Scribd
Upload
245 views12 pages

Advanced VPN Concepts

A Virtual Private Network (VPN) provides a secure, encrypted connection over the internet, enabling devices to communicate as if on the same local network. VPNs enhance security, privacy, and remote access while being cost-effective, with various types including Site-to-Site, Remote Access, SSL, and MPLS VPNs. Common protocols used in VPNs include IPsec, GRE, SSL/TLS, L2TP, and PPTP, each serving different purposes and security levels.

Uploaded by

gopi13710
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
245 views12 pages

Advanced VPN Concepts

A Virtual Private Network (VPN) provides a secure, encrypted connection over the internet, enabling devices to communicate as if on the same local network. VPNs enhance security, privacy, and remote access while being cost-effective, with various types including Site-to-Site, Remote Access, SSL, and MPLS VPNs. Common protocols used in VPNs include IPsec, GRE, SSL/TLS, L2TP, and PPTP, each serving different purposes and security levels.

Uploaded by

gopi13710
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Overview About Us Services Contact Us

VPN
CONCEPTS
Overview About Us Services Contact Us

WHAT IS A VPN?
A Virtual Private Network (VPN) is a secure, encrypted
connection over a less secure network, typically the
internet. It allows devices to communicate as if they were
on the same local private network, even if they're
physically distant.
Overview About Us Services Contact Us

WHY USE VPNS IN


NETWORKS?
Security: Encrypts data traveling over public networks.
Privacy: Hides user data from ISPs, hackers, and even
governments.
Remote Access: Employees can securely access the
office network from anywhere.
Cost-Effective: Uses public internet instead of
dedicated leased lines.
Overview About Us Services Contact Us

TYPES OF VPNS
Site-to-Site VPN: Connects entire networks (e.g.,
branch office to HQ)
Remote Access VPN:Connects individual users to a
network
SSL VPN: Uses a web browser and HTTPS for secure
access
MPLS VPN: Provided by ISPs using MPLS backbone
Overview About Us Services

SITE-TO-SITE VPN
Overview About Us Services

REMOTE ACCESS
VPN
Overview About Us Services

SSL VPN
Overview About Us Services

MPLS VPN
Overview About Us Services Contact Us

VPN PROTOCOLS

IPsec (Internet Protocol Security)


GRE (Generic Routing Encapsulation)
SSL/TLS VPN
L2TP and PPTP (Legacy Protocols)
Overview About Us Services

VPN PROTOCOLS
IPsec (Internet Protocol Security) GRE (Generic Routing Encapsulation) SSL/TLS VPN L2TP and PPTP (Legacy Protocols)

Most commonly used in Site- A tunneling protocol, but not Uses HTTPS (port 443) to L2TP (Layer 2 Tunneling
to-Site VPNs. secure by itself (no encryption) create a secure tunnel. Protocol): Often combined with
Provides encryption, IPsec for encryption.
authentication, and integrity. Can encapsulate many types of Clientless VPN: Access
Works in two modes: traffic (supports multicast & through a browser. PPTP (Point-to-Point Tunneling
Transport Mode: Encrypts routing protocols). Protocol): Old and insecure,
only the payload. Useful for remote access to rarely used today.
Tunnel Mode (used in Often used together with IPsec web apps.
CCNA): Encrypts the entire to get both tunneling and Not commonly used in modern
packet. encryption:GRE over IPsec. Limited support in routers; enterprise setups
Uses two main phases: more common in firewalls
IKE Phase 1: Builds the and VPN appliances.
initial secure tunnel
(ISAKMP).
IKE Phase 2: Negotiates
IPsec security
associations (SAs).

Integrity (SHA, MD5)


Overview About Us Services Contact Us

IPSEC VPN
COMPONENTS
IKE PHASE 1 & 2

ENCRYPTION (ESP VS AH)


AUTHENTICATION (PRE-SHARED KEY VS DIGITAL CERTIFICATES)

INTEGRITY (SHA, MD5)


Overview About Us Services

THANK YOU

You might also like