Presentation is loading. Please wait.

Presentation is loading. Please wait.

Virtual Private Networks

Published byÁngel Ayala Medina Modified over 6 years ago

Similar presentations

Presentation on theme: "Virtual Private Networks"— Presentation transcript:

1 Virtual Private Networks
What is a Virtual Private Network (VPN)? How do VPNs work? How is security achieved? How secure is a VPN? What sort of VPN is right for your application? 30-Nov-18 Jeff Rupp CS691

2 VPN: What is it VPNs provide a means to have access to an internal network from a remote location via the Internet They are called ‘Virtual’ since the data is still traveling through the public network, but both the data and the header can be encrypted 30-Nov-18 Jeff Rupp CS691

3 How do VPNs work VPNs consist of a gateway to the internal network and any number of remote clients The gateway is the machine to which the clients connect The gateway provides the server side encryption/decryption and user authentication 30-Nov-18 Jeff Rupp CS691

4 How VPNs Work The most common standard in use today is IPSec as established by the Internet Engineering Task Force (IETF) IPSec allows for 2 modes of operation: Transport: only the packet data is encrypted, the header is in the clear Tunnel: both header and data are encrypted 30-Nov-18 Jeff Rupp CS691

5 Security The first step in a VPN session is authentication, where the user and host authenticate each other via X.509, LDAP The next step is to establish a key typically using the Diffie/Hellman protocol (public/private keys) Packets are encrypted with this shared secret key, as public/private key cryptography is slower than secret key The secret key may be changed may times during a single VPN session. 30-Nov-18 Jeff Rupp CS691

6 Security IPSec does not dictate the encryption algorithm that is used
Most common is Triple DES apply DES 3 times with unique keys each time Some vendors have their own proprietary algorithm These vendors would be worth avoiding, since if their algorithm is ever broken, then your system may be compromised 30-Nov-18 Jeff Rupp CS691

7 Speed The limiting factor in the speed of a VPN system is the complexity of the encryption/decryption. A software only solution provides acceptable bandwidth for 1-2 clients Speed is dependent on the platform, and other loads on the VPN gateway Large scale VPNs require a hardware solution, called a VPN Appliance These appliances range in speed from 20Mbit - 200Mbit 30-Nov-18 Jeff Rupp CS691

8 Choosing a VPN All VPNs provide a software solution for the client, so the only hardware piece needs to be the gateway If your system will support more than 2 simultaneous clients then a VPN appliance is the best choice If you restrict the VPN gateway’s duties to VPN (not firewall, etc) then a software server side solution is acceptable for 1-2 simultaneous clients 30-Nov-18 Jeff Rupp CS691

9 References G2 Firewall Solutions Brief
Mar 05, 2003 Virtual Private Network Consortium Windows 2000 Step-by-Step Guid to Internet Protocol Security (IPSec) Scott, Charlie; Wolfe, Paul; Erwin, Mike Virtual Private Networks, Second Edition O’Reilly & Associates, Inc 1999 Network World, Inc., 2002 Product database from 10/28/2002 30-Nov-18 Jeff Rupp CS691

Download ppt "Virtual Private Networks"

Similar presentations

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.

VPN: Virtual Private Network Presented by: Germaine Bacon Lizzi Beduya Betty Huang Jun Mitsuoka Juliet Polintan.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
VPN’s Kristin Belanger. VPN’s Accommodate employees at distant offices Accommodate employees at distant offices Usually set up through internet Usually.

VPN’s Kristin Belanger. VPN’s Accommodate employees at distant offices Accommodate employees at distant offices Usually set up through internet Usually.
Internet Security Seminar Class CS591 Presentation Topic: VPN.

Internet Security Seminar Class CS591 Presentation Topic: VPN.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.

Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.

Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
1 ECE453 – Introduction to Computer Networks Lecture 19 – Network Security (II)

1 ECE453 – Introduction to Computer Networks Lecture 19 – Network Security (II)
PSeries Technical Conference L19 Brian Dolan-Goecke Atlanta, GeorgiaOctober 8-12, 2001 Linux VPN.

PSeries Technical Conference L19 Brian Dolan-Goecke Atlanta, GeorgiaOctober 8-12, 2001 Linux VPN.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Similar presentations

Ads by Google