Security Infrastructure Overview - VPN Suresh Ramasamy.
-
Upload
gwendoline-smith -
Category
Documents
-
view
215 -
download
1
Transcript of Security Infrastructure Overview - VPN Suresh Ramasamy.
![Page 1: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/1.jpg)
Security Infrastructure Security Infrastructure Overview - VPNOverview - VPN
Suresh RamasamySuresh Ramasamy
![Page 2: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/2.jpg)
AgendaAgenda
• What is VPN? What is VPN?
• Types of VPNTypes of VPN
• SSL vs IPsecSSL vs IPsec
• Design ConsiderationsDesign Considerations
• Questions? Questions?
![Page 3: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/3.jpg)
What is VPN? What is VPN?
• Virtual Private Network allows security Virtual Private Network allows security connectivity, either one to one, or one connectivity, either one to one, or one to many.to many.
![Page 4: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/4.jpg)
Your NetworkYour Network
![Page 5: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/5.jpg)
Why do you need VPN?Why do you need VPN?
• Secure access to your officeSecure access to your office
• Secure tunnelling through public Secure tunnelling through public network from one site to anothernetwork from one site to another
• Encrypted Encrypted
• To reach networks with private IP To reach networks with private IP allocation (RFC1918)allocation (RFC1918)
![Page 6: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/6.jpg)
Types of VPNTypes of VPN
• Remote Access VPNRemote Access VPN
• Site to Site VPNSite to Site VPN
![Page 7: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/7.jpg)
VPN – the big pictureVPN – the big picture
![Page 8: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/8.jpg)
Remote Access VPNRemote Access VPN
![Page 9: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/9.jpg)
Site to Site VPNSite to Site VPN
![Page 10: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/10.jpg)
SSL Based VPNSSL Based VPN
![Page 11: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/11.jpg)
SSL vs IPsecSSL vs IPsec
• SSL requires browser with 128bit SSL requires browser with 128bit encryption supportencryption support
• IPsec requires client (Windows some IPsec requires client (Windows some exceptions)exceptions)
• Mode of authentication, supports Mode of authentication, supports digital certificate and password based digital certificate and password based authenticationauthentication
• Multi factor capable for IPSec (device Multi factor capable for IPSec (device dependent)dependent)
![Page 12: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/12.jpg)
Design ConsiderationsDesign Considerations
• Placement of VPNPlacement of VPN– Inside or outside of firewall?Inside or outside of firewall?
• Type of AuthenticationType of Authentication– Password vs. Digital Certs?Password vs. Digital Certs?
• Factor of AuthenticationFactor of Authentication– Single Factor, Multi Factor, Token BasedSingle Factor, Multi Factor, Token Based– One time passwords? (RSA SecurID)One time passwords? (RSA SecurID)
![Page 13: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/13.jpg)
ResourcesResources
• http://mia.ece.uic.edu/~papers/volans/thttp://mia.ece.uic.edu/~papers/volans/table.htmlable.html
![Page 14: Security Infrastructure Overview - VPN Suresh Ramasamy.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649eaa5503460f94baf6fe/html5/thumbnails/14.jpg)
Suggestions? Suggestions?