Eric Kilroy Virtual Private Networks
Introduction • Virtual Private Network • A way to connect to a private network through a public network such as the internet.
Governing Standards Body • Virtual Private Networks are not governed by one specific body. • Each Virtual Private Network is privately maintained and operated. • Every private network has a Network Administrator who oversees the usage of the network.
History • Companies spent massive resources to set up private networks known as Intranets. • Intranets were costly and used leased line services, ATM, and Frame Relay to incorporate remote users. • Companies used remote access servers or ISDN for small sites and mobile workers. • SMEs were forced to use low speed switched services due to lack of money.
History • The internet became easier to access and bandwidth grew in capacity. • Companies put their Intranets on the web to make Extranets. • This linked internal and external users. • Although this was cost effective and quick and easy to do, it raised the issue of security
Specifications • The modern VPN covers the security factor. • VPNs now use tunneling and complex encryption. • Privacy and data security is maintained in what is much like a dedicated point-to-point connection. • Because of the use of a public network, like the internet, VPNs are much less costly than Intranets.
Specifications • Early VPNs were complex and needed experts on hand to maintain. • Technology has come a long way, making it an easy and cheap solution for businesses. • With VPNs, companies can unite workers in different branches, different project teams, customers, mobile workers, and even workers from home.
Specifications • Workers and customers can connect securely by connecting to the POP or (point-of-presence) • VPNs save money by reducing long distance charges, network support fees, equipment inventories, and leased line fees.
Specifications • VPNs use security techniques such as tunneling and encryption to protect their data. • Encryption is a way to scramble information. • When the text is encrypted it is referred to as cipher-text. • When the data is decrypted it is called clear-text.
Specifications • Encryption • Data gets encrypted at a gateway at the start of the VPN tunnel. • The Gateway at the receiving end decrypts the information into clear-text. • The encryption uses the Data Encryption Standard.
Specifications • Encryption • The Data Encryption Standard or DES uses 56-bit keys to encrypt data. • Data is encrypted into 64-bit blocks. • This provides 72,057,594,037,927,900 different possible combinations. • 3DES encrypts data multiple times. • Encrypts using 56-bit key • Decrypts into completely different clear-text • Encrypts again
Specifications • Keys • Keys are what make encryption work. • The length of the key determines security strength • 8-bit keys 256 (28) combinations • 16-bit keys 65,536 (216) combinations • 56-bit keys 72,057,594,037,927,900 (256) combinations • Many VPNs today use 168-bit keys • That’s 374,144,419,156,711,000,000,000,000,000,000,000,000,000,000,000,000 combinations
Specifications • Keys • Symmetrical keys means using the same key at both ends of the tunnel. • Keys must be kept confidential by both parties because of security concerns. • Become difficult to distribute • Asymmetrical keys easier to manage • Uses private and public keys. • Private used on one end. • Public given out to remote users
Specifications • VPNs use IPSec or IP Security Protocol • Internet standard protocol for tunneling, authentication, and encryption. • Addresses issues • Access Control • Connection Integrity • Authentication of Data Origin • Protection Against Replays • Traffic Flow Confidentiality
Advantages/Drawbacks • VPNs are secure • Privacy is not a big issue • VPNs are interoperable. They are useable on many different systems. • They are easy to use and cost effective to maintain.
Application • VPNs are used by many different companies. • It can be on different systems to connect remote users to the company