Submitted BY Mr.Milan Patel (110090107006) Mr.Vimal Gajera (110090107014) Submitted To Supervisor Prof. Saurabh Tandel Virtual Private Network (VPN) Department of Computer Engineering C. K. PITHAWALLA COLLEGE OF ENGINEERING AND TECHNOLOGY, SURAT
Jun 17, 2015
Submitted
BY
Mr.Milan Patel (110090107006)
Mr.Vimal Gajera (110090107014)
Submitted To
Supervisor
Prof. Saurabh Tandel
Virtual Private Network (VPN)
Department of Computer EngineeringC. K. PITHAWALLA COLLEGE OF ENGINEERING
AND TECHNOLOGY, SURAT
Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate.
It is virtual because it exists as a virtual entity within a public network
It is private because it is confined to a set of private users
What is VPN?
Provide users with secured remote access over the Internet to corporate resources
Connect two computer networks securely over the InternetExample: Connect a branch office
network to the network in the head office
Secure part of a corporate network for security and confidentiality purpose
Some Common Uses of VPN
Two connections – one is made to the Internet and the second is made to the VPN.
Datagrams – contains data, destination and source information.
Firewalls – VPNs allow authorized users to pass through the firewalls.
Protocols – protocols create the VPN tunnels.
Brief Overview of How it Works
Remote Access Over the Internet
User Authentication
Address Management
Data Encryption
Key Management
Multi-protocol Support
Basic VPN Requirements
User Authentication
VPN must be able to verify user authentication and allow only authorized users to access the network
Address Management
Assign addresses to clients and ensure that private addresses are kept private on the VPN
Data Encryption
Encrypt and decrypt the data to ensure that others on the not have access to the data
Key Management
Keys must be generated and refreshed for encryption at the server and the client
Note that keys are required for encryption
Multi-protocol Support
The VPN technology must support commons protocols on the Internet such as IP, IPX etc.
Four Protocols used in VPN
PPTP -- Point-to-Point Tunneling Protocol
L2TP -- Layer 2 Tunneling Protocol
IPsec -- Internet Protocol Security
SOCKS – is not used as much as the ones above
Point-to-Point Tunneling Protocol (PPTP)
Encapsulate and encrypt the data to be sent over a corporate or public IP network
Level 2 Tunneling Protocol ( L2TP)
Encrypted and encapsulated to be sent over a communication links that support user datagram mode of transmission Examples of links include X . 2 5,
Frame Relay and ATM
IPSec Tunnel Mode
Encapsulate and encrypt in an IP header for transmission over an IP network
VPN SecurityFIREWALLS
ENCRYPTION
IPSEC PROTOCOL
AAA SERVER
FIREWALLS
Symmetric-key encryption
Public-key encryption
ENCRYPTION
IPSEC PROTOCOL
AAA means Authentication, Authorization and Accounting servers
AAA then checks the following:
Who you are (authentication) What you are allowed to do
(authorization) What you actually do (accounting)
AAA SERVER
Tunneling involves the encapsulation, transmission and decapsulation of data packets
The data is encapsulated with additional headers
The additional headers provide routing information for encapsulated data to be routed between the end points of a tunnel
Tunneling
A virtual point-to-point connection made through a public network. It
transports encapsulated datagrams.
Tunneling (2)
Original Datagram
Encrypted Inner Datagram
Datagram Header Outer Datagram Data Area
Data Encapsulation [From Comer]
Tunneling (3)
Advantages VS.
Disadvantages
Eliminating the need for expensive long-distance leased lines
Reducing the long-distance telephone charges for remote access.
Transferring the support burden to the service providers
Operational costs
Cisco VPN Savings Calculator
Advantages: Cost Savings
Flexibility of growth
Efficiency with broadband technology
Advantages: Scalability
VPNs require an in-depth understanding of public network security issues and proper deployment of precautions
Availability and performance depends on factors largely outside of their control
Immature standards
VPNs need to accommodate protocols other than IP and existing internal network technology
Disadvantages
Large-scale encryption between multiple fixed sites such as remote offices and central offices
Network traffic is sent over the branch office Internet connection
This saves the company hardware and management expenses
Applications: Site-to-Site VPNs
Site-to-Site VPNs
Encrypted connections between mobile or remote users and their corporate networks
Remote user can make a local call to an ISP, as opposed to a long distance call to the corporate remote access server.
Ideal for a telecommuter or mobile sales people.
VPN allows mobile workers & telecommuters to take advantage of broadband connectivity. i.e. DSL, Cable
Applications: Remote Access
Healthcare: enables the transferring of confidential patient information within the medical facilities & health care provider
Manufacturing: allow suppliers to view inventory & allow clients to purchase online safely
Retail: able to securely transfer sales data or customer info between stores & the headquarters
Bankin g /Financial : enables account information to be transferred safely within departments & branches
General Business: communication between remote employees can be securely exchanged
Industries That May Use a VPN
Statistics From Gartner – Consulting*
50%
63%
79%
90%
0% 20% 40% 60% 80% 100%
Access to ne twork forbusiness
partners /customers
Site -to-s ite connectivitybe tween office s
Remote acce ss foremployees while
trave ling
Remote acce ss foremployees working out
of homes
% of Respondents
Percentages
*Source: www.cisco.com
CVS Pharmaceutical Corporation upgraded their frame relay network to an IP VPN
ITW Foilmark secured remote location orders, running reports, & internet / intranet communications w/ a 168 -bit encryption by switching to OpenReach VPN
Bacardi & Co. Implemented a 21 -country, 44-location VPN
Some Businesses using a VPN
VPNs are continually being enhanced. Example: Equant NV
As the VPN market becomes larger, more applications will be created along with more VPN providers and new VPN types.Networks are expected to converge to create an integrated VPNImproved protocols are expected, which will also improve VPNs.
Where Do We See VPNs Going in the Future?
THANK YOU !