Research Seminar on Telecommunications Business IPSEC BUSINESS Henri Ossi.

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

Internet Protocol Security (IP Sec)
IP security over ATM CS 329 Hwajung Lee Computer and Communications Security The George Washington University.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Security at the Network Layer: IPSec
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
SCSC 455 Computer Security Virtual Private Network (VPN)
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
Internet Protocol Security (IPSec)
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Industrial Strength Security for an Insecure World
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
An Introduction to Encrypting Messages on the Internet Mike Kaderly INFS 750 Summer 2010.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 4: Implement the DiffServ QoS Model.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
Karlstad University IP security Ge Zhang
Network Security David Lazăr.
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
1 Virtual Private Networks (VPNs) and IP Security (IPSec) G53ACC Chris Greenhalgh.
FINAL YEAR PROJECT. FINAL YEAR PROJECT IMPLEMENTATION OF VPN USING IPSEC.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
Chapter 8 IP Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Virtual Private Network Chapter 4. Lecturer : Trần Thị Ngọc Hoa2 Objectives  VPN Overview  Tunneling Protocol  Deployment models  Lab Demo.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
Network Access for Remote Users Dr John S. Graham ULCC
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Layer Security Network Systems Security Mort Anvari.
K. Salah1 Security Protocols in the Internet IPSec.
Securing Access to Data Using IPsec Josh Jones Cosc352.
Unlicensed Mobile Access (UMA ) Introduction and Overview Andrew Santarelli David Schraitle Matt Eberts Miguel Ibarra Mohammed Shareef.
CSCI 465 Data Communications and Networks Lecture 26
Securing Access to Mobile Operator Core Networks using IKEv2
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
Presentation transcript:

Research Seminar on Telecommunications Business IPSEC BUSINESS Henri Ossi

Contents Introduction IPsec technology overview IPsec in mobile networks Market overview Software component manufacturing Vendor strategies Conclusion

Introduction Everyone has secrets Traditional IP network is like a town hall –Your secrets can be heard Possible to –Forge –Modify –Inspect traffic

IPsec technology overview 1/5 Set IETF protocols that provide –Data source authentication –Integrity –Confidentiality (encryption) –Protection against replay attacks at IP layer Traffic security protocols –Authentication Header –Encapsulated Security Payload (encryption)

IPsec technology overview 2/5 Modes of operation –Transport –Tunnel (encapsulation) Security Association provides information –How to protect –What to protect –With whom the protection is done Key management –Internet Key Exchange negotiates SAs

IPsec technology overview 3/5 IKE TCP/UDP IP IPsec Internet Layer Secure IP packets IKE TCP/UDP IP IPsec SA negotiations SA pair

IPsec technology overview 4/5 Use case scenarios –Host -- Host (transport) –Host -- Security Gateway (tunnel) –SGW-- SGW (tunnel) Virtual Private Network deployment –Remote access (Road Warrior) –Site-to-site SGW

IPsec technology overview 4/5 Use case scenarios –Host -- Host (transport) –Host -- Security Gateway (tunnel) –SGW-- SGW (tunnel) Virtual Private Network deployment –Remote access (Road Warrior) –Site-to-site SGW

IPsec technology overview 4/5 Use case scenarios –Host -- Host (transport) –Host -- Security Gateway (tunnel) –SGW-- SGW (tunnel) Virtual Private Network deployment –Remote access (Road Warrior) –Site-to-site SGW

IPsec technology overview 4/5 Use case scenarios –Host -- Host (transport) –Host -- Security Gateway (tunnel) –SGW-- SGW (tunnel) Virtual Private Network deployment –Remote access (Road Warrior) –Site-to-site SGW Road Warrior

IPsec technology overview 4/5 Use case scenarios –Host -- Host (transport) –Host -- Security Gateway (tunnel) –SGW-- SGW (tunnel) Virtual Private Network deployment –Remote access (Road Warrior) –Site-to-site SGW

IPsec technology overview 5/5 Original RFCs criticized for complexity –Two modes of operation, two traffic security protocols –Committee made compromises between Network systems design Cryptographic protocol design Addressed in current (2005) versions –Optional AH –Transport mode between SGWs –IKE version 2

IPsec in mobile networks 1/3 3rd Generation Partnership Project (3GPP) –Collaboration agreement Mobile phones to use IP for voice & data 3GPP Release 6 –IP layer security implemented with IPsec –Both IKE versions in use

IPsec in mobile networks 2/3 IP layer in Network Domain Security –IPsec and IKE –Traffic between network elements IP based services –IKEv2 authenticates MS and IMS –IPsec tunnel for insecure protocols (SIP)

IPsec in mobile networks 3/3 3GPP interwork with WLAN –IPsec and IKEv2 Generic Access Network (GAN/UMA) –WLAN access to 2G services –Seamless handoff from GSM/GPRS to unlicensed spectrum –IKEv2 authenticates subscriber –IPsec tunnel between MS and GANC-SEGW What does it take to compete?

Market overview 1/2 Multiple roles to take Software industry –Provides software components to... System integrators –For example network equipment vendors –Provide solutions to... End users –Other industries –Consumers int main() ……

Market overview 2/2 Market segments –Consumer Network cards, ADSL modems, WLAN routers –SME Security gateways, network devices –Government –Enterprise High bandwidth, failover support These affect the software requirements

Software component manufacturing Software is an information product –Expensive to produce first copy Sunk costs –Cheap to reproduce => OEM value proposition: Price < customer’s development costs Integration time < customer’s development time Variable pricing –Differences in willingness to pay Great deal of value in maintenance

Vendor strategies 1/3 Business customer classes –Price-oriented –Solution-oriented Total Cost of Ownership –Gold-standard Quality, features and professional service –Strategic-value Tight relationship Threat of vertical integration

Vendor strategies 2/3 Market not perfectly competitive –Cost structure Basic strategies –Cost leadership Economy of scale Product business –Differentiation Added value through unique resources Project business

Vendor strategies 3/3 Target segment Market segment Business model Vendor strategy PriceSolutionGoldStrategic Consumer SME Government Enterprise ProductProject Cost leadership Differentiation

Conclusion Best solution for IP layer security –Common standard –Complex IP convergence brings new opportunities –Mobile networks Software is information –Cost structure leads to variable pricing –Two basic vendor strategies

Questions? The floor is open

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.