Vpn with Ipsec

Only available on StudyMode
  • Download(s): 50
  • Published: March 25, 2013
Read full document
Text Preview
1. Abstract
The goal of VPNs is to provide a cost-effective and secure way to connect business to one another and remote workers to office networks. Network Security Protocols encompasses the basis for safe & reliable data transfer. These security devices should be able to provide accountability, access control, confidentiality, integrity, while all the time being cost effective. This provides us with different security protocols related to the transfer of data through a network. With a prevalent system of networks the frontier for world data communication, it is absolutely critical to be able to have these protocols provide the most secure service possible. In this report technical review IPSec protocol involved with Network Security. Internet Protocol Security (IPSec)

It is a suite of protocol for securing IP communications by authentication and encryption of each IP packet of a communication session. IPSec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiating cryptography keys which is to be used during the session. IPSec is an end to end security scheme operating in the Layer of Internet of the IP suite. It can be used in protecting data flows between a pair of hosts, between a pair of security gateways, or between a security gateway and a host.

2. Introduction to VPN
A VPN is a virtual private network, which is built on top of existing physical network that can provide a secure communication mechanism for data and other information transmitted between networks. Because VPN can be used over existing networks, such as the Internet, it can facilitate the secure transfer of sensitive data across public networks. This is often less expensive than alternatives such as dedicated private telecommunications lines between organizations or branch offices. VPNs can also provide flexible solutions, such as securing communications between remote telecommuters and the organization’s servers, regardless of where the telecommuters are located. A VPN can even be established within a single network to protect particularly sensitive communications from other parties on the same network. It is important to understand that VPNs do not remove all risk from networking. While VPNs can greatly reduce risk, particularly for communications that occur over public networks, they cannot remove all risk for such communications. One problem is the strength of the implementation. For example, flaws in an encryption algorithm or the software implementing the algorithm could allow attackers to decrypt intercepted traffic; random number generators that do not produce sufficiently random values could provide additional attack possibilities. Another issue is encryption key disclosure; an attacker who discovers a key could not only decrypt traffic but potentially also poses as a legitimate user. Another area of risk involves availability. A common model for information assurance is based on the concepts of confidential, integrity, and availability. Although VPNs are designed to support confidentiality and integrity, they generally do not improve availability, the ability for authorized users to access systems as needed. In fact, many VPN implementations actually tend to decrease availability somewhat, because they add more components and services to the existing network infrastructure. This is highly dependent upon the chosen VPN architecture model and the details of the implementation.

3.1 VPN Technologies
The Internet is a shared public network of networks with open transmission protocols. Therefore, VPNs must include measures for packet encapsulation (tunneling), encryption, and authentication to ensure that sensitive data reaches its destination without modifying by unauthorized parties.

Fig: IP Packet

2.2 Tunnels
The thing that makes a Virtual Private Network “virtually private” is known as tunnel. Even though you access your network...
tracking img