extranet VPN

  24. Digital Signature to verify data not changed in transit

  25. PKI the full picture

  26. WebVPN

  27. WebVPN Features

  28. WebVPN and IPSec Comparison

  29. Intro to MPLS • MPLS = Multi Protocol Label Switching • Suatumetode forwarding (meneruskan data/paketmelaluisuatujaringandenganmenggunakaninformasi label yang dilekatkanpadaI • Memungkinkan router meneruskanpaketdenganhanyamelihat label yang melekatpadapakettersebut, sehinggaptidakperlulagimelihatalamat IP tujuan)

  30. Back

  31. 2. ARSITEKTUR MPLS • Perpaduan mekanisme Label Swapping (Layer 2) dan Routing (Layer 3) • Terdiri atas LSR yang saling terhubung, membentuk suatu LSP • LSR pertama disebut ingress • LSR terakhir disebut egress • Bagian tepi dari jaringan LSR disebut LER Back

  32. LSR = Label Switched Router • LSP = Label Switched Path • LER = Label Edge Router • TTL = Time to Live Back

  33. 5. OPERASI MPLS • Pembuatan label dan distribusi • Pembuatan label dalam tiap router • Pembuatan jalur label yang terhubung • Pemasukan label • Forwarding paket Back

More Related