Hp education services education.hp.com 10 Virtual Private Networks Version B.00 H7076S Module 2 Slides.

Slides:



Advertisements
Similar presentations
Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.
Advertisements

Guide to Network Defense and Countermeasures Second Edition
1 Intel / Shiva VPN Solutions Stephen Wong System Engineer.
VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Module 5: Configuring Access for Remote Clients and Networks.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
SCSC 455 Computer Security Virtual Private Network (VPN)
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
Module 10: Configuring Virtual Private Network Access for Remote Clients and Networks.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
Virtual Private Networking Karlene R. Samuels COSC513.
Internet Protocol Security (IPSec)
Remote Networking Architectures
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Virtual Private Networks (VPN’s)
1 © J. Liebeherr, All rights reserved Virtual Private Networks.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Virtual Private Network
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.
NetComm Wireless VPN Functionality Feature Spotlight.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
DrayTek VPN Solution. Outline What is VPN What does VPN Do Supported VPN Protocol How Many Tunnels does Vigor Support VPN Application Special VPN Application.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Module 11: Remote Access Fundamentals
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Module 5: Configuring Access for Remote Clients and Networks.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
CCNA 1 v3.0 Module 2 Networking Fundamentals. Objectives.
1 Virtual Private Network (VPN) Course: COSC513 Instructor: Professor M. Anvari Student: Xinguang Wang.
Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L5 1 Implementing Secure Converged Wide Area Networks (ISCW) Module 3.1.
1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.
Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.
HP Consulting Israel Jacob Shaaltiel July 15, 2001 HP UX 11 Security Products.
Virtual Private Network (VPN)
Virtual Private Networks Manraj Sekhon. What is a VPN?
VPN Alex Carr. Overview  Introduction  3 Main Purposes of a VPN  Equipment  Remote-Access VPN  Site-to-Site VPN  Extranet Based  Intranet Based.
VIRTUAL PRIVATE NETWORKS Lab#9. 2 Virtual Private Networks (VPNs)  Institutions often want private networks for security.  Costly! Separate routers,
Virtual Private Network Wo Yan Lam. Overview What is Virtual Private Network Different types of VPN –Remote-Access VPN –Site-to-site VPN Security features.
Virtual Private Network Technology Nikki London COSC 352 March 2, 2010.
SECURITY IN VIRTUAL PRIVATE NETWORKS PRESENTED BY : NISHANT SURESH.
Virtual Private Networks
Virtual Private Network Access for Remote Networks
Firewalls Routers, Switches, Hubs VPNs
VPN: Virtual Private Network
Topic 12: Virtual Private Networks
Presentation transcript:

hp education services education.hp.com 10 Virtual Private Networks Version B.00 H7076S Module 2 Slides

© 2001 Hewlett-Packard Company H7076S B The Security Problem with IP Today Users in San Francisco K-CLASS Server in Chicago It is trivial to snoop on Internet traffic, including passwords sent over the network. It is fairly easy to forge IP packets and impersonate another user or machine. Malicious people exist who actually do these things. Bad Guy

© 2001 Hewlett-Packard Company H7076S B What Is a Virtual Private Network? VPN Server for Site A VPN Server for Site B Non-Encrypted Link Encrypted Link Legend Internet Site A Intranet Site B Intranet This mobile client uses encrypted links when communicating w/ systems in site A and B. The nodes in site A and B use non- encrypted links when performing Intranet communications. The nodes use encrypted links when communicating across the Internet.

© 2001 Hewlett-Packard Company H7076S B Types of VPNs HP Solution Network-to-Network –Replace expensive dedicated leased line WAN charges for site-to-site data connectivity Network-to-Host (Remote Access) –Replace expensive modem pools, ISDN per-minute charges Host-to-Host –End-to-End security to protect sensitive data for intra- or inter-network communications IPSec/9000 Types of Virtual Private Networks Extranet e-Firewall

© 2001 Hewlett-Packard Company H7076S B Extranet VPN e-Firewall with Mobile client option K- CLASS The Global Internet Firewall and Encryption Devices Corporate HQ Site Business Partner Branch Host Encrypted “tunnels” Laptop computer e-Firewall HP-UX IPSec/9000 HP Solutions for VPNs

© 2001 Hewlett-Packard Company H7076S B Value Prop: Low Cost, Quick Setup of WAN Connectivity K- CLASS Firewall and Encryption Devices Corporate Headquarters Business Partner Field Office Overseas Site Multiple Encrypted “tunnels” Network-to-Network VPNs The Global Internet

© 2001 Hewlett-Packard Company H7076S B Mobile Laptop User K- CLAS S VPN Gateway Device Corporate HQ Site Dialup Line ISDN or DSL Connections All connections initiated by remote user Encryption occurs on Software Client Remote Access VPNs The Global Internet

© 2001 Hewlett-Packard Company H7076S B DMZ The Global Internet Corporate HQ Site Business Partner End-to-End Security – Within the Enterprise – Through the Internet Host-to-Host VPNs

© 2001 Hewlett-Packard Company H7076S B Product Advantages Disadvantages Application Level Security Public Domain S/W(socks) hp Extraet VPN Close integration with the application Network Level Security hp IPFilter/9000 hp IPSec/9000 hp e-Firewall No need to modify applications May need to modify firewall configuration Link Level Security PPTP, L2TP Easy to implementNot scalable VPN Software Products May need to modify the application

© 2001 Hewlett-Packard Company H7076S B K- CLAS S VPN Gateway Device Corporate HQ Site ISDN or DSL or Dial up Connections Hacker If I can get into their host, maybe I can go through their VPN. I wonder which ports are open? They probably have no firewall. The Global Internet System Firewall needed!! Why a System Firewall?

© 2001 Hewlett-Packard Company H7076S B HP IPFilter/9000 – B9901AA Features supported by Hewlett-Packard: Full-fledged statefull inspection firewall Free product Workstations and servers HP-UX 11.0 and 11i Features not supported by Hewlett-Packard (features supported in public domain): Perimeter firewall Network address translation Hewlett-Packard’s Solution

© 2001 Hewlett-Packard Company H7076S B Intranet Packets destined for our machine not part of a VPN connection that we initiated. IPFilter rules pass or block depending upon the rules. System Firewall Installed Matched pass rules Matched block rules Bit Bucket How a System Firewall Works

© 2001 Hewlett-Packard Company H7076S B Hardware and Software Requirements Hewlett-Packard 9000 series 800 or 700 HP-UX 11.0 or 11i operating system Dynamically loadable kernel module support Commands to verify: #uname –a #kmsystem –q dlkm

© 2001 Hewlett-Packard Company H7076S B Patches Required PHNE_22397 (or newer replacement for 32-bit or 64 bit 11.0) PHCO_22899 (or newer replacement for 32-bit 11.0) PHCO_22989 (or newer replacement for 32-bit 11i) Command to verify: #swlist –l product patch_name

© 2001 Hewlett-Packard Company H7076S B Installation Use SD-UX to install product number B9901AA Available on application CD AP0301 Command to use: #swinstall Configuration file and start-up scripts installed: /etc/rc.config.d/ipfconf /sbin/init.d/pfilboot /sbin/init.d/ipfboot

© 2001 Hewlett-Packard Company H7076S B Verification of Installation To verify the product was installed correctly after reboot: #kmadmin –s #ps –ef | grep ipmon Logs to look at if installation unsuccessful: /etc/rc.log /var/adm/sw/swagent.log /var/adm/sw/swinstall.log

© 2001 Hewlett-Packard Company H7076S B Filter Rules Rules are processed from top to bottom Last match takes effect Installing and Administering IPFilter/9000 or the Public Domain HOWTO document for detailed explanations. Rule File: /etc/opt/ipf/ipf.conf Default file is empty, implied contents: pass in all pass out all

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.