vpn presentation iman
TRANSCRIPT
-
8/3/2019 VPN Presentation Iman
1/24
Virtual Private Network
(VPN)
Virtual Private Network
(VPN)
-
8/3/2019 VPN Presentation Iman
2/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --22--
If saving money is wrong,If saving money is wrong,
I dont want to be rightI dont want to be right
-- William ShartnerWilliam Shartner
-
8/3/2019 VPN Presentation Iman
3/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --33--
outlineoutline
What is a VPN?What is a VPN?
Types of VPNTypes of VPN
Why use VPNs?Why use VPNs?
Disadvantage of VPNDisadvantage of VPN
Types of VPN protocolsTypes of VPN protocols
EncryptionEncryption
-
8/3/2019 VPN Presentation Iman
4/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --44--
What is a VPN?What is a VPN?
A VPN is A networkA VPN is A network
that uses Internet orthat uses Internet or
other network serviceother network service
to transmit data.to transmit data.
A VPN includesA VPN includes
authentication andauthentication andencryption to protectencryption to protect
data integrity anddata integrity and
confidentialityconfidentiality
VPN
VPN
InternetInternet
-
8/3/2019 VPN Presentation Iman
5/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --55--
Types of VPNsTypes of VPNs
Remote Access VPNRemote Access VPN
Provides access toProvides access to
internal corporateinternal corporate
network over thenetwork over theInternet.Internet.
Reduces longReduces long
distance, modemdistance, modem
bank, and technicalbank, and technicalsupport costs.support costs.
InternetInternet
CorporateSite
-
8/3/2019 VPN Presentation Iman
6/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --66--
Types of VPNsTypes of VPNs Remote Access VPNRemote Access VPN
SiteSite--toto--Site VPNSite VPN
Connects multipleConnects multiple
offices over Internetoffices over Internet ReducesReduces
dependencies ondependencies on
frame relay andframe relay and
leased linesleased lines
InternetInternet
BranchOffice
Corporate
Site
-
8/3/2019 VPN Presentation Iman
7/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --77--
Types of VPNsTypes of VPNs Remote Access VPNRemote Access VPN
SiteSite--toto--Site VPNSite VPN
Extranet VPNExtranet VPN
Provides businessProvides business
partners access topartners access tocritical informationcritical information
(leads, sales tools,(leads, sales tools,
etc)etc)
Reduces transactionReduces transaction
and operational costsand operational costs
CorporateSite
InternetInternet
Partner #1
Partner #2
-
8/3/2019 VPN Presentation Iman
8/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --88--
Types of VPNsTypes of VPNs Remote Access VPNRemote Access VPN
SiteSite--toto--Site VPNSite VPN
Extranet VPNExtranet VPN
Intranet VPN:Intranet VPN:Links corporateLinks corporate
headquarters, remoteheadquarters, remote
offices, and branchoffices, and branch
offices over a sharedoffices over a shared
infrastructure usinginfrastructure usingdedicated connections.dedicated connections.
InternetInternet
LAN
clients
Database
Server
LAN clients with
sensitive data
-
8/3/2019 VPN Presentation Iman
9/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --99--
Why Use Virtual PrivateNetworks?
Why Use Virtual PrivateNetworks?
More flexibilityMore flexibility
Use multiple connection types (cable, DSL,Use multiple connection types (cable, DSL,T1, T3)T1, T3)
Secure and lowSecure and low--cost way to linkcost way to link
Ubiquitous ISP servicesUbiquitous ISP services
Easier EEasier E--commercecommerce
-
8/3/2019 VPN Presentation Iman
10/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1010--
Why Use Virtual PrivateNetworks?
Why Use Virtual PrivateNetworks?
More flexibilityMore flexibility
More scalabilityMore scalability
Add new sites, users quicklyAdd new sites, users quickly
Scale bandwidth to meet demandScale bandwidth to meet demand
-
8/3/2019 VPN Presentation Iman
11/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1111--
Why Use Virtual PrivateNetworks?
Why Use Virtual PrivateNetworks?
More flexibilityMore flexibility
More scalabilityMore scalability
Lower costsLower costs Reduced frame relay/leased line costsReduced frame relay/leased line costs Reduced long distanceReduced long distance
Reduced equipment costs (modemReduced equipment costs (modembanks,CSU/DSUs)banks,CSU/DSUs)
Reduced technical training and supportReduced technical training and support
-
8/3/2019 VPN Presentation Iman
12/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1212--
VPN Return on InvestmentVPN Return on Investment
5 branch offices, 1 large corporate office, 200 remoteaccess users.
Payback: 1.04 months. Annual Savings: 88%
Check Point
VPN Solution
Non-VPN
Solution
Savings with
Check Point
StartupCosts(Hardware
and Software)
$51,965Existing;
sunk costs =
$0
Site-to-Site
Annual Cost$30,485 $71,664
Frame relay$41,180 /yr
RAS
Annual Cost $48,000 $604,800Dial-in costs
$556,800 /yr
Combined
Annual Cost$78,485 $676,464 $597,980 /yr
Case History Professional Services Company
-
8/3/2019 VPN Presentation Iman
13/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1313--
Disadvantages of VPNDisadvantages of VPN
Lower bandwidth available comparedLower bandwidth available comparedto dialto dial--in linein line
Inconsistent remote accessInconsistent remote access
performance due to changes inperformance due to changes inInternet connectivityInternet connectivity
No entrance into the network if theNo entrance into the network if the
Internet connection is brokenInternet connection is broken
-
8/3/2019 VPN Presentation Iman
14/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1414--
Point-to-Point TunnelingProtocol (PPTP)
Point-to-Point TunnelingProtocol (PPTP)
Layer 2 remote access VPN distributed with Windows productLayer 2 remote access VPN distributed with Windows productfamilyfamily Addition to PointAddition to Point--toto--Point Protocol (PPP)Point Protocol (PPP)
Allows multiple Layer 3 ProtocolsAllows multiple Layer 3 Protocols
Uses proprietary authentication and encryptionUses proprietary authentication and encryption
Limited user management and scalabilityLimited user management and scalability Used MPPE encryption methodUsed MPPE encryption method
Internet
Remote PPTP Client
ISP Remote Access
Switch
PPTP RAS Server
Corporate Network
-
8/3/2019 VPN Presentation Iman
15/24
-
8/3/2019 VPN Presentation Iman
16/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1616--
Internet Protocol Security(IPSec)
Internet Protocol Security(IPSec)
Layer 3 protocol for remote access,Layer 3 protocol for remote access,
intranet, and extranet VPNsintranet, and extranet VPNs
Internet standard for VPNsInternet standard for VPNs
Provides flexible encryption and messageProvides flexible encryption and messageauthentication/integrityauthentication/integrity
-
8/3/2019 VPN Presentation Iman
17/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1717--
EncryptionEncryption
Used to convert data to a secret codeUsed to convert data to a secret code
for transmission over an trusted networkfor transmission over an trusted network
EncryptionAlgorithm
The cow jumpedover the moon
4hsd4e3mjvd3sda1d38esdf2w4d
ClearTextClearText Encrypted TextEncrypted Text
-
8/3/2019 VPN Presentation Iman
18/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1818--
Symmetric EncryptionSymmetric Encryption Same key used to encrypt and decryptSame key used to encrypt and decrypt
messagemessage
Faster than asymmetric encryptionFaster than asymmetric encryption
Used by IPSec to encrypt actual messageUsed by IPSec to encrypt actual messagedatadata
Examples: DES, 3DES, RC5Examples: DES, 3DES, RC5
Shared Secret KeyShared Secret Key
-
8/3/2019 VPN Presentation Iman
19/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --1919--
Asymmetric EncryptionAsymmetric Encryption Different keys used to encrypt and decryptDifferent keys used to encrypt and decrypt
message (One public, one private)message (One public, one private)
Provides nonProvides non--repudiation of message orrepudiation of message ormessage integritymessage integrity
Examples include RSA, DSA, SHAExamples include RSA, DSA, SHA--1, MD1, MD--55
Alice Public KeyAlice Public Key
EncryptEncrypt
Alice Private KeyAlice Private Key
DecryptDecrypt
BobBob AliceAlice
-
8/3/2019 VPN Presentation Iman
20/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --2020--
Industries That May Use a VPNIndustries That May Use a VPN Healthcare:: enables the transferring of confidentialenables the transferring of confidential
patient information within the medical facilities &patient information within the medical facilities &health care providerhealth care provider
Manufacturing:: allow suppliers to view inventory &allow suppliers to view inventory &
allow clients to purchase online safelyallow clients to purchase online safely
Retail:: able to securely transfer sales data orable to securely transfer sales data orcustomer info between stores & the headquarterscustomer info between stores & the headquarters
Banking/Financial:: enables account information toenables account information tobe transferred safely within departments & branchesbe transferred safely within departments & branches
General Business:: communication between remotecommunication between remoteemployees can be securely exchangedemployees can be securely exchanged
-
8/3/2019 VPN Presentation Iman
21/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --2121--
Some Businesses using a VPNSome Businesses using a VPN
CVS Pharmaceutical CorporationCVS Pharmaceutical Corporation
upgraded their frame relay network toupgraded their frame relay network to
an IP VPNan IP VPN
Bacardi & Co. Implemented a 21Bacardi & Co. Implemented a 21--
country, 44country, 44--location VPNlocation VPN
-
8/3/2019 VPN Presentation Iman
22/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --2222--
QuestionsQuestions
-
8/3/2019 VPN Presentation Iman
23/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --2323--
presented by :presented by :
Iman AbooeeIman Abooee
Thanks for your attentionThanks for your attention
WinterWinter 8585
-
8/3/2019 VPN Presentation Iman
24/24
2001 Check Point Software Technologies Ltd. - Proprietary & Confidential --2424--
Resource:Resource:www.vpnc.org/vpnwww.vpnc.org/vpn--technologies.pdftechnologies.pdf
www.adtran.com/www.adtran.com/
www.cisco.com/ipsec_wp.htmwww.cisco.com/ipsec_wp.htm
www.computerworld.comwww.computerworld.com
www.findvpn.comwww.findvpn.com
www. Shabake_mag.comwww. Shabake_mag.com