SEMINAR ON VIRTUAL PRIVATE NETWORK

PREPARED BY: NIHAR M. BAXI (ROLL NO.4) MIHIR V. JOSHI (ROLL NO.16) GUIDED BY: G.T CHAVAN SIR

VIRTUAL PRIVATE NETWORK



Definition and introductory notes VPN is the network which uses open distributed infrastructure of the internet to transmit data between corporate sites.

NEED FOR DEVELOPING VPN

Remote employees interested to access database of corporations.  Corporate sites developing new relations.  Increasing growth of the corporation.


VPN RESOLVES THE PROBLEM

It provides flexibility and scalability  Cost advantage.  Makes free from maintenance and training.


WORKING OF VPN
STEP1  STEP2  STEP3  STEP4


WORKING-STEP1 (cont)


The remote user dials into their local ISP and logs into the ISPs network as usual.

BACK

WORKING-STEP2 (cont)


When connectivity to the corporate network is desired, the user initiates a tunnel request to the destination Security server

BACK

WORKING-STEP3 (cont)


The user then sends data through the tunnel which encrypted by the VPN software before being sent over the ISP connection

BACK

WORKING-STEP4 (cont)


The destination Security server receives the encrypted data and decrypts.

TYPES OF VPN
VLL-Virtual leased lines.  VPRN-virtual private routed network.  VPDN-virtual private dial-up network.  VPLS-virtual private LAN segments.  Intranet VPN.  Extranet VPN.  Remote access VPN.


VIRTUAL LEASED LINES



Point to point link between two CPE IP tunnel between 2 ISP edge routers. Frames are relayed between IP tunnels.

VIRTUAL PRIVATE ROUTED NETWORK



Emulation of multisite WAN using internet. Packet forwarding at network layer. VPRN specific forwarding table at ISP routers that forwards the traffic.

VIRTUAL PRIVATE DIAL-UP NETWORK

On demand tunnel between remote user and corporate sites.  There are possible 2 tunnels. 1 compulsory tunnel. 2 voluntary tunnel.


COMPULSORY TUNNEL


In this scenario L2TP Access Contractor (LAC) acting as a dial or network access server extends a PPP session across a backbone using L2TP to a remote L2TP Network Server (LNS). The operation of initiating the PPP session to the LAC is transparent to the user. BACK

VOLUNTARY TUNNEL


Voluntary tunnel refers to the case where an individual host connects to a remote site using a tunnel originating on the host, with no involvement from intermediate network nodes. Tunnel mechanism chosen can be IPSec or L2TP.

VIRTUAL PRIVATE LAN SEGMENTS



A Virtual Private LAN Segment (VPLS) is the emulation of a LAN segment using internet facilities.

INTRANET VPN


The branch office scenario securely connects two trusted intranets within the organization. Routers or firewalls acting as gateways for the office with vpn capabilities can be used to protect the corporate traffic.

EXTRANET VPN


In this scenario multiple supplier intranets that need to access a common corporate network over the Internet. Each supplier is allowed access to only a limited set of destinations within the corporate network.

REMOTE ACCESS VPN



A remote user wants to be able to communicate securely and cost-effectively to his corporate intranet. This can be done by use of an VPN IPSec enabled remote client and firewall (or gateway).

TUNNELING


tunneling is the process of placing an entire packet within another packet and sending it over a network.

Tunneling requires three different protocols

1 Carrier protocol 2 Encapsulating protocol 3 Passenger protocol

EXAMPLE OF TUNNELING

TUNNELING (cont)


The truck is the carrier protocol, the box is the encapsulating protocol and the computer is the passenger protocol.

VPN PROTOCOLS
1. PPTP (Point-to-point tunneling protocol)  2. IPsec (IP security).  3. L2TP (layer2 transmission protocol).


LAYER2 TRANSMISSION PROTOCOL

What is actually the layer two transmission protocol ???

NEXT

POINT TO POINT TUNNELING PROTOCOL

Introduction to PPTP.  How actually PPTP works ???  Security provided by PPTP.  Advantages of PPTP.  Disadvantages of PPTP.


BACK

INTERNET PROTOCOL SECURITY

Introduction to IP security.  Features of IP security.  Types of IPsec protocols.  Types of modes used in IPsec.


BACK

SECURITY OF VPN

Hardware solution  Remote access control.



CERTAIN H/W AND S/W SPECIFICATIONS

 

  

Desktop software client for each remote user Dedicated hardware such as a VPN Concentrator or Secure PIX Firewall Dedicated VPN server for dial-up services NAS (Network Access Server) used by service provider for remote user VPN access

VPN CONCENTRATOR


It incorporates the most advanced encryption and authentication techniques for Remote access VPN.

VPN-OPTIMIZED ROUTER


VPN-optimized routers provide scalability, routing, security and quality of service.

PIX FIREWALL


Firewall combines dynamic network address translation, proxy server, packet filtration, firewall and VPN capabilities in a single piece of hardware.

VPN/VOIP Application

ADVANTAGES OF VPN

Cost saving.  Reduces the long distance charges of electronic transactions.  Concrete security.


DISADVANTAGES OF VPN
VPNs require an in-depth understanding of public network security issues and taking proper precautions in VPN deployment. The availability and performance of an organization's wide-area VPN (over the Internet in particular) depends on factors largely outside of their control. VPN technologies from different vendors may not work well together due to immature standards.

CONCLUSION


From this we can conclude that VPN provides a very safe , secure and cost-effective communication infrastructure.

ANY QUERIES ???

THANKING YOU !!!