CCNA Voice 640-461- Part 3 historic voice-digital connectivity-part 1
CCNA site-to-site connectivity security
-
Upload
networkel -
Category
Technology
-
view
64 -
download
2
Transcript of CCNA site-to-site connectivity security
Copyright © www.networkel.com
5- Site-To-Site Connectivity Security
5.1 VPN
5.2 Site-To-Site GRE Tunnels & IPsec
Copyright © www.networkel.com
5.1 VPN
Copyright © www.networkel.com
VPN OVERVIEW
• Virtual Private Network
• Extends a private network across a public
network, such as the Internet
• Enables users to send and receive data
across shared or public networks as if their
computing devices were directly connected
to the private network
Copyright © www.networkel.com
BONUS SLIDE ( PROMOTION OFFER! )
• To get our CCNA 200-125 Full Video Training with %90 discount
click the link below now !
CCNA 200-125 VIDEO TRAINING (GET WITH %90 DISCOUNT)
Copyright © www.networkel.com
VPN BENEFITS
• Reduced cost : Everywhere is like an office
• Scalability : Internet based VPNs enable
organizations to use the Internet
infrastructure within ISPs and devices
• Security : Can provide high-level security
using advanced authorization and
encryption protocols
Copyright © www.networkel.com
VPN TYPES
• Site-To-Site VPN
• Remote Access VPN
• DMVPN
Copyright © www.networkel.com
SITE-TO-SITE VPN
• Allow employees in geographically disparate
offices to share one cohesive virtual network
• Hosts don't have VPN client software; they
send and receive normal TCP/IP traffic
through a VPN GW
• The VPN GW is responsible for
encapsulating and encrypting outbound
traffic, sending it through a VPN tunnel over
the Internet, to a peer VPN gateway at the
target site.
Copyright © www.networkel.com
REMOTE ACCESS VPN
• Allows employees to access their
company's intranet from home or
while travelling outside the office
• VPN client gains secure access to the
enterprise network via a VPN server
• VPN client software may be required
for connection
Copyright © www.networkel.com
DMVPN
• Dynamic tunneling form of a virtual
private network (VPN) supported on
Cisco IOS-based routers
• Provides easy configuration and
flexibility
• Can use Hub-To-Spoke Tunnels or
Hub-To-Spoke and Spoke-To-Spoke
tunnels
Copyright © www.networkel.com
5.2 Site-To-Site GRE Tunnels
Copyright © www.networkel.com
GRE OVERVIEW
• Tunneling protocol developed by
Cisco that allows the encapsulation
of a wide variety of network layer
protocols inside point-to-point links
• A virtual tunnel is created between
the two endpoints and packets are
sent through the GRE tunnel
• Most basic tunneling technique
Copyright © www.networkel.com
GRE FEATURES
• No flow control
• Non-secure
• GRE IP Protocol : 47
Copyright © www.networkel.com
GRE CONFIGURATION
R1 (Customer) R2 (ISP)
Tun 0 10.41.1.1 10.1.3.2GRE TUNNEL
Tun source 198.145.45.1
( Public IP )
Copyright © www.networkel.com
VERIFYING GRE CONFIGURATION
R1 (Customer) R2 (ISP)
Tun 0 10.41.1.1 10.1.3.2GRE TUNNEL
Tun source 198.145.45.1
( Public IP )
Copyright © www.networkel.com
5.3 IPsec
Copyright © www.networkel.com
IPsec OVERVIEW
• Protocol suite for secure IP
communications that works by
authenticating and encrypting each
IP packet of a communication
session
• Data travels securely from a private
network over a public network
• OSI Layer - 3
Copyright © www.networkel.com
IPsec SECURITY
• Confidentiality : Data is encrypted
before it is sent
• Integrity : Data's integrity is checked
and it is verified that data has not
been changed
• Authentication : Use IKE (Internet
Key Exchange ) to authenticate the
users and make sure that source is
reliable
Copyright © www.networkel.com
BONUS SLIDE ( PROMOTION OFFER! )
• To get our CCNA 200-125 Full Video Training with %90 discount
click the link below now !
CCNA 200-125 VIDEO TRAINING (GET WITH %90 DISCOUNT)