220 likes | 357 Vues
Virtual Private Networks. Ed Wagner CS 7493. Overview. Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion. Introduction. Virtual Private Network
E N D
Virtual Private Networks Ed Wagner CS 7493
Overview • Introduction • Types of VPNs • Encrypting and Tunneling • Pro/Cons the VPNs • Conclusion
Introduction • Virtual Private Network • a secure network that uses primarily public telecommunication infrastructures, such as the internet, to provide remote offices or traveling users an access to a centralized organizational network.
Types of VPNs • PPTP • IPSEC • L2TP • OpenVPN (SSL) • Hybrid VPN • MPLS VPN
PPTP • Point to Point Tunneling Protocol • The most common and widely used VPN. • Defined in RFC 2637, in 1999 • Developed by Microsof and 3com. • PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. • PPTP does not specified encryption or authentication. • Security and authentication provided by the Microsoft PPTP software stack. • Authentication and Encryption • Authentication - MS-CHAPv2 • Encryption - Microsoft Point to Point Encryption (MPPE) - RC4 stream cipher
PPTP • Pros/Cons of PPTP + Cheap to setup - not as secure + pre-existing technology - security not native
IPSEC • Internet Protocol Security Protocol • a protocol suite for securing IP communications by authenticating and encrypting each IP packet. • Developed at the Naval Research Lab. • Operates in the OSI layer 3, much lower than other VPN protocols. • 2 modes of transmission: • Tunnel - entire packet is encrypted , then encapsulated in a new ip packet. • used in network to network vpns, and host to network vpn • NAT transversal • Transport - Only the payload of the IP packet is encrypted • When the authentication header effects routing, use NAT-T
IPSEC Pros/Cons of IPSEC + Highest security + when used with l2tp, data is encapsulated twice. - harder to setup - possible routing issues - requires more processing power
L2TP • Layer 2 Tunneling Protocol • a tunneling protocol used to support vpns. • does not provide any encryption or authentication • usually used encrypted with IPsec. • Proposed in 1999, RFC 2661 • Entire packet, both header and payload are sent as a UDP packet on port 1701.
L2TP • Pros/Cons of L2TP + native windows support + feature rich backend allows use of other protocols - No native security - slower than other vpn sources
OpenVPN • An open source software applications that implements VPN techniques for creating secure point to point or site to site connections in routed/bridged networks • Created in 2002, by James Yonan • Uses SSL for encryption • Authentication is done with pre-shared keys
OpenVPN • Pros/Cons of OpenVPN • + great community support • + free • + easy to setup • - SSL can require more processing power.
Hybrid VPNs • Hybrid VPN servers are able to accept connections from multiple types of VPN clients. • For example, combining the features of SSL and IPSEC
Hybrid VPNS Pros/Cons of Hybrid + Ability to use different protocols to provide greater usage. - expensive to implement.
MPLS VPN • Multi-Protocol Label Switching • a family of methods for harnessing the power of multiprotocol label switching to create VPNs. • MPLS VPNs give network engineers the flexibility to transport and route several types of network traffic using the technologies of a MPLS backbone • Related to telecommunication standards
MPLS Pros/Cons of MPLS + use of different network technologies to provide a VPN network. - Not easy to setup.
Encrypting and Tunneling • Encrypting • Encoding a packet of information using a known and tested algorithm. • Ex: IPsec, MPPE • Tunneling • Creating a path where all packets are routed to the next path in the circuit, whether encrypted or not. • Ex: L2TP, PPTP (not with MPPE)
Conclusion There are various options for VPNs. The major factors for an SA setting up a VPN network would be the Needs for Mobility, the complexity of security, and the expense that will be used to implement the VPN
Works cited • http://en.wikipedia.org/wiki/Virtual_private_network • http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol • http://techpp.com/2010/07/16/different-types-of-vpn-protocols/ • http://www.alliancedatacom.com/how-vpn-works.asp • http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol • http://en.wikipedia.org/wiki/OpenVPN