Virtual Private Network

1
Virtual Private Network
Presented By Shobha Ravikumar
2
Contents

• What is VPN?
• What Makes VPN?
• Types of VPN
• VPN Security
• Make VPN Connection
• Conclusion

3
What is VPN?

• Data transference on a shared network such as
  public data networks, on which data is delivered
  securely by applying some security measures on
  the data packets and the machines on the path,
  for example hosts (source computer and
  destination computer), routers (such as gateway
  routers and peer routers), and bridges.
• VPN is a private network which uses public
  network (Internet) to connect remote sites or
  users.

4
Virtual Private Network
A typical VPN might have a main LAN at the
corporate headquarters of a company, other LANs
at remote offices or facilities and individual
users connecting from out in the field.
5
What Makes VPN?

• Benefits of having VPN
• Extend geographic connectivity
• Improve security
• Reduce operational costs versus traditional WAN
• Reduce transit time and transportation costs for
  remote users
• Improve productivity
• Simplify network topology
• Provide global networking opportunities
• Provide telecommuter support
• Provide broadband networking compatibility
• Provide faster ROI (return on investment) than
  traditional WAN

6
Types of VPN

• Remote Access VPN
• Virtual private dial up Network (VPDN) is a user
  to LAN connection used by a company who needs to
  connect to private network from remote places.
• a corporation that wishes to set up a large
  remote-access VPN will outsource to an enterprise
  service provider (ESP). The ESP sets up a network
  access server (NAS) and provides the remote users
  with desktop client software for their computers.
  The telecommuters can then dial a toll-free
  number to reach the NAS and use their VPN client
  software to access the corporate network

7
Types of VPN

• Site-to-Site VPN
• Site-to-site VPNs can be one of two types
• Intranet-based - If a company has one or more
  remote locations that they wish to join in a
  single private network, they can create an
  intranet VPN to connect LAN to LAN
• Extranet-based - When a company has a close
  relationship with another company (for example, a
  partner, supplier or customer), they can build an
  extranet VPN that connects LAN to LAN, and that
  allows all of the various companies to work in a
  shared environment.

8
Type of VPN
9
VPN Security

• A well-designed VPN uses several methods for
  keeping your connection and
• data secure
• Firewalls
• Encryption
• IPSec
• AAA Server

10
VPN Security FireWall

• A firewall provides a strong barrier between the
  private network and the Internet.
• We can set firewalls to restrict the number of
  open ports, what type of packets are passed
  through and which protocols are allowed through.
• Some VPN products, such as Ciscos 1700 routers,
  can be upgraded to include firewall capabilities
  by running the appropriate Cisco IOS on them.
• Note You should already have a good firewall in
  place before you implement a
• VPN, but a firewall can also be used to terminate
  the VPN sessions.

11
VPN Security Encryption

• taking all the data that one computer is sending
  to another and encoding it into a form that only
  the other computer will be able to decode. Most
  computer encryption system belong in one of two
  categories
• Symmetric-key encryption
• Public-key encryption

12
VPN Security IPSec

• Internet Protocol Security Protocol (IPSec)
  provides enhanced security features such as
  better encryption algorithms and more
  comprehensive authentication.

13
VPN Security IPSec

• Two encryption modes tunnel and transport.
• Tunnel encrypts the header and the payload of
  each packet
• Transport only encrypts the payload.
• Only systems that are IPSec compliant can take
  advantage of this protocol. Also, all devices
  must use a common key and the firewalls of each
  network must have very similar security policies
  set up.

14
VPN Security AAA Servers

• AAA (authentication, authorization and
  accounting) servers
• When a request to establish a session comes in
  from a dial-up client, the
• request is proxied to the AAA server. AAA then
  checks the following
• Who you are (authentication)
• What you are allowed to do (authorization)
• What you actually do (accounting)

15
VPN Technologies

• Depending on the type of VPN (remote-access or
  site-to-site), certain
• components are needed to build VPN. They are
• Desktop software client for each remote user
• Dedicated hardware such as a VPN concentrator or
  secure PIX firewall
• Dedicated VPN server for dial-up services
• NAS (network access server) used by service
  provider for remote-user VPN access
• VPN network and policy-management center

16
Make VPN Connection

• To make a VPN connection we must be connected to
  internet.
• Step 1
• Open Network Connections. (Click Start, click
  Control Panel, click Network and
• Internet Connections, and then click Network
  Connections.)
• Step 2
• Under Network Tasks, click Create a new
  connection, and then click Next.
• Step 3
• On the Welcome to the New Connection Wizard page
  of the New Connection
• Wizard, click Next.

17
Make VPN Connection

• Step 4
• On the Network Connection Type page, click
• Connect to the network at my workplace, and
• then click Next as shown below.

18
Make VPN Connection

• Step 5
• On the Network Connection page, click
• Virtual Private Network connection, and
• then click Next as shown below

19
Make VPN Connection

• Step 6
• On the Connection Name page, type the
• name of the connection or your company
• name, and then click Next. An example is
• shown below.

20
Make VPN Connection

• Step 7
• If you are using a dial-up connection to an
• ISP to connect to the Internet, the
• Public Network page is displayed. In
• Automatically dial this initial connection,
• select the name of the connection used to
• dial your ISP, and then click Next.

21
Make VPN Connection

• Step 8
• On the VPN Server Selection page, type
• the Domain Name System (DNS)
• name or Internet Protocol (IP) address of
• your company's VPN server on the
• Internet, and then click Next. An example
• is shown below

22
Make VPN Connection

• Step 9
• On the Completing the New Connection
• Wizard page, click Finish.
• Step 10
• A Connect dialog box is displayed. Type
• the user name and password to
• access your company's private network
• and then click Connect. An example is
• shown below.

23
Make VPN Connection

• Notes
• You can create multiple VPN connections by
  copying them in the Network Connections folder.
  You can then rename the connections and modify
  connection settings. By doing so, you can easily
  create different connections to accommodate
  multiple hosts, security options, and so on.  
• If you have an active Winsock Proxy client, you
  cannot create a VPN connection. A Winsock Proxy
  client immediately redirects data to a configured
  proxy server before the data can be processed in
  the fashion required by a VPN connection. To
  establish a VPN connection, you should disable
  the Winsock Proxy client.

24
Conclusion

• Lets summarize the most important points.
• Intranet VPNs provide an interesting and
  affordable way for internal company
  communications, because they operate on a portion
  of the public or shared communication
  infrastructure.
• They use encryption and tunneling to protect
  confidential information, and provide the same
  level of reliability and performance as
  traditional Wide Area Networks.
• Intranet VPNs enable businesses to refocus their
  energy on core business objectives instead of
  networking needs, and reduce operations and
  bandwidth costs.

25
Questions?
26
References

• 1 How Virtual Private Networks Work
• http//computer.howstuffworks.com/vpn.htm
• 2 Securing Virtual Private Networks (VPN)
• http//www.developer.com/java/other/article.php/10
  936_3373431_1
• 3 Use Virtual Private Networks for Secure
  Internet Data Transfer
• http//www.microsoft.com/windowsxp/using/mobility/
  expert/vpns.mspx