VPN IPSEC & SSL technology Security and management point of view Lakbabi, A. Lab. Math., Inf. et Applic., Univ. Mohammed V-Agdal, Rabat, Morocco Orhanou,

Slides:

Advertisements

Similar presentations

Encrypting Wireless Data with VPN Techniques

Advertisements

Internet Protocol Security (IP Sec)

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Secure Socket Layer.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Internet Security CS457 Seminar Zhao Cheng. Security attacks interruption, interception, modification, fabrication passive attack, active attack.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Virtual Private Networks and IPSec

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Natalie De Koker, Lindsay Haley, Jordan Lunda, Matty Ott.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Secure connections.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

CIT 384: Network AdministrationSlide #1 CIT 384: Network Administration VPNs.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Virtual Private Networking Irfan Khan Myo Thein Nick Merante.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 4: Securing IP.

Network access security methods Unit objective Explain the methods of ensuring network access security Explain methods of user authentication.

Tunneling and Securing TCP Services Nathan Green.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Karlstad University IP security Ge Zhang

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.

Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Potential vulnerabilities of IPsec-based VPN

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

IPSec VPN Chapter 13 of Malik. 2 Outline Types of IPsec VPNs IKE (or Internet Key Exchange) protocol.

Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

 authenticated transmission  secure tunnel over insecure public channel  host to host transmission is typical  service independent WHAT IS NEEDED?

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

Securing Access to Data Using IPsec Josh Jones Cosc352.

Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.

Cryptography CSS 329 Lecture 13:SSL.

Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.

8-1Network Security Virtual Private Networks (VPNs) motivation:  institutions often want private networks for security.  costly: separate routers, links,

@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.

Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.

Computer and Network Security

The Secure Sockets Layer (SSL) Protocol

Virtual Private Networks and IPSec

Virtual Private Network (VPN)

Internet Security CS457 Seminar Zhao Cheng

UNIT.4 IP Security.

CSCE 715: Network Systems Security

Visit for more Learning Resources

Security Protocols in the Internet

Virtual Private Networks (VPN)

Virtual Private Networks (VPNs)

Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls

The Secure Sockets Layer (SSL) Protocol

Transport Layer Security (TLS)

Unit 8 Network Security.

Designing IIS Security (IIS – Internet Information Service)

TLS Encryption and Decryption

Presentation transcript:

VPN IPSEC & SSL technology Security and management point of view Lakbabi, A. Lab. Math., Inf. et Applic., Univ. Mohammed V-Agdal, Rabat, Morocco Orhanou, G. ; El Hajji, S. 1

Virtual private network(VPN) Tunneling Encryption & Decryption –Data Encryption Standard(DES) –RSA Authentication –certificate authority(CA) 2

Authenticating(AH-Authentication Header) Encrypting(IKE-Internet Key Exchange) –IKE phase 1 : Authenticate the IPSec peers and to set up a secure channel between the peers to enable IKE exchanges. –IKE phase 2 : Negotiate IPSec SAs to set up the IPSec tunnel. VPN IPSEC(Internet Protocol Security) 3

VPN SSL(Secure Socket Layer) Secure Socket Layer –SSL Handshake –SSL Change Cipher spec –SSL Alert 4 SSL Handshake

VPN IPSEC vs SSL Layer –SSL : Layer 4.5 –IPSEC : Layer 3 Opened ports –SSL : TCP port 443 –IPSEC : IP Protocol ID 50 & 51, UDP Port 500 Encryption keys management –N (N-1)/ 2 –1 5

VPN IPSEC vs SSL cont. Authentication –Same Encryption and integrity protection –Same Intrusion prevention –IPSEC : Access rights are static and can only be changed manually by the administrator 6

VPN IPSec and SSL security comparison 7 *ACL (Access Control List) *NAC (Network Access Control)