0% found this document useful (0 votes)

86 views24 pages

Chapter 07 CompSec

network security

Uploaded by

Berrezeg Mahieddine

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

86 views24 pages

Chapter 07 CompSec

network security

Uploaded by

Berrezeg Mahieddine

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 24

Network Defense and

Countermeasures
Sir. Ahmad Kamalrulzaman Othman
FSKM, UiTM Johor

Chapter 7: Virtual Private Networks

Objectives

Use a virtual private network (VPN)

Use point-to-point tunneling protocol (PPTP)
as an encryption tool for VPNs
Use layer 2 tunneling protocol (L2TP) as an
encryption tool for VPNs
Add security and privacy to a communication
using IPSec
Understand and evaluate VPN solutions

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Introduction
Virtual private networks (VPNs) provide users
of your network the ability to establish a secure
remote connection to the network as if they
were connecting locally. VPNs provide a
solution to the administrators need for security
in remote connections while solving the users
need to connect from virtually anywhere.

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Basic VPN Technology

Data is encapsulated with a header and

transmitted over the Internet
Does not require additional technologies
Multiple methods of connection are available:

Dial-up and modem bank

High-speed (DSL, cable-modem, etc.)

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Basic VPN Technology cont.

Remote users are not the only beneficiaries

Site-to-site connections can also be made
Allows an organization to move away from
expensive dedicated data lines

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Using VPN Protocols for VPN

Encryption

Point-to-Point Tunneling Protocol (PPTP)

PPTP Authentication
Layer 2 Tunneling Protocol (L2TP)
L2TP Authentication

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Using VPN Protocols for VPN

Encryption cont.

MS-CHAP
PAP
SPAP
IPSec

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

VPN Protocols cont.

PPTP

Enables PPP to be encapsulated in IP

Older protocol than L2TP and IPSec
Consumes fewer resources than L2TP and IPSec
Originally proposed as a standard in 1996
Most VPN vendors support it
Operates at layer 2 of the OSI model
Supports IPX and Net-BEUI transmissions

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

VPN Protocols cont.

PPTP (Continued)

Supports two types of tunneling:

Voluntary
Compulsory

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

VPN Protocols cont.

PPTP Authentication

Extensible Authentication Protocol (EAP)

Challenge Handshake Authentication Protocol
(CHAP)

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

VPN Protocols cont.

L2TP

Enhancement to PPTP
Considered less secure than IPSec
Not uncommon to be used in conjunction with
IPSec

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

VPN Protocols cont.

L2TP Authentication

EAP
CHAP
MS-CHAP
PAP
SPAP

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

L2TP Authentication cont.

MS-CHAP

Microsoft-specific extension to CHAP

There are differences between CHAP and MS-CHAP

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

MS-CHAP v. CHAP

Response packet formatted for Windows

compatibility
Does not require the authenticator to store a
clear-text or reversibly encrypted password
Provides retry and password changing
mechanisms
Defines a set of reason-for-failure codes

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

L2TP Authentication
PAP

Password Authentication Protocol

Most basic form of authentication
Username and password transmitted in clear text

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

L2TP Authentication cont.

SPAP

Shiva Password Authentication Protocol

Proprietary version of PAP
Encrypted username and password
Susceptible to Playback attack

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

L2TP Compared to PPTP

L2TP

PPTP

Non IP networks Yes, L2TP can

No, IP only
work over X.25
networks and ATM
networks
Encryption
Yes, using IPSec Yes, using MPPE
Authentication

2006 by Pearson Education, Inc.

Yes, using EAP, Yes, EAP, CHAP

MS-CHAP, CHAP,
SPAP, and PAP
Chapter 7 Virtual Private Networks

L2TP Additional Resources

The following sites provide additional

information on L2TP:

Wikipedia: en.wikipedia.org/wiki/L2TP
Cisco:
www.cisco.com/univercd/cc/td/doc/product/softwa
re/ios120/120newft/120t/120t1/12tpt.htm

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

IPSec

Short for Internet Protocol Security

Developed by the Internet Engineering Task
Force (IETF)

www.ietf.org

Two encryption modes:

Transport & Tunnel

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

IPSec cont.

Other protocols used with IPSec:

Authentication Header (AH)

Encapsulated Security Payload (ESP)
IPComp (IP Payload compression)
Internet Key Exchange (IKE)

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

IPSec cont.

Additional details can be found at these sites:

The IPSec FAQ

The High Performance Computing Group
IPSec for Free BSD

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Implementing VPN Solutions

Built-in solutions
Cisco Solutions
Service Solutions
Free S/WAN
Other solutions

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Summary

VPNs provide a secure way of connecting

remote users to the network
L2TP, PPTP, IPSec are protocols that can be
used
PPTP is based on the PPP
It is essential to understand the OSI model in
relation to how protocols interact and
communicate

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Summary cont.

There are various VPN solutions that can be

implemented
Solutions built into an operating system may
not provide adequate features for large
companies

2006 by Pearson Education, Inc.

Chapter 7 Virtual Private Networks

Unit 17 - Network Security - Assignment
100% (1)
Unit 17 - Network Security - Assignment
70 pages
Virtual Private Network
No ratings yet
Virtual Private Network
56 pages
SonicWALL VPN With Red Hat Linux
100% (2)
SonicWALL VPN With Red Hat Linux
4 pages
Synopsis VPN
100% (2)
Synopsis VPN
4 pages
Cryptography 1st Edition William J. Buchanan All Chapters Instant Download
100% (1)
Cryptography 1st Edition William J. Buchanan All Chapters Instant Download
82 pages
8.7.1.3 Lab - (Optional) Configuring A Remote Access VPN Server and Client - Instructor
No ratings yet
8.7.1.3 Lab - (Optional) Configuring A Remote Access VPN Server and Client - Instructor
30 pages
Kartik - SR Network
No ratings yet
Kartik - SR Network
7 pages
Cross-Site Tracing (XST) PDF
No ratings yet
Cross-Site Tracing (XST) PDF
14 pages
Virtual Private Network
No ratings yet
Virtual Private Network
16 pages
Firewall and Ips Design Guide
No ratings yet
Firewall and Ips Design Guide
106 pages
QVF7303 UserManual Eng
No ratings yet
QVF7303 UserManual Eng
246 pages
Tibbs PPT 8
No ratings yet
Tibbs PPT 8
36 pages
Quidway Eudemon 200E-B Firewall Feature Description (V100R002 - 01)
No ratings yet
Quidway Eudemon 200E-B Firewall Feature Description (V100R002 - 01)
229 pages
VPN RSVP
No ratings yet
VPN RSVP
24 pages
Survey On Information Assurance: Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis
No ratings yet
Survey On Information Assurance: Presented by Viswesh Prabhu Subramanian Gregory Michel Lincoln Jean Louis
58 pages
CN Topic 12
No ratings yet
CN Topic 12
32 pages
Security Protocols IoT Springer
No ratings yet
Security Protocols IoT Springer
29 pages
Chapter 06 Virtual Private Network
No ratings yet
Chapter 06 Virtual Private Network
28 pages
OK 69-VPN+Concept
No ratings yet
OK 69-VPN+Concept
6 pages
INS Printout
No ratings yet
INS Printout
19 pages
Virtual Private Networks (VPN)
No ratings yet
Virtual Private Networks (VPN)
40 pages
An Introduction To VPN Technology
No ratings yet
An Introduction To VPN Technology
56 pages
A2005552723 - 11002 - 30 - 2019 - Lec 38 VPN
No ratings yet
A2005552723 - 11002 - 30 - 2019 - Lec 38 VPN
27 pages
Certified User Management Engineer (MTCUME) : Duration: Outcomes
No ratings yet
Certified User Management Engineer (MTCUME) : Duration: Outcomes
6 pages
VPN: Virtual Private Network
100% (1)
VPN: Virtual Private Network
30 pages
04-Cisco IOS-XR Overview PDF
No ratings yet
04-Cisco IOS-XR Overview PDF
90 pages
These Iso 27002
No ratings yet
These Iso 27002
55 pages
Building IPSEC VPNS Using Cisco Routers: © 2003, Cisco Systems, Inc. All Rights Reserved. SECUR 1.0 - 9-1
No ratings yet
Building IPSEC VPNS Using Cisco Routers: © 2003, Cisco Systems, Inc. All Rights Reserved. SECUR 1.0 - 9-1
118 pages
NSC Topic 10 - With Additional Notes
No ratings yet
NSC Topic 10 - With Additional Notes
58 pages
VPN Debug ISAKMP - IKE Phase 1 Connections
No ratings yet
VPN Debug ISAKMP - IKE Phase 1 Connections
10 pages
Trixbox Without Tears
No ratings yet
Trixbox Without Tears
209 pages
Extreme SIEM Admin Guide
No ratings yet
Extreme SIEM Admin Guide
304 pages
Diapositivas VPN
No ratings yet
Diapositivas VPN
12 pages
C&NS Unit V R19
No ratings yet
C&NS Unit V R19
36 pages
Virtual Private Network
No ratings yet
Virtual Private Network
8 pages
Virtual Private Network
100% (1)
Virtual Private Network
29 pages
Virtual Private Network
No ratings yet
Virtual Private Network
37 pages
NSC Topic 10
No ratings yet
NSC Topic 10
14 pages
3a IPsec VPN
No ratings yet
3a IPsec VPN
97 pages
Virtual Private Network: Internal Guide: Created By: Mr. Pravin Madha Nisarg Khandhar
No ratings yet
Virtual Private Network: Internal Guide: Created By: Mr. Pravin Madha Nisarg Khandhar
20 pages
Virtual Private Network
No ratings yet
Virtual Private Network
8 pages
SANS 512 Indexes
No ratings yet
SANS 512 Indexes
29 pages
Premium VPN
No ratings yet
Premium VPN
44 pages
05 VPN
No ratings yet
05 VPN
23 pages
05 VPN
No ratings yet
05 VPN
23 pages
Virtual Private Network (VPN)
No ratings yet
Virtual Private Network (VPN)
19 pages
Unit-6 Network Security and Public Key Infrastructure
No ratings yet
Unit-6 Network Security and Public Key Infrastructure
36 pages
2018 2019 Huawei ICT Competition Global Final Network Track Exam
No ratings yet
2018 2019 Huawei ICT Competition Global Final Network Track Exam
15 pages
3RD YEAR Network Infrastructure and Directory Services
No ratings yet
3RD YEAR Network Infrastructure and Directory Services
101 pages
Dumpsfree: Dumpsfree Provide High-Quality Dumps Vce & Dumps Demo
No ratings yet
Dumpsfree: Dumpsfree Provide High-Quality Dumps Vce & Dumps Demo
4 pages
Chapter1-Vpn Fundamentals - With - Comments - FR
No ratings yet
Chapter1-Vpn Fundamentals - With - Comments - FR
39 pages
Electronic Voting 2pdf
No ratings yet
Electronic Voting 2pdf
40 pages
Ics MCQ Set
No ratings yet
Ics MCQ Set
22 pages
Networking Infrastructure and Protocols 06
No ratings yet
Networking Infrastructure and Protocols 06
27 pages
6.1 Introduction To VPN
No ratings yet
6.1 Introduction To VPN
15 pages
Virtual Private Network
No ratings yet
Virtual Private Network
16 pages
Unit 9: Private Virtual Interconnection
No ratings yet
Unit 9: Private Virtual Interconnection
44 pages
Virtual Private Networks
No ratings yet
Virtual Private Networks
24 pages
Chapter 5
No ratings yet
Chapter 5
27 pages
Prerequisites For Dynamic Multipoint VPN
No ratings yet
Prerequisites For Dynamic Multipoint VPN
46 pages
OSB V10 Datasheet
No ratings yet
OSB V10 Datasheet
6 pages
VPN Presentation
No ratings yet
VPN Presentation
15 pages
7
No ratings yet
7
10 pages
DMD Systimax
No ratings yet
DMD Systimax
45 pages
VPN
No ratings yet
VPN
44 pages
Slide Keamanan Jaringan 06
No ratings yet
Slide Keamanan Jaringan 06
33 pages
Computer Networks: Topic 12: Virtual Private Networks
No ratings yet
Computer Networks: Topic 12: Virtual Private Networks
32 pages
VPN RSVP
No ratings yet
VPN RSVP
24 pages
VPN IPSEC & SSL Technology - Security and Management Point of View
No ratings yet
VPN IPSEC & SSL Technology - Security and Management Point of View
6 pages
19.5.6 Lab - Configure A Site-to-Site VPN
No ratings yet
19.5.6 Lab - Configure A Site-to-Site VPN
15 pages
Virtual Private Network: Team 15
No ratings yet
Virtual Private Network: Team 15
31 pages
CS 265 Virtual Private Networks (VPN) Submitted by Aparna Chilukuri
No ratings yet
CS 265 Virtual Private Networks (VPN) Submitted by Aparna Chilukuri
7 pages
Lecture 5a - Virtual Private Networks
No ratings yet
Lecture 5a - Virtual Private Networks
33 pages
Virtual Private Networks
No ratings yet
Virtual Private Networks
16 pages
Topic 10 NSC
No ratings yet
Topic 10 NSC
7 pages
99 RemoteVPN Theory
No ratings yet
99 RemoteVPN Theory
4 pages
CF Syllabus
No ratings yet
CF Syllabus
1 page
VPNs
No ratings yet
VPNs
23 pages
Fortigate Fortiwifi 80F Series: Data Sheet
No ratings yet
Fortigate Fortiwifi 80F Series: Data Sheet
9 pages
VPN
No ratings yet
VPN
8 pages
Competitor: Virtual Tunnel
100% (1)
Competitor: Virtual Tunnel
14 pages
Electronic Voting
No ratings yet
Electronic Voting
9 pages
A Journal On The Topic OF VPN
No ratings yet
A Journal On The Topic OF VPN
8 pages
VPN
No ratings yet
VPN
15 pages
Fiber Polishing Handbook2
No ratings yet
Fiber Polishing Handbook2
5 pages
Windows Server Administrator Glossary
No ratings yet
Windows Server Administrator Glossary
9 pages
VPNpresentation
No ratings yet
VPNpresentation
26 pages
017 Fsso
No ratings yet
017 Fsso
13 pages
Virtual Private Network
No ratings yet
Virtual Private Network
7 pages
Implementing Cisco Network Security Exam (210-260) : Security Concepts Common Security Principles
No ratings yet
Implementing Cisco Network Security Exam (210-260) : Security Concepts Common Security Principles
4 pages
Virtual Private Networks (VPN)
No ratings yet
Virtual Private Networks (VPN)
38 pages
Site To Sitevirtual Private Networks (VPN'S)
No ratings yet
Site To Sitevirtual Private Networks (VPN'S)
33 pages
FactSheet - Ports For Cucm
No ratings yet
FactSheet - Ports For Cucm
3 pages
VPN: Virtual Private Network: Sushant Parab Sumeet Mondal Jayesh Nair Poonam Marathe
No ratings yet
VPN: Virtual Private Network: Sushant Parab Sumeet Mondal Jayesh Nair Poonam Marathe
31 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.