Chapter 12: VPN Connectivity in Remote Access Designs - PowerPoint PPT Presentation

About This Presentation

Title:

Chapter 12: VPN Connectivity in Remote Access Designs

Description:

Routing and Remote Access in Microsoft Windows 2000 includes. Remote access client ... Encrypt confidential data. Microsoft Point-to-Point Encryption (MPPE) ... – PowerPoint PPT presentation

Number of Views:70

Avg rating:3.0/5.0

Slides: 24

Provided by: higheredM

Category:

more less

Transcript and Presenter's Notes

Title: Chapter 12: VPN Connectivity in Remote Access Designs

1
Chapter 12 VPN Connectivity in Remote Access
Designs

Designs That Include VPN Remote Access
Essential VPN Remote Access Design Concepts
Data Protection in VPN Remote Access Designs
VPN Remote Access Design Optimization

2
VPN Remote Access Solutions
3
Routing and Remote Access and VPN

Virtual private network (VPN) gives control over
Authorized user accounts
Security methods
Resources to be accessed
Uses Point-to-Point Tunneling Protocol (PPTP) and
Layer 2 Tunneling Protocol (L2TP)
VPN and Remote Authentication Dial-In User
Service (RADIUS) solutions differ in many ways.

4
Routing and Remote Access and Windows 2000

Routing and Remote Access in Microsoft Windows
2000 includes
Remote access client
Remote access server

5
VPN Clients and Servers
6
VPN Remote Access Design Review

Amount of data transmitted
Number of locations
Existing Internet connections
Plans for network growth
Number of simultaneous clients
Operating systems used by clients
Protocols used by clients

7
VPN Remote Access Design Decisions

Integration into existing network
Hardware requirements for servers
Protection for confidential data
Availability to remote access users
Optimization of network traffic

8
VPN Remote Access Designs

A third party provides connectivity.
Cost reduction is an advantage.
Some dial-up security is not available.
Caller ID detection
Remote user callback
Authentication protocol for dial-up connection
Password security features

9
VPN Remote Access Scenario
10
Number of VPN Remote Access Servers

Determine the maximum number of users.
Determine the sustained data rate.
Perform a pilot test.
Calculate the number of servers.

11
Placing VPN Remote Access Servers

Placement goals
Centralize administration
Reduce costs
Reduce network traffic
Single location
Multiple locations
Adjacent to resources

12
Single Location Configuration

Provide enough PPTP or L2TP virtual ports.
Advantages
Centralized administration
Lower administration costs
Disadvantages
Increased network traffic on segments
No redundancy

13
Multiple Location Configuration

Provide enough PPTP or L2TP virtual ports.
Advantages
Reduced network traffic between locations
Redundancy
Disadvantages
Decentralized administration and support
Increased administration costs

14
Placing VPN Servers Near Resources

Reduces the segments traversed
Improves performance for remote access clients

15
Remote Access Client Support

Virtual ports
PPTP
L2TP
Transport protocols determined by client needs
Network address assignment methods
Allocate manually
Allocate automatically using Dynamic Host
Configuration Protocol (DHCP)

16
Preventing Unauthorized Access

Restrict remote access to resources on the
server.
Use filters to restrict traffic on servers.
Place VPN servers for security
Outside the private network
On screened subnets
Within the private network

17
Placing VPN Servers Outside the Private Network
18
Placing VPN Servers on Screened Subnets
19
Placing VPN Servers Inside the Private Network
20
Protecting Remote Access Data