VPN Presentation

Download Report

Transcript VPN Presentation

VPN
What is VPN
• An arrangement that provides connections
between:
– Offices
– remote workers and
– the Internet
• Without requiring a dedicated Line
• Also known as private networks between sites
VPN-Remote Access, and Interoffice
Connections
• Rational for VPN Between Offices
• Productivity Away from the Office
• VPN Technology
Between Offices
• Shared circuits within the carrier networks
• Adding capacity to a VPN is:
– Simpler than adding a high-speed
– Customer needs only high-speed from its
building to the carrier’s network
Productivity Away from the Office
• Overcomes dial up costs and slowness
• Access via a browser to corporate data
bases is the same
– at home or
– in the office
Newer VPN Technology
• VPN Site-to-Site
– MPLS
– IP VPNs
• Secure Access on VPNs for Remote Access
– IPSec (Internet protocol security)
– SSL (Secure socket layer) security
Secure Access on VPNs for Remote Access
– IPSec (Internet protocol security) - requires client
software on computers
• Established a secure, encrypted link to a security device at
the carrier or the enterprise.
– THIS IS TUNNELING
– SSL (Secure socket layer) security – is a newer VPN
method.
• Access is embedded in browsers so the organizations are not
required to install special client software in each users
computer.
Rational for VPN Between Offices
• Employees
• Branch Offices
• Business Partners
MPLS (Multiprotocol Label Switching)
– VPNs Everyone-to-Everyone Link
– Classes of Service –Prioritize Particular Traffic
– Electronic Tags on MPLS packets
– Service Components
VPNs Everyone-to-Everyone Link
• Customer provides to SP
– A list of IP addresses for each site in the VPN
• Carrier uses the list to define a closed
group of users allowed to communicate
with each other
Classes of Service –Prioritize Particular
Traffic
• Customer chooses 4-5 classes of service
– Used to define priority
– Data, voice, video (low class  high)
Electronic Tags on MPLS packets
• MPLS attached tags to packets
• Router reads tags and sets priority
• Bypass the routing table lookup
• Good VoIP feature
Service Components
• T1 typical to carrier
• Separate access lines
– MPLS (trusted sources)
– Internet (high levels of security)
VPNs Everyone-to-Everyone Link
• Mess service
• MPLS VPN traffic is carried separately from
•
•
•
•
public internet traffic to guarantee levels of
service.
IP VPNs – site-to-site using the public Internet
with IPSec
IPSec creates a tunnel for each packet
Tunnel hides the destination IP address
Scrambles data by encrypting it
VPNs for International Connectivity
• IPSec VPNs – Public internet-Based VPNs
for Intersite Connections
• Network-Based IPSec VPNs – over carrier
private IP Networks
IPSec VPNs – Public internet-Based VPNs for
Intersite Connections
• The VPN provider manages the
intercountry portion of the network
• Carrier’s POP refers to the site where its
equipment resides
• NTT, BT, AT&T, Infonet, MCI, Sprint,
Equant all offer intercontinental service.
The End