1

Virtual Private Network (VPN)

• Course: COSC513

• Instructor: Professor M. Anvari

• Student: Xinguang Wang

2

Content

• Introduction

• VPN Technologies

• VPN Products

• Advantages and Disadvantages of VPN

• Conclusion

3

Public vs Private Network

• Public Network• Accessible freely to everyone, no

boundaries and few rules to manage it.• Problem of security• Ideal medium for illegal activity

4

Public vs Private Network

• Private network• Owned by a single corporation• Gateway routers exist between private

network and public network• Firewall prevents intruders coming from

public network

5

Limit to Private Network

• Separate branches or offices

• Need for remote access

• Traditional method—using leased lines, not flexible and expensive

6

Solution: Virtual Private Network (VPN)

• Definition: a way to simulate a private network over a public network (Internet)

• Allow creation of a secure, private network over a public network such as the Internet

• Done through IPSec (IP Security Protocol), encryption, packet tunneling, and firewalls

7

Functions provided by VPN

• Authentication: ensuring that the data originates at the source that it claims

• access control: restricting unauthorized users from gaining admission to the network

• Confidentiality: preventing anyone from reading or copying data as it travels across the Internet

• data integrity: ensuring that no one tampers with data as it travels across the Internet

8

An Important property of VPN

• Virtual means dynamic—Network formed logically, no permanent links. When connection no longer needed the links is torn down—bandwidth saved.

9

How to create tunnels

• A tunnel is a virtual connection between locations that are connected in a VPN

• Host A generates an IP packet with the destination address of Host B

• The packet is routed to a firewall or secure router at the boundary of A’s network.

• The firewall filters all packets to determine the need for IPSec processing.

10

How to create a tunnel(cont)

• The packet is now routed to B’s firewall

• After detected the packet is delivered to B

11

IP Security Protocols (IPSec)

• IPSec is a protocol suitea set of IP extensions that provide security services at the network level. IPSec technology is based on modern cryptographic technologies, making very strong data authentication and privacy guarantees possible.

12

IPSec functions

• Three facilities provided by IPSec• Authentication-only

• Authentication/encryption

• Key exchange

13

Other protocols for VPN

• Point to point tunnel protocol (PPTP)

• Layer-2 forwarding (L2F)

• Layer-2 tunneling protocol (L2TP)

14

VPN Products

• Hardware-based system• Encrypting routers

• Secure and easy to use

• Not flexible

• Firewall-based system• Using farewall’s security system

• Restrict the access to the internal network

• Performance not as good as hard-ware based

15

VPN Product (cont)

• Software-based system, ideal when• Both ends not controlled by the same corp.

• Different firewalls and routers implemented within the same system

• Harder to manage than encrypting routers

16

Advantages of VPN

• Lower cost

• Remote access

• Platform independent

• Can be used both as extranet and intranet

17

Disadvantages of VPN

• Lower bandwidth available compared to dial-in line

• Inconsistent remote access performance due to changes in Internet connectivity

• No entrance into the network if the Internet connection is broken

18

Conclusion

• The driving force for VPN is the requirement to make more secure information communication and to decrease the communication cost

• IPSec is the mostly used protocols for VPN

19

References

• 1.   Virtual private networks: making the right connection, Dennis Fowler, San

Francisco, CA, Morgan Kaufmann Publishers, 1999;

• 2.  http://kubarb.phsx.ukans.edu/~third/vpn.html;

• 3.    http://www.vpnc.rog;

• 4.    http://www.vpncon.com;

• 5.    http://www.iec.org/turtorials/vpn/;