Scribd
Upload
16 views

Topic 1 VPN

Uploaded by

gillcharewan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

Topic 1 VPN

Uploaded by

gillcharewan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Topic 1 VPN

VPN stands for virtual private network, it is beneficial to transfer data between sites and main
branch of organizations as in vpn’s data is end-to-end encrypted sent via virtual private network
which in reality is transferred over the public network. The tunnels allow remote branches and
users to access the main branch’s resources securely. Modern VPNs support encryption
features like internet protocol security and secure socket layer VPNs. Advantages of VPN are
cost saving, security, scalability and compatibility. Many ISPs(Internet service providers) provide
this feature.
Site to site vpn: VPN gateways are pre-configured with information to establish a secure tunnel.
The data packets are only encrypted between these devices while the internal host has no
knowledge about the existence of the vpn.
Remote Access VPN: dynamically created to establish a secure connection between a client
and a vpn terminating device. For example a client connecting to a bank, the data received by
the client will be encrypted and will be decrypted by the end-device. This is created dynamically
by the user when required by initiating remote access vpn connection. There are two types of
remote access vpn: connectionless and client-based. Example for connectionless a client opens
a browser and goes to https website which automatically makes the connection to ssl vpn
server. However in connection-based one have to turn on vpn connection manually using some
software.
Ssl uses public key infrastructure and digital certificates to authenticate peers. IPsec is more
secure than ssl while ssl is supportive and easy to deploy. IPsec supports all ip based
applications while ssl only supports web-based applications and file sharing applications.
Authentication strength for IPsec is Strong, it uses two-way authentication with shared key or
digital certificates. While authentication strength for ssl is moderate, it uses one-way or two-way
authentication. Encryption strength for IPsec is strong as it uses key lengths from 56 bits up to
256 bits. For ssl it is moderate to strong, its key lengths range between 40 bits up to 256 bits.
Connection complexity for IPsec is medium because it requires a vpn client pre-installed on the
host, however, connection complexity for ssl is low as it only needs a web browser on the host.
Finally the connection option for IPsec is limited as only devices with specific configuration can
connect using vpn. For ssl connection option is extensive as any device with web browser can
connect using ssl.
The VPN gateway is responsible for encapsulation and encryption of the outbound traffic. It
receives unencrypted data from client and encrypt it before passing it to the vpn tunnel which
transfer it to the other vpn gateway on the other end which then decrypt the data and forward it
to the internal host.

You might also like