Scribd Logo
Upload

Welcome to Scribd!

  • Curso CCSA - Aula 09 - V1.1

    Uploaded by

    seid
    22 views32 pages
    This document discusses VPN concepts including site-to-site and remote access VPNs. It covers VPN types, topologies like meshed and star, and authentication methods. Labs are presented on configuring site-to-site VPNs in meshed and star topologies as well as remote access VPN using SecureClient. Checkpoint products discussed include SecureClient, SecureRemote, Endpoint Security, and SSL Network Extender. The objective is to explain VPN concepts and complete hands-on labs to configure different VPN scenarios.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses VPN concepts including site-to-site and remote access VPNs. It covers VPN types, topologies like meshed and star, and authentication methods. Labs are presented on configuring site-to-site VPNs in meshed and star topologies as well as remote access VPN using SecureClient. Checkpoint products discussed include SecureClient, SecureRemote, Endpoint Security, and SSL Network Extender. The objective is to explain VPN concepts and complete hands-on labs to configure different VPN scenarios.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views32 pages

    Curso CCSA - Aula 09 - V1.1

    Uploaded by

    seid
    This document discusses VPN concepts including site-to-site and remote access VPNs. It covers VPN types, topologies like meshed and star, and authentication methods. Labs are presented on configuring site-to-site VPNs in meshed and star topologies as well as remote access VPN using SecureClient. Checkpoint products discussed include SecureClient, SecureRemote, Endpoint Security, and SSL Network Extender. The objective is to explain VPN concepts and complete hands-on labs to configure different VPN scenarios.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 32

    Preparatório para a certificação

    Checkpoint CCSA - Aula 09

    VPN (Virtual Private Network)

    Cícero Campelo | cicero@cloudcampus.com.br


    OBJETIVO DE AULA

    • Conceito de VPN
    • Tipos de VPN
    • Client-Based vs. Clientless
    • VPN IPSec Site-to-Site
    – Meshed / Star
    • VPN Remote Access
    – SecureRemote / SecureClient / Endpoint Security
    • Lab 21 – VPN Site to Site (Meshed)
    • Lab 22 – VPN Site to Site (Star)
    • Lab 22 – VPN Remote Access

    www.CloudCampus.com.br 2
    VPN (Virtual Private Network)

    www.CloudCampus.com.br 3
    Blade IPSec VPN

    www.CloudCampus.com.br 4
    Policy Server

    www.CloudCampus.com.br 5
    Tipos de VPN

    • Site to site

    • Cliente to site

    www.CloudCampus.com.br 6
    Client-Based vs. Clientless

    • Client-based
    – Agente / Cliente VPN instalado
    – Check Point
    • SecureClient / SecureRemote / Endpoint Security
    • Clientless
    – Sem Agente / Ciente VPN Instalado
    – Browser: ActiveX (CheckPoint) / Java (outros)
    – Check Point
    • SSL Network Extender

    www.CloudCampus.com.br 7
    VPN Site to Site

    www.CloudCampus.com.br 8
    VPN Site to Site

    Host 1

    Host 6

    www.CloudCampus.com.br 9
    VPN Communities
    Topologia

    www.CloudCampus.com.br 10
    VPN Communities

    www.CloudCampus.com.br 11
    Meshed VPN Community

    www.CloudCampus.com.br 12
    Meshed VPN Community

    www.CloudCampus.com.br 13
    Meshed VPN Community

    www.CloudCampus.com.br 14
    Star VPN Community

    www.CloudCampus.com.br 15
    Star VPN Community

    www.CloudCampus.com.br 16
    Star VPN Community

    www.CloudCampus.com.br 17
    Star VPN Community

    www.CloudCampus.com.br 18
    VPN Remote Access
    (Client to Site)

    www.CloudCampus.com.br 19
    Routing VPN Traffic

    • Domain Based VPN:


    – Roteamento do tráfego de VPN baseado em
    domínios de VPN (VPN Domains) definidos em cada
    Security Gateway.

    • Route Based VPN:


    – Roteamento do tráfego de VPN baseado na
    configuração de rotas (rotas estáticas ou dinâmicas)
    do sistema operacional de cada Security Gateway.

    www.CloudCampus.com.br 20
    Esquemas de Autenticação

    • Certificados Digitais
    • Pre-shared secrets
    • Hybrid mode
    – One Time Password
    – Security Gateway Password
    – OS Password
    – RADIUS
    – SAA (third party authentication / biometria)

    www.CloudCampus.com.br 21
    Office Mode

    www.CloudCampus.com.br 22
    Office Mode

    www.CloudCampus.com.br 23
    Office Mode

    • SecureClient
    • Endpoint Connect
    • SSL Network Extender
    • Crypto
    • L2TP

    www.CloudCampus.com.br 24
    Desktop Security

    www.CloudCampus.com.br 25
    Desktop Security

    www.CloudCampus.com.br 26
    L2TP Clients

    www.CloudCampus.com.br 27
    Configuração VMware - Labs

    www.CloudCampus.com.br 28
    Lab 21 - VPN Site to Site (Meshed)

    www.CloudCampus.com.br 29
    Lab 22 - VPN Site to Site (Star)

    www.CloudCampus.com.br 30
    Lab 23 - VPN Remote Access
    SecureClient

    www.CloudCampus.com.br 31
    Dúvidas?

    www.CloudCampus.cc
    info@cloudcampus.cc
    +55-11-3662-3832

    You might also like