9854_c019

7/28/2019 9854_c019

http://slidepdf.com/reader/full/9854c019 1/18

19IPv6, IPSec, and VPNs

19.1 Introduction

19.2 Security RequirementsTypes of Security Security Framework • Security Services

19.3 IP Version 6 (IPv6)

Introduction • IPv6 Packet Format19.4 IPSec

Introduction • What is IPSec? • IPSec Services • Transport and

Tunnel Modes • Authentication Header (AH) • ESP • Security

Association • Key Management in IPSec

19.5 Virtual Private Networks Introduction • VPN Configurations • Methods of VPN

Deployment • Advantages of a VPN • Competing VPN

Deployment Protocols • Benefits of IPSec

19.6 Conclusion

19.1 Introduction

There is growing interest in the use of VPNs as a cost-effective means of building and deploying private net-

works for multi-site communication over the Internet. In this context,a VPN may be defined as the emulation

of a secure, private wide area network over the public Internet. The challenge in developing a VPN for today’s

global business environment is to utilize the public Internet backbone for both intra- and inter-company com-

munications, while still providing the security of a traditional private, self-administered corporate network.

Within the Internet Engineering Task Force (IETF), the IP Security (IPSec) working group has devel-

oped a framework for network layer security over the Internet [11]. IPSec is a flexible framework,

enabling a company to configure secure end-to-end solutions that can accommodate both locally

attached users and remote-access users, and can support communications both within the company and

between different companies [8].

Note that, although VPNs are mostly used over the Internet, they are not restricted to this environ-

ment. VPNs can be used over any public network to provide secure communications [1, 10]. The purpose

of this article is to give a brief overview of VPNs based on the IPSec protocol, with special emphasis on

the forthcoming IP version 6 of the Internet Protocol [4].

19.2 Security Requirements

Types of SecurityThe security of an organization’s electronic information requires a comprehensive plan of action, includ-

ing the following aspects:

Walter PenzhornUniversity of Pretoria

Johann AmsengaGennan Systems (Pty) Ltd

© 2005 by CRC Press LLC

7/28/2019 9854_c019


Host security : Controlling access to, and processing on each computer.

Network security : Securing a network, where the network itself acts as an access medium.

Administration: Ensuring that proper functional procedures and operational rules are put in place

and adhered to.

Personnel : Making sure that personnel are properly trained, authorized, and alerted to security awareness.

Physical security : Cont\rolling physical access to assets and infrastructure.

Security Framework

Virtual private networks are intended to provide suitable cryptographic services and mechanisms to pro-

tect a network. The ITU-T Recommendation X.800, Security Architecture for OSI , defines a comprehen-

sive framework in terms of security threats, services, and mechanisms of networks.

Security threat : A threat is anything that poses some form of danger to a network and related resources.

Security service: A service that counters security threats and attacks and enhances the security of a net-

work, by applying a range of available security mechanisms.

Security mechanisms: A mechanism that is intended to detect, prevent, or recover from a security attack.

Security Services

A security service enhances the security of the network and its related components. In general, services

function in one of the following categories:

● Prevention● Detection or● Recovery

X.800 lists the following five categories of security services:

Authentication: Ensure the authenticity of the identity of all communicating entities, as well as the ori-

gin of data or information.

Data Confidentiality : Protect transmitted data or information against eavesdropping or leakage to

unauthorized entities.

Data Integrity : Prevent the unauthorized creation, alteration, replay, or destruction of transmitted data.

Access Control : Limit and control access to resources to legitimate users.

Accountability : Ensure the maintenance of a complete record of the actions of every user in the system.

19.3 IP Version 6 (IPv6)

Introduction

The Internet Protocol (IP) is part of the TCP/IP suite, and is the most widely used internetworking pro-

tocol [2]. For decades, the keystone of the TCP/IP protocol architecture has been IP version 4 (IPv4).

However, IPv4 has several shortcomings and limitations, which prompted the IETF to start working on a

next version of IP. In 1995, the specification for a next-generation IP protocol, then known as IPng, was

issued. In 1996, this specification was turned into a standard, referred to as IPv6 [4].

IPv6 provides a number of functional enhancements over the existing IPv4, designed to accommodate

the higher speeds of today’s networks and the mix of data streams, including graphic and video, whichare becoming more prevalent. But the prime driving force behind the development of IPv6 was the need

for more addresses. IPv4 uses a 32-bit address to specify the source or destination. With the explosive

growth of the Internet, and the private networks attached to the Internet, this address length is rapidly

becoming insufficient. Ultimately, all installations using TCP/IP are expected to migrate from the current

IPv4 to IPv6; but this process may take many years, if not decades.


7/28/2019 9854_c019


As shown in Figure 19.1, IPv6 contains 128-bit source and destination address fields (compared to the

32-bit address space of IPv4). Also, instead of the dotted decimal notation used in IPv4, IPv6 uses a dif-

ferent notation to depict an Internet address, that is, hexadecimal numbers separated by colons:

0123:4567:89ab:cdef:0123:4567:89ab:cdef

The IPv6 header has a length of 40 octets, consisting of the following fields:

Version (4 bits): Internet Protocol version number; for IPv6, the value is 6.

Traffic Class (8 bits): To distinguish between different classes or priorities of IPv6 packets.

Flow Label (20 bits): The flow label is intended to assist with resource reservation and real-time traffic

processing.

Payload Length (16 bits): Gives the total length of all of the extension headers plus the transport-level

payload.

Next Header (8 bits): Identifies the type of header immediately following the IPv6 header.

Hop Limit (8 bits): The hop limit is set to some desired maximum value by the source and decremented

by 1 by each node that forwards the packet.

Source Address (128 bits): The address of the originator of the packet.Destination Address (128 bits): The address of the intended recipient of the packet.

IPv6 Packet Format

An IPv6 packet has the following general form, as shown in Figure 19.2:

The only mandatory header is simply referred to as the IPv6 Header,and has a fixed length of 40 octets.

Although the IPv6 Header is longer than the mandatory portion of the IPv4 header (20 octets), the IPv6

packet contains fewer fields (8 vs. 12). Thus, routers have less processing to carry out per packet, which

should speed up routing.

The following extension headers are defined for IPv6:Hop-by-Hop Options Header : Defines special options that require hop-by-hop processing.

Routing Header : Provides extended routing, similar to IPv4 source routing.

Fragment Header : Contains fragmentation and reassembly information.

Authentication Header : Provides packet integrity and authentication (required for IPSec).

Encapsulating Security Payload Header : Provides privacy (required for IPSec).

Destination Options Header : Contains optional information to be examined by the destination node.

0 4 12 31

Version Traffic class Flow label

Payload length Hop Limit1

Source address

Destination address

4 0 o c t e t s

FIGURE 19.1 Illustration of the IPv6 header.


7/28/2019 9854_c019


Figure 19.3 shows an example of an IPv6 packet that includes an instance of each nonsecurity header.

Observe that each extension header includes a Next Header field. This field identifies the type of subse-

quent header. If the subsequent header is an extension header, then this field contains the type identifier

of that header.

19.4 IPSec

Introduction

In 1994, the Internet Architecture Board (IAB) issued a report entitled “Security in the Internet

Architecture” (RFC 1636) [11]. The report stated the need for security on the Internet, and identified the

following three functional areas for security mechanisms:

Authentication: To ensure that a received packet was transmitted by the claimed source in the packet

header, and also that the packet was not altered in transit.

Confidentiality (encryption): Provide encryption of packets to prevent eavesdropping by third parties,

as well as the unauthorized monitoring and control of network traffic.

Key management : Establish an infrastructure for the secure management and exchange of crypto-

graphic keys.

In response, the IPSec working group was formed within the IETF, and a framework for network layersecurity was developed that is usable both with the current IPv4 and the future IPv6.

What is IPSec?

The acronym IPSec, a short form of the term “Internet Protocol Security,” is an evolving standard for secu-

rity at the network or packet layer of network communication. In essence, IPSec is a set of protocols that may

be used to implement VPNs that operate over the Internet [5, 8]. The principal feature of IPSec is that it can

encrypt and/or authenticate all traffic at the IP level, so that all distributed higher-layer applications, includ-

ing remote logon, client/server, e-mail, file transfer, Web access, etc. can be secured, as shown in Figure 19.4.

Thus, IPSec is transparent to end users and applications and facilitates a general-purpose solution.

Furthermore, IPSec includes a filtering capability so that only selected traffic is affected by the overhead

of IPSec processing.

The IPSec specification consists of numerous documents. The most important of these, issued in

November 1998, are:

● RFC 2401: An overview of a security architecture.● RFC 2402: Description of a packet authentication extension to IPv4 and IPv6.● RFC 2406 : Description of a packet encryption extension to IPv4 and IPv6.● RFC 2408: Specification of key management capabilities.

Support for IPSec is mandatory for IPv6 and optional for IPv4. In both cases, the security features are

implemented as two extension headers that follow the main IP header.

IPSec Services

The following security services are provided by IPSec:

Data origin authentication: Verifies that each datagram was originated by the claimed sender.

40 octets 0 or more octets 0 or more octets

Ipv6 header Extension headerExtension header .... Transport-level payload

FIGURE 19.2 General form of an IPv6 packet.


7/28/2019 9854_c019


Data integrity : Verifies that the contents of the datagram were not changed in transit, either deliber-ately or due to random errors.

Data confidentiality : Protects the plaintext of a message by means of encryption.

Replay protection: Assures that an attacker cannot intercept a datagram and send it back at some later time.

Key management : Generation and distribution of cryptographic keys across a distributed network

environment.

IPSec provides these security services by means of two protocols: an authentication protocol designated

by the header of the protocol, Authentication Header (AH), and a combined encryption/authentication

protocol designated by the format of the packet for that protocol, Encapsulating Security Payload (ESP).

Authentication Header (AH): Provides data origin authentication, data integrity, and replay protection.Encapsulating Security Payload (ESP): Provides data confidentiality, data origin authentication, data

integrity, and replay protection.

Internet Security Association and Key Management Protocol (ISAKMP): Provides a framework for the

generation, distribution, and management of cryptographic keys.

In the sequel, each of these protocols will be discussed in some detail.

IPv6 header

Hop-by-Hop option header

Routing header

Fragment header

Destination options header

TCP header

Application data

Octets

40

Variable

Variable

Variable

8

20 (optionalvariable part)

MandatoryIPv6 header

Optionalextensionheaders

IPv6 packetbody

FIGURE 19.3 Illustration of an IPv6 packet with Extension Headers.

HTTP FTP SMTP

TCP

IP/IPSec

FIGURE 19.4 Placement of security in the TCP/IP stack.


7/28/2019 9854_c019


Transport and Tunnel Modes

AH and ESP support two modes of use: the transport mode and the tunnel mode.

● The transport mode provides protection primarily for upper-layer protocols. Typically, the trans-

port mode is used for end-to-end communication, for example, between client and server or

between two workstations.● The tunnel mode is normally used between two entities when at least one of them is not a con-

nection end-point. For example, if secure communication is desired between two gateways that are

located between a client and a server, these gateways would utilize IPSec in the tunnel mode.

Authentication Header (AH)

The Authentication Header provides connectionless integrity and data origin authentication for IP data-

grams, as well as protection against replay [7]. The format of the AH header is illustrated in Figure 19.5.

The data integrity feature prevents undetected modification of a datagram. Data authentication

enables an end system or network device to authenticate the user, and also prevents address spoofingattacks. The AH protects the entire contents of an IP datagram except for certain fields in the IP header,

called mutable fields, that are being modified while the datagram is in transit. A checksum, generated by

means of a (keyed) message authentication code (MAC), is included in the AH header. Hence, the two

communication parties must share a secret key. The checksum is calculated using the HMAC algorithm,

based on either MD5 or SHA-1. During calculation of the checksum, the mutable fields are treated as if

they contained all zeros. Replay is prevented by including a sequence number field within the AH Header,

which is increased for each transmitted package.

AH can be applied in the transport or tunnel mode, as shown in Figure 19.6.

In the transport mode, the AH is inserted after the original IP header and before the IP payload. The

AH is viewed as an end-to-end payload, that is, it is not examined or processed by intermediate routers.Therefore, the AH appears after the IPv6 base header and the hop-by-hop, routing, and fragment exten-

sion headers. Authentication covers the entire packet, excluding mutable fields, which are set to zero for

MAC calculation. Note that all information in the datagram is in plaintext form, and therefore is subject

to eavesdropping while in transit.

In tunnel mode, a new IP header is generated; the AH is inserted between the new, outer IP header

and the original (inner) IP header. The inner IP header carries the ultimate source and destination

addresses, while a new IP header may contain intermediate IP addresses (e.g., VPN address). The entire

new datagram (new IP Header, AH Header, IP Header, and IP Payload) is protected by the AH proto-

col. Any change to any field (except the mutable fields) in the tunnel mode datagram can be detected.

0 8 16 31

Next header Payload length RESERVED

Security Parameter Index (SPI)

Sequence number

Authentication data (variable)

FIGURE 19.5 IPSec Authentication Header.


7/28/2019 9854_c019


AH may be applied alone or in combination with the ESP header. The primary difference between the

authentication provided by ESP and AH is the extent of the coverage. Specifically, ESP does not protect

any IP header fields unless those fields are encapsulated by ESP (tunnel mode).

ESP

The ESP provides data confidentiality, and protection against replay; it can also optionally provide data

origin authentication and data integrity checking, similar to AH. The current IPSec specification man-

dates the use of the Data Encryption Standard (DES) in cipher block chaining (CBC) mode for encryp-

tion. Several other algorithms are also accepted, including triple DES, RC5, IDEA, CAST, and Blowfish.

When ESP is required to provide authentication as well, it uses the same HMAC algorithms (HMAC-

MD5 or HMAC-SHA-1) as the AH protocol. The format of an ESP package is shown in Figure 19.7.

ESP can be applied in either transport or tunnel mode. Transport mode may be used, for example, to

provide encryption (and optionally authentication) between two directly connected hosts. On the other

hand, a VPN may be established over the Internet between various private, corporate networks by imple-

menting ESP tunnel mode on the security gateways that connect the internal networks to the Internet. In

this way, implementation of security on every internal host is avoided. This is illustrated in Figure 19.8.

● In the transport mode,ESP is viewed as an end-to-end payload, that is, it is not examined or processed

by intermediate routers. Therefore, the ESP header appears after the IPv6 base header and the hop-by-

hop, routing, and fragment extension headers. Encryption covers the entire transport-level segment

plus the ESP trailer. Note that the IP Header itself is neither authenticated nor encrypted. Hence, theaddressing information in the outer header is visible to an attacker while the datagram is in transit.

● In the tunnel mode, a new IP header is generated. The entire original IP datagram (including both IP

Header and IP Payload) and the ESP Trailer are encrypted. Because the original IP Header is

encrypted, its contents are not visible to an attacker while it is in transit. Tunneling offers the advan-

tage of hiding original source and destination addresses from users on the Internet, thus diminishing

TCP DataOriginal IP

headerExtension headers (if present)

TCP

TCP

Data

Data

Original IP

header

Original

IP header

(a) Before applying AH

Authenticated except mutable fields

Hop-by-hop

destinationAH

AH

Desti-

nation

(b) Transport Mode

Extension

headers

Extension

headers

New IP

header

(c) Tunnel Mode

Authenticated except mutable fields in new IP headers

FIGURE 19.6 Illustration of the AH modes.


7/28/2019 9854_c019


the threat of traffic analysis attacks.A common use of tunnel mode is to protect a datagram that is tun-

neled between two gateways. This relieves hosts on the internal network of the processing burden of

encryption and simplifies the key distribution task by reducing the number of required secret keys.

The security services provided by the two IPSec protocols are shown in Table 19.1.

0 8 16 24 31

Security Parameters Index (SPI)

Sequence number

Payload data (variable)

Padding (0−255 bytes)

Pad length Next header

Authentication data (variable)

A u t h en t i c a t e d

E n c y p t e d

FIGURE 19.7 ESP header format.

TCP DataOriginal

IP header

Hop-by-hop

destinationDesti-

nation

(a) Transport Mode

ESP

Header

ESP

Header

ESP

trailer

ESP

auth.

TCP DataESP

trailer

ESP

auth.

Original

IP header

Extension

headers

Extension

headers

New IP

headers

(b) Tunnel Mode

Authenticated

Encrypted

Authenticated

Encrypted

FIGURE 19.8 Illustration of ESP modes for encryption and authentication.


7/28/2019 9854_c019


Security Association

A Security Association (SA) is a relationship between two or more entities that describes how the entities

will use security services to communicate securely. The security association is unidirectional, meaning

that for each pair of communicating systems, there are at least two security connections — one from A

to B and one from B to A. The security association is uniquely identified by three parameters:

Security Parameters Index (SPI): A randomly chosen unique number that is carried in AH and ESP head-

ers to enable the receiving system to select the SA under which a received packet will be processed.

IP Destination Address: This is the address of the destination endpoint of the SA, which may be an end-

user system or a network system such as a fire wall or router.

Security Protocol Identifier : This indicates whether the association is an AH or ESP security association.

In an SA, ESP may be applied alone, in combination with AH, or even nested within another instance

of itself. With these combinations, authentication can be provided between a pair of communicating

hosts, between a pair of communicating firewalls, or between a host and a firewall. An SA contains all the

relevant information that communicating systems need in order to execute the IPSec protocols, such as:

● The mode of the authentication algorithm used in the AH, and the keys for the algorithm.● The encryption algorithm mode for ESP, and the required keys.● Authentication algorithm-related information used in the ESP.● Key management information, such as key lifetime.● The SA lifetime.

Key Management in IPSec

The operation of IPSec in either AH or ESP mode requires the availability of shared secret keys between

communicating entities. Typically, four keys are required for communication between two applications:

transmit and receive pairs for both AH and ESP. The IPSec Architecture document mandates support fortwo types of key management:

Manual : A system administrator manually configures each system with its own keys and with the keys

of other communicating systems. This is practical for small, relatively static environments.

Automated : An automated system enables the on-demand creation of keys for SAs and facilitates the

use of keys in a large distributed system with an evolving configuration.

The default automated key management protocol for IPSec consists of the following elements:

ISAKMP : ISAKMP defines a standardized framework to support negotiation of SA, initial generation

of all cryptographic keys, and subsequent refreshing of these keys [6, 9].

Oakley Key Determination Protocol : This key exchange protocol is based on the Diffie–Hellman algo-

rithm, modified to provide security against known attacks.

ISAKMP by itself does not dictate a specific key exchange algorithm, but consists of a set of message

types that enable the use of a variety of key exchange algorithms. Oakley is the specific key exchange

algorithm mandated for use with the initial version of ISAKMP. The ISAKMP/Oakley protocol combina-

tion was named Internet Key Exchange (IKE), and is specified in RFC 2409.

TABLE 19.1 An overview of IPSec Security Services

Security service AH ESP(encryption only) ESP(encryption and authentication)

Access control Yes Yes Yes

Connectionless integrity Yes Yes

Data origin authentication Yes Yes

Rejection of replayed packets Yes Yes Yes

Confidentiality Yes Yes

Limited traffic flow confidentiality Yes Yes


7/28/2019 9854_c019


The ISAKMP methods have been designed with the explicit goal of providing protection against sev-

eral well-known threats:

Denial of Service: The messages are constructed with unique cookies that can be used to quickly iden-

tify and reject invalid messages without the need to execute processor-intensive cryptographic operations.

Man-in-the-Middle: Protection is provided against common attacks such as deletion of messages,modification of messages, reflecting messages back to the sender, replaying of old messages, and redirec-

tion of messages to unintended recipients.

Perfect Forward Secrecy : Compromise of past keys provides no useful clues for breaking any other key,

whether it occurred before or after the compromised key. That is, each refreshed key will be derived with-

out any dependence on predecessor keys.

IKE functions in two phases. Phase one involves two IKE peers establishing a secure channel for per-

forming phase two. Phase two involves the two peers negotiating general-purpose SAs. IKE provides three

modes for the exchange of keying information and setting up of IKE SAs. Two modes are for IKE phase-

one exchanges, and one mode is for phase-two exchanges.

Main Mode

This mode provides a way to establish the first phase of IKE SA, which is then used to negotiate future

communications. The first step, securing an IKE SA, occurs in three two-way exchanges between the

sender and the receiver. In the first exchange, the sender and receiver agree on basic algorithms and

hashes. In the second exchange, public keys are sent for a Diffie–Hellman exchange. Nonces (random

numbers each party must sign and return to prove their identities) are then exchanged. In the third

exchange, identities are verified, and each party is assured that the exchange has been completed.

Aggressive Mode

The aggressive mode provides the same services as the main mode. It establishes the phase one SA, and

operates in much the same manner as the main mode except that it is completed in two exchanges instead

of three. However, the aggressive mode does not provide identity protection for communicating parties.

In other words, in the aggressive mode, the sender and recipient exchange identification information

before they establish a secure channel where the information is encrypted.

Quick Mode

After two parties have established a secure channel using either aggressive mode or main mode, they can use

quick mode. Quick mode has two purposes: to negotiate general IPSec security services and to generate

newly keyed material. Quick mode is much simpler than both main and aggressive modes. Quick mode

packets are always encrypted under the secure channel (or IKE SA established in phase one) and start with

a hash payload that is used to authenticate the rest of the packet.

Perfect Forward Secrecy

For perfect forward secrecy, it is required to generate a new key that does not depend on the current or

any previous key. Diffie–Hellman allows the generation of new shared keys that are independent of older

keys, thus providing perfect forward secrecy. The derived Diffie–Hellman key can be used either as a ses-

sion key for subsequent exchanges, or to encrypt another randomly generated key.

19.5 Virtual Private Networks

IntroductionA VPN can best be described as follows:

A Virtual Private Network provides secure, private communications by utilizing an existing public, inse-

cure network infrastructure, such as the Internet.

Within this context, we observe the following:


7/28/2019 9854_c019


● A public network is any network that is under the control of another party, or that is accessible by

other parties. The term other parties is used to refer to other people or organizations that are not

part of the relevant organization.● A private network is a network belonging to a specific organization, and is accessible only to

authorized members (e.g., employees) of that organization.● The network is termed virtual because it uses a logical connection that is built on the physical con-

nections. Client applications are unaware of the actual physical connection and route traffic

securely across the public network in much the same way in which traffic on a private network is

securely routed.

In other words, a VPN enables the use of part of a public network for private, confidential purposes

[1, 10, 12]. A VPN is intended to give an organization the same capabilities as a private network that is

based on leased lines, but at a much lower cost. Privacy is maintained through the use of security services

and mechanisms, based on tunneling protocols.

A secure and effective VPN deployment should provide the following functions:

● enforce an overall network security policy,● ensure that VPN traffic is subject to network access control,● protect the VPN gateway from security threats,● provide an overall architecture that optimizes VPN and firewall performance,● accommodate highly dynamic and growing network environments.

The key technologies that comprise the security component of a VPN are:

● access control to guarantee the security of network connections,● encryption (confidentiality) to protect the privacy of sensitive data,● authentication to verify the user’s identity as well as the integrity of the data, and●

procedures for exchanging keys and digital certificates (credentials) among different users.

VPN Configurations

User-to-site VPN

A VPN provides an easy mechanism to allow remote access to an organization’s private network. In the

past, users working at off-site locations such as their homes (telecommuting) or while traveling (mobile

or roaming users) had to connect to the company network via dial-up links to a modem pool. The

Internet provides a cheaper alternative since the user can connect to the nearest ISP and access the com-

pany network via the Internet. Figures 19.9 and 19.10 compare two different scenarios.

Site-to-site VPN

A VPN using a public infrastructure such as the Internet can replace the traditional wide area network

(WAN) architecture (using point-to-point leased lines) between offices. WANs are usually privately

owned networks that span a large geographical area, typically across a country or even a continent, and

interconnect LANs in different locations.

The example in Figure 19.11 shows a company with three offices situated in different locations. Each

office requires access to the Internet, as well as being connected to the other offices. Traditionally, con-

nectivity between the offices is obtained by means of a dedicated WAN, based on leased lines. However,

if a VPN is used, as shown in Figure 19.12, only one Internet connection is required at each office.

Extranet

An extranet is a network configured to allow specific trusted parties access to selected regions of an orga-

nization’s internal network. Trusted parties may, for example, include clients and other organizations col-

laborating on a project. Figure 19.13 shows an example where a company provides access to customers

via a dedicated line.


7/28/2019 9854_c019


Figure 19.14 shows how an external customer can gain access by means of a VPN connected to the

Internet. The access control and authentication services of the VPN are utilized to grant discretionary

access to customers and partners to information and resources on the organization’s private network.

Internal VPN or Private LANs

A VPN implementation can be used for internal network partitioning. This enables different logical net-

works on the same network infrastructure. Figure 19.15 shows a LAN configuration with unrestricted

access. In the example shown in Figure 19.16, VPN technology can be used to partition the company LAN

to restrict Workstation 1 access to Server A and C only, while allowing Workstation 2 access to Server B

and C. The partitioning will prevent a user at Workstation 1 from intercepting and reading the traffic

between Workstation 2 and Server B.

Methods of VPN Deployment

Some form of VPN gateway is necessary to connect a private network to the Internet. The gateway can

be a stand-alone hardware device, or a software component integrated into an existing firewall or

router. In the case of remote access, remote users typically run software applications on their own

computers.

Remote accessserver

Modem

Modem

Home basedPC

Roaming user

Private

network(LAN)

Telephonenetwork

FIGURE 19.9 Remote access using a Remote Access Server.

Modem

Modem

Home basedPC

Roaming user

Privatenetwork(LAN)

VPN gateway(Firewall)

Router

Internet

FIGURE 19.10 Remote access via the Internet.


7/28/2019 9854_c019


Software Integration

This type of deployment involves the installation of software on existing equipment. In all cases, per-

formance degradation may be a problem.

Routers: Many commercial routers support the addition of VPN software. The processing required for

tunneling, etc. may reduce the throughput of the router in cases where the traffic load is high, since all

processing is done in software.

Firewalls: Many companies view their firewall as the central component of their network security plan.

Firewalls often make provision for the addition of a VPN capability. Again, because of the high process-ing requirement for both the firewall functionality and VPN service, the throughput may be severely

degraded [3].

Servers: Another way to deploy a VPN is to install a software-based VPN on a server. Operating system

suppliers and third-party vendors offer VPN applications that are able to link users via a VPN. The soft-

ware can be installed on existing servers, allowing the existing network configuration to remain intact.

Office Anetwork

Office Cnetwork

Office Bnetwork

Internet

FirewallFirewall

Firewall

Router

Router

Router

Router

Router

Router

Internet

L e a s

e d l i n

e

L e a s e d l i n e

L e a s e d

l i n e

FIGURE 19.11 Traditional site-to-site communication.

Office Anetwork

Office Bnetwork

Office Cnetwork




Router

Router

Router

Internet

FIGURE 19.12 Site-to-site VPN.


7/28/2019 9854_c019


Stand-alone Hardware

As an alternative, VPNs may be implemented on dedicated, stand-alone devices that are specifically

designed for tunneling, encryption, and user authentication. These devices are easier to install than to

modify existing firewalls or routers, and, in general, they are much more efficient in terms of throughput

than software-based solutions.

Router

Router

Router

Router

Firewall

Firewall

Internet

Internet

Company Registeredcustomer

Leased line

FIGURE 19.13 Enabling customer access to the private network.



Router Router

Company InternetRegisteredcustomer

FIGURE 19.14 Enabling customer access via a VPN.

Server A Server B

Server C

Company LAN

Workstation 2Workstation 1

FIGURE 19.15 Company LAN with no access restrictions.


7/28/2019 9854_c019


Advantages of a VPN

The advantages of using a VPN for connectivity all hinge on one aspect — saving money while employ-

ing strong security. A few of the advantages are:● Existing infrastructure: The Internet can be used to provide distributed network services over long

distances, and this eliminates the need to create WANs based on expensive leased lines. Using the

Internet for remote access leads to substantial savings, since remote users can dial in to a local serv-

ice provider and gain access to the company network via the Internet.● Simpler connectivity : It is much easier and cheaper to connect offices using the existing Internet

infrastructure than to install leased lines.● Availability : In general, the availability of the Internet’s communication infrastructure is much

higher than with dedicated leased lines. The Internet has a high degree of redundancy — if one

link fails, another link is available to carry the traffic.● Maintenance: The cost, time, and resources necessary to maintain and administer a VPN are much

less than for a WAN. Furthermore, an organization typically does not need to maintain a dial-in

facility to accommodate remote users.● Flexibility : By using the Internet as part of the network infrastructure, companies are no longer

bound by long-term contracts as required by leased-line providers. In general, it is easier to change

Internet service providers.● Extranet applications: Organizations can allow trusted parties access to certain resources on the

private network through an extranet facility. This promotes customer relations and enhances

communication with partner organizations, etc.

Competing VPN Deployment Protocols

In recent years, four different protocols have been suggested for creating a VPN over the Internet:

● point-to-point tunneling protocol (PPTP),● layer-2 forwarding protocol (L2F),

Server A Server B

Server C

Company LAN

Workstation 2

Workstation 1

FIGURE 19.16 Virtual private LANs.


7/28/2019 9854_c019


● layer-2 tunneling protocol (L2TP), and● IP security protocol (IPSec).

One reason for the number of protocols is that, for some companies, a VPN is a substitute for remote-

access servers, allowing mobile users and branch offices to dial into the protected corporate network via

their local ISP. For others, a VPN may consist of traffic traveling in secure tunnels over the Internet betweenprotected LANs. The protocols that have been developed for VPNs reflect this dichotomy. PPTP, L2F, and

L2TP are largely aimed at dial-up VPNs, while IPSec’s main focus has been on LAN-to-LAN solutions.

PPTP : Currently, the most commonly used protocol for remote access to the Internet is the point-to-

point protocol (PPP). PPP provides a standard method for transmitting IP datagrams over serial point-

to-point links, and provides three functions:

● A method for encapsulating IP Datagrams over serial links.● An extensible Link Control Protocol (LCP).● A family of Network Control Protocols (NCP) for establishing and configuring different network-

layer protocols.

The PPTP is an extension of PPP, to provide remote access that can be tunneled through the Internet to a des-tination site. PPTP was developed primarily by Microsoft, and at one time enjoyed the status of a de facto stan-

dard. PPTP creates a secure tunnel in which encrypted PPP packets are sent as IP datagrams over the Internet.

PPTP utilizes the authentication mechanisms within PPP, namely the password authentication proto-

col (PAP) and Challenge/Handshake Authentication Protocol (CHAP). For encryption, PPTP derives a

40-bit encryption key from the hashed password stored on the client and the server.

Besides the relative simplicity of client support for PPTP, one of the protocol’s main advantages is that

PPTP is designed to run at open systems interconnection (OSI) Layer 2, or the link layer, as opposed to

IPSec, which runs at Layer 3. By supporting data communications at Layer 2, PPTP can transmit proto-

cols other than IP over its tunnels. As currently implemented, PPTP encapsulates PPP packets using a

modified version of the generic routing encapsulation (GRE) protocol, which gives PPTP the flexibility of handling protocols other than IP, such as Internet packet exchange (IPX) and network basic input/out-

put system extended user interface (NetBEUI).

PPTP does have some limitations: it does not provide strong encryption for protecting data, nor does

it support any token-based methods for authenticating users. Hence, it is not likely that PPTP will become

a formal standard endorsed by any of the standard bodies, like the IETF.

L2F : L2F emerged during the early stages of VPN development, and was designed by Cisco Systems.

Like PPTP, L2F is intended as a protocol for tunneling traffic from users to their corporate sites. L2F pro-

vides tunneling for the encapsulation of non-IP packets, and thus it is able to work directly with other

media such as frame relay, X.25, or asynchronous transfer mode (ATM).

Similar to PPTP, L2F uses PPP for authentication of the remote user, but it also includes support forterminal access controller access control system (TACACS)+ and RADIUS for authentication. L2F also

differs from PPTP in that it allows tunnels to support more than one connection.

L2TP : In an effort to combine the different functionalities of PPTP and L2F, the IETF has proposed the

Layer Two Tunneling Protocol (L2TP). This protocol is able to tunnel PPP traffic over a variety of net-

works (e.g., IP, X.25, SONET, frame relay, and ATM), using its own tunneling protocol.

Because it uses PPP for dial-up links, L2TP includes the authentication mechanisms within PPP,

namely PAP and CHAP. However, PPTP, L2F, and L2TP do not all include encryption, or facilities for

management of cryptographic keys. The current L2TP draft standard recommends that IPSec be used for

encryption and key management over IP networks.

IPSec : IPSec emerged from efforts to secure IP packets, when the next generation of IP (i.e., IPv6) wasbeing developed; it can now be used with IPv4 protocols as well. IPSec is generally considered the best

VPN solution for IP environments, since it provides strong security measures — notably encryption,

authentication, and key management.

However, IPSec is mainly intended to handle IP packets, and therefore PPTP and L2TP will probably

remain the first choice for a multi-protocol non-IP environment, such as NetBEUI, IPX, and AppleTalk.


7/28/2019 9854_c019


Benefits of IPSec

Applying IPSec in a firewall gives the following benefits:

● Strong security can be applied to all traffic crossing a firewall if IPSec is implemented on the

firewall.● If IPSec is implemented on the firewall, traffic on the private network does not incur the overhead

of security-related processing.● IPSec in a firewall is resistant to bypassing if all traffic from the untrusted network must use IP and

the firewall is the only access point to the local (trusted) network.● IPSec operates below the transport layer (e.g., TCP) and is thus transparent to applications. There

is no need to change software on a user or server system when IPSec is implemented in the firewall

or router. Even if IPSec is implemented in end systems, application-layer software is not affected.

19.6 ConclusionThis article provides a short overview of VPN and the IPsec protocol, one of the technologies available

for implementing VPNs. IPSec provides a powerful and flexible security framework for secure commu-

nication over the Internet, by means of the following security functions:

● Authentication: Ensures that a packet comes from the claimed source and was not altered in transit.● Confidentiality : Prevents unauthorized disclosure of packet contents as well as the monitoring of

network traffic.● Key management: Establish an infrastructure for the secure management and exchange of crypto-

graphic keys over insecure links.

IPSec provides two modes of operation, transport and tunnel modes, that are implemented by means

of the Authentication Header and Encapsulating Security Payload protocols. The transport mode is gen-

erally used for secure end-to-end communication, while the tunnel mode can be used for host-to-host or

network-to-network communication.

It is important to note that although VPNs are mostly used for the Internet, they are not restricted to this

environment. VPNs can be used over any public network to give secure, private communication.

Furthermore, IPSec can provide robust security services for other popular protocols, such as PPTP or L2TP.

References

[1] Brown, S., Implementing Virtual Private Networks, McGraw-Hill, New York, 1999.[2] Comer, D. and D. Stevens, Internetworking with TCP/IP , Vol. 1: Principle, Protocols and Architectures,

Prentice-Hall, Englewood Cliffs, NJ, 2000.[3] Cheswick, W.R. and S.M. Bellovin, Firewalls & Internet Security: Repelling the Wily Hacker ,

Addison-Wesley, Reading, MA, 1994.[4] Deering, S. and R. Hinden, Internet Protocol, Version 6 (IPv6) Specification, RFC 2460, 1998.

http://www.ietf.org/rfc/rfc2460.txt[5] Frankel, S., Demystifying the IPSec Puzzle, Artech House, Norwood, MA, 2001.[6] Harkins, D. and D. Carrel, The Internet Key Exchange (IKE), RFC 2409, 1998. http://www.ietf.

org/rfc/rfc2409.txt[7] Kent, S. and R. Atkinson, IP Authentication Header, RFC 2402, 1998. http://www.ietf.org/rfc/rfc

2402.txt[8] Markham, T., Internet security protocol, Dr. Dobb’s Journal, pp. 70–77, June 1997.[9] Maughan, D., M. Schertler, M. Schneider, and J. Turner, Internet Security Association and Key

Management Protocol (ISAKMP), RFC 2408, 1998. http://www.ietf.org/rfc/rfc2408.txt[10] Metz, C., The latest in virtual private networks: part 1, IEEE Internet Computing , Vol. 7, no. 1, pp.

87–91, Jan./Feb. 2003.


http://www.ietf.org/

http://www.ietf.org/

7/28/2019 9854_c019


[11] The Internet Engineering Task Force: http://www.ietf.org[12] The Virtual Private Network Consortium: http://www.vpnc.org

http://www.vpnc.org/

http://www.vpnc.org/

9854_c019

Documents