VIRTUAL PRIVATE NETWORKS (VPN) - PowerPoint PPT Presentation
1 / 33
Title:
VIRTUAL PRIVATE NETWORKS (VPN)
Description:
IPsec, SSL/TLS, OpenVPN, PPTP, L2TP, L2TPv3, ... VIRTUAL PRIVATE NETWORKS (VPN) Author: Levon Last modified by: isbat Created Date: 11/14/2002 1:08:38 AM – PowerPoint PPT presentation
Number of Views:1312
Avg rating:3.0/5.0
Title: VIRTUAL PRIVATE NETWORKS (VPN)
1
VIRTUAL PRIVATE NETWORKS (VPN)
2
WAN Technology Comparison
3
WAN technology - PSTN
4
WAN technology X.25 and Frame Relay
5
WAN technology - ISDN
6
WAN technology T-Carrier
7
DSL Connectivity
8
WAN technology - SONET
9
What is VPN?
- Virtual Private Network is a type of private
network that uses public telecommunication, such
as the Internet, instead of leased lines to
communicate. - Became popular as more employees worked in remote
locations.
10
Remote Access Virtual Private Network
(From Gartner Consulting)
11
VPN Types
- Secure VPNs use cryptographic tunneling
protocols. - IPsec, SSL/TLS, OpenVPN, PPTP, L2TP, L2TPv3,
VPN-Q and MPVPN - Trusted VPNs rely on the security of a single
providers network to protect the traffic. - MPLS and L2F
12
Tunneling
- A virtual point-to-point connection
- made through a public network. It transports
- encapsulated datagrams.
Original Datagram
Encrypted Inner Datagram
Datagram Header Outer Datagram Data Area
Data Encapsulation From Comer
- Two types of end points
- Remote Access
- Site-to-Site
13
Tunneling
14
VPN Tunneling
Figure 1
15
Tunneling Technology
16
PPTP Tunnel
17
Cryptographic Tunneling Factor
- Authentication validates that the data was sent
from the sender. - Access control limiting unauthorized users from
accessing the network. - Confidentiality preventing the data to be read
or copied as the data is being transported. - Data Integrity ensuring that the data has not
been altered - Cryptography Technic
- Encryption -- is a method of scrambling data
before transmitting it onto the Internet. - Public Key Encryption Technique
- Digital signature for authentication
18
Virtual Private Networks
- VPN can be deployed in three ways
- Host to host
- Site-to-Site
- Host-to-Site
19
Possible Configurations of VPN
20
VPN Topology Types of VPNs
- Remote access VPN
- Intranet VPN
- Extranet VPN
21
VPN Topology Remote Access VPN
22
VPN Topology Intranet VPN
23
VPN Topology Extranet VPN
24
Digital Signature to verify data not changed in
transit
25
PKI the full picture
26
WebVPN
27
WebVPN Features
28
WebVPN and IPSec Comparison
29
Intro to MPLS
- MPLS Multi Protocol Label Switching
- Suatu metode forwarding (meneruskan data/paket
melalui suatu jaringan dengan menggunakan
informasi label yang dilekatkan pada I - Memungkinkan router meneruskan paket dengan hanya
melihat label yang melekat pada paket tersebut,
sehinggap tidak perlu lagi melihat alamat IP
tujuan)
30
Back
31
2. ARSITEKTUR MPLS
- Perpaduan mekanisme Label Swapping (Layer 2) dan
Routing (Layer 3) - Terdiri atas LSR yang saling terhubung, membentuk
suatu LSP - LSR pertama disebut ingress
- LSR terakhir disebut egress
- Bagian tepi dari jaringan LSR disebut LER
Back
32
- LSR Label Switched Router
- LSP Label Switched Path
- LER Label Edge Router
- TTL Time to Live
Back
33
5. OPERASI MPLS
- Pembuatan label dan distribusi
- Pembuatan label dalam tiap router
- Pembuatan jalur label yang terhubung
- Pemasukan label
- Forwarding paket
Back
Recommended
CrystalGraphics Presentations
