Scribd
Upload
38 views5 pages

32 VPN Concept

A Virtual Private Network (VPN) is a network security technology that creates secure connections over the Internet, ensuring privacy and data integrity through protocols like IPSec. There are two main types of VPNs: Site-to-Site, which connects entire LANs, and Remote-Access, which allows individual users to connect securely from remote locations. VPNs offer advantages such as cost savings, scalability, and enhanced security through advanced encryption and authentication protocols.

Uploaded by

Galkin Pontes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
38 views5 pages

32 VPN Concept

A Virtual Private Network (VPN) is a network security technology that creates secure connections over the Internet, ensuring privacy and data integrity through protocols like IPSec. There are two main types of VPNs: Site-to-Site, which connects entire LANs, and Remote-Access, which allows individual users to connect securely from remote locations. VPNs offer advantages such as cost savings, scalability, and enhanced security through advanced encryption and authentication protocols.

Uploaded by

Galkin Pontes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

VPN (Virtual Private Network):

o VPN is a Network security term, which is stands for Virtual Private Network.
o VPN allows creating secure connection to another network over the Internet.
o VPNs create the tunnels that allow the users and systems to connect securely.
o Virtual Private Network (VPN) is a secure private tunnel over an insecure path.
o There are different technologies available for Wide Area Network connectivity.
o Main drawback of many Wide Area Network connectivity solutions is the Cost.
o VPN is Network Security Technology, to secure private network traffic over public.
o VPN ensures Privacy for network data from the source device to destination device.
o VPN ensures Data Integrity for network data from source device to destination device.
o VPN using network security protocols like IPSec to provide Privacy and Data Integrity.
o IPSec VPN provide Data Confidentiality by encrypting the data at the sending device.
o IPSec VPN provide Data Confidentiality by decrypting the data at the receiving end.
o IPSec VPN also provides Data Integrity by using Hashing Algorithms like MD5 & SHA.
o Check Point SG supports several types of VPN implementations IPSec and SSL based.
o The Virtual Private Network (VPN) technology relies on the concept of tunneling.
o VPN tunneling involves establishing and maintaining a logical network association.
o Public network is a network to which anyone can connect, and anyone can use it.
o Private network is any network to which access is restricted and not for public use.

1 | P a g e Created by Ahmad Ali E-Mail: [email protected] , Mobile: 00966564303717


In analogy, each person traveling by submarine is like a remote user accessing the company's
private network.

Imagine that you live on an island in a huge ocean. There are thousands of other islands all
around you, some very close and others farther away. The common means of travel between
islands is via ferry. Traveling on the ferry means that you have almost no privacy: Other people
can see everything you do.

2 | P a g e Created by Ahmad Ali E-Mail: [email protected] , Mobile: 00966564303717


Advantages of VPNs:
Cost Savings Organizations can use VPNs to reduce connectivity costs.
Scalability Organizations can use the Internet to easily interconnect new offices.
Security Advanced encryption and authentication protocols protect data.
Compatibility VPNs can be implemented across a wide variety of WAN link options.
Better Performance VPNs provide better performance.
Flexible & Reliable VPNs is flexible and reliable.

Why Use Secure VPN:


Eavesdropping Attacks Traffic can be sniffed from unsecured lines.
Network Spoofing Attacks Attacker can sniff the encrypted data over the public
network and use it to make itself as a legitimate VPN peer.
Man-in-The-Middle-Attacks Attacker gets in-line with normal flow of traffic just to sniff
the critical information.

Type of VPNs:
There are two main types or categories of VPNs, Site-to-Site VPNs and Remote-Access VPNs.

3 | P a g e Created by Ahmad Ali E-Mail: [email protected] , Mobile: 00966564303717


Site-to-Site VPNs:
o A VPN connection that allows connecting the two LANs is called a Site-to-Site VPN.
o Connect two private LAN over Public Network, Private to Private over Public Network.
o Also called Site-to-Site VPN, LAN-to-LAN VPN or Hub-and-Spoke Virtual private network.
o There are many organizations use IPsec, GRE & MPLS VPN as Site-to-Site VPN protocols.
o Site-to-Site VPNs can connect branch office network to company Head-Office Network.
o VPN allows secure connection of corporate office with branch offices or remote offices.
o Basically, Site-to-Site VPN are built over Internet between two or more office locations.
o Site-to-Site Virtual Private Network (VPN) connect entire LAN networks to each other.
o The VPNs may be placed in enterprise internet edge, enterprise WAN edge or branch.

Remote-Access VPNs:
o Enable users to work from remote locations such as their homes & other premises.
o Remote-Access VPNs connect client devices to LAN over the Internet infrastructure.
o Individual hosts or clients, access a company network securely over the Internet.
o Each host typically has a VPN client software loaded or uses the web-based client.
o Whenever the host send any information, the VPN client software encapsulates it.
o Whenever the host send any information, the VPN client software also encrypts it.
o It allows individual users to establish secure connections with a remote network.
o Remote-Access VPN tunnels are formed between a VPN device & an end-user PC.
o The remote user requires the any Virtual Private Network (VPN) client software.
o Remote access Virtual Private Network connect individual users to private networks.
o Remote-access Virtual Private Network connects individual host to company Network.

4 | P a g e Created by Ahmad Ali E-Mail: [email protected] , Mobile: 00966564303717


Protocols for VPN:
The following are different protocols use for VPN implementation:
Point-to-Point Tunneling Protocol PPTP
Layer 2 Forwarding Protocol L2FP
Layer 2 Tunneling Protocol L2TP
Generic Routing Encapsulation Protocol GRE
Multiprotocol Label Switching MPLS
Internet Protocol Security IPSec
Secure Sockets Layer SSL

Encryption Algorithms for VPN:


The following are the typical encryption (Confidentiality) algorithms:
Data Encryption Standard (DES) 064 bits long
Triple Data Encryption Standard (3DES) 168 bits long
Advanced Encryption Standard (AES) 128 bits long
Advanced Encryption Standard (AES) 192 bits long
Advanced Encryption Standard (AES) 256 bits long

Hashing Algorithms for VPN:


The following are the Hashing (Integrity) algorithms:
Secure Hash Algorithm SHA
Message Digest Algorithm 5 MD5

Authentication Algorithms for VPN:


The following are common authentication methods:
Pre-Shared Keys Digital Certificates

5 | P a g e Created by Ahmad Ali E-Mail: [email protected] , Mobile: 00966564303717

You might also like