VPN (English version): Difference between revisions
No edit summary |
|||
Line 14: | Line 14: | ||
* remote users can connect from across the organization's network; | * remote users can connect from across the organization's network; | ||
* can also be ordered from the relevant service providers. However it is important to make sure the reliability of the service. | * can also be ordered from the relevant service providers. However it is important to make sure the reliability of the service. | ||
== '''Creating tunnel''' == | |||
In the form of a virtual private network is a secure solution for exchanging information between trusted parties, which are not open to public traffic. Remote users and different applications are able to connect through a private tunnel. | |||
VPN tunnel creates a logical network connection between the terminal equipment that is not necessarily the physical topology alongside one another. In this connection, according to a VPN kapseldadakse format generated network packets, or the necessary basic transport protocol and sent to the VPN server. Encapsulation is removed from the target point. | |||
Some protocols to create VPN tunnels are: | |||
* IPsec (Internet Protocol Security) - developed by the IETF and implemented at the network layer of the OSI model (Network Layer). This is a collection of various security measures, which uses a variety of cryptographic protocols for data confidentiality, integrity, authentication and key management reasons; | |||
* GRE (Genaral Routing Encapsulation, RFC 1702 , RFC 2784 ) - Originally developed by Cisco protocol which is able to encapsulate several different protocols packages; | |||
* PPTP (Point-to-Point Tunneling Protocol, RFC 2637 ) - acts as a transmission layer of the OSI model (the Data Link Layer). The data is encapsulated in the PPP (Point to Point Protocol) packets, which are encapsulated into IP packets. PPTP supports data encryption and packing and use the GRE protocol to transfer data; | |||
* L2F (Layer2 Forwarding) - acts as a transmission layer of the OSI model. L2F does not have the encryption option and has been replaced by L2TP; | |||
* L2TP (Layer2 Tunneling Protocol, RFC 2661 ) - acts as a layer of the OSI model, data transfer, a Microsoft PPTP and Cisco L2F protocols properties. | |||
== '''Other Details''' == | == '''Other Details''' == |
Revision as of 10:07, 5 May 2017
VPN (Virtual Private Network)
A VPN or Virtual Private Network enables users to send and receive data across shared or public networks as if their computing devices were directly connected to a private network. It is a method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet. VPNs are most often used by corporations to protect sensitive data.
Individual Internet users may secure their wireless transactions with a VPN, to circumvent geo-restrictions and censorship, or to connect to proxy servers for the purpose of protecting personal identity and location. However, some Internet sites block access to known VPN technology to prevent the circumvention of their geo-restrictions.
A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption. A VPN available from the public Internet can provide some of the benefits of a wide area network (WAN). From a user perspective, the resources available within the private network can be accessed remotely.[1]
VPN solution Benefits
Users or business partners in a secure network and information exchange is crucial for many organizations. Some VPN advantages are:
- can be used to transfer data between different public networks, being independent of the data transmission protocol;
- ensure the data is supported by many VPN solutions for a variety of encryption and authentication protocol;
- remote users can connect from across the organization's network;
- can also be ordered from the relevant service providers. However it is important to make sure the reliability of the service.
Creating tunnel
In the form of a virtual private network is a secure solution for exchanging information between trusted parties, which are not open to public traffic. Remote users and different applications are able to connect through a private tunnel.
VPN tunnel creates a logical network connection between the terminal equipment that is not necessarily the physical topology alongside one another. In this connection, according to a VPN kapseldadakse format generated network packets, or the necessary basic transport protocol and sent to the VPN server. Encapsulation is removed from the target point.
Some protocols to create VPN tunnels are:
- IPsec (Internet Protocol Security) - developed by the IETF and implemented at the network layer of the OSI model (Network Layer). This is a collection of various security measures, which uses a variety of cryptographic protocols for data confidentiality, integrity, authentication and key management reasons;
- GRE (Genaral Routing Encapsulation, RFC 1702 , RFC 2784 ) - Originally developed by Cisco protocol which is able to encapsulate several different protocols packages;
- PPTP (Point-to-Point Tunneling Protocol, RFC 2637 ) - acts as a transmission layer of the OSI model (the Data Link Layer). The data is encapsulated in the PPP (Point to Point Protocol) packets, which are encapsulated into IP packets. PPTP supports data encryption and packing and use the GRE protocol to transfer data;
- L2F (Layer2 Forwarding) - acts as a transmission layer of the OSI model. L2F does not have the encryption option and has been replaced by L2TP;
- L2TP (Layer2 Tunneling Protocol, RFC 2661 ) - acts as a layer of the OSI model, data transfer, a Microsoft PPTP and Cisco L2F protocols properties.
Other Details
References
[1] Microsoft Technet. "Virtual Private Networking: An Overview".
Author: Christian Cataldo
Curriculum: Cyber Security Engineering
Group: C11
Date created: April 9, 2017
Last modification: April 9, 2017