What is a Virtual Private Network (VPN)?Security Risks of the VPNBasic firewallsNetwork AttacksCryptographic AssaultsTechnologies in the VPNFirewallsAuthenticationAuthentication is equally important as encryption when we exchange information over a VPN. While confirming the connection of a VPN network over the public internetwork, it is critical to finalize if the user trying to gain access to a private network is real. Authentication in VPN checks the identity of an entity and confirms that to the service and guarantees their claim with a great degree of certainty. Secret keys, passwords or some form of identification are used to authenticate the real user to the system.TunnelingPoint-to-Point Tunneling Protocol (PPTP)IPSec Tunnel ModeWorks CitedLacoul 1Virtual Private Networks What is a Virtual Private Network (VPN)?A Virtual Private Network is an extension of a private network that encompasses links across shared or public networks like the Internet – Virtual Private Networking in Windows 2000: An Overview by MicrosoftAn encrypted or encapsulated communication process that transfers data from one point to another point securely; the security of that data is assured by robust encryption technology, and the data that flows passes through an open, unsecured, routed network. –Brown Steven, Implementing Virtual Private Networks.A VPN is a data network that makes the use of the public network infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures. One of the key technologies used to promote the security procedures in VPN is encryption. One can argue that VPN is almost undoable without encrypting data along the path. It is so convinced that the Oreilly authors Scott et. al. state that a VPN is possible without using firewall, but not without using encryption technology. Hence, it assures that cryptography plays a huge role in maintaining the security of flow of data in VPN technology. One way of looking at VPN is that it is a simple process of sending encrypted data from one point to another, usually over the Internet. However, VPN can also be used on leased lines, frame relay/ATM links, or Plain Old Telephone Network (POTN) services, such as Integrated Service Digital Network (ISDN) and Digital Subscribe Line (xDSL). Some ISPs already provide some VPN implementations, such as in frame relay topologies. While it is a private network from an ISP's point of view, it is still a public network from a customer's point of view. By adding VPN technology to their frame segment, customerscan get the additional benefits of VPN technology (Brown, 6).Types of VPNAs VPN technology has gained its popularity among the corporate networks, nationally or internationally, within the past few years, it has emerged in many flavors to provide services to the needs of those customers. Four areas of VPN described below are to clarify the differences between different types of VPN in existence and figure 1.1 below provides a pictorial view of its use.Intranet An intranet VPN is created between the corporate headquarters and a remote sales office, or between headquarters and remote satellite offices.Remote Access A remote access VPN is created between corporate headquarters and remote mobile users.Extranet An extranet VPN is created between a corporation and its customers or suppliers.Intracompany A fourth area, not readily deployed by companies today, is an internal intracompany VPN. It is created within the corporate network to prevent critical data byLacoul 2encrypting and safely storing it without being tampered with. What reasons would cause a company to use an intracompany VPN? Some of the reasons are set forth by security surveys that report that attacks by internal employees are their number-one threat. Figure 1.1However, four types of VPN, as mentioned below, are used in the aforementioned areas to meet the customer’s needs.Trusted VPN - A VPN type used in an environment where the customers trust the technology to maintain the integrity of the circuit and use the best available security to avoid network traffic sniffing. Secure VPN - All data transferred in this VPN is encrypted and authenticated so that no one from outside can affect its security properties.Hybrid VPN - In this VPN, a secure VPN is run as part of a trusted VPN.Provider-Provisioned VPN - VPN where the trusted VPN and trusted part of the hybrid VPN are usually administered by the ISP or some authority other than the user.Security Risks of the VPNVPN is a technology based on a platform-independent public network infrastructure such as the Internet. It uses the public network to transmit data across to the allocated users, presumably, safe in transit. However, the integrity and safety of data in transit over the Internet is never guaranteed because of its openly used public network infrastructure. Data over the Internet is uncontrollably vulnerable and the technologies used to promote security issues are noticeably untrustworthy. Quite often we hear, someone stealing someone else’s credit card number, prying into others private documents or gaining access to restricted machines over the Internet; these scenarios are only few of the examples to verify the vulnerability of data in transit over the Web. And there are many other known and unknown loopholes in this technology that we may not even be aware of. Some of the challenges that VPN has to meet in order to provide a high-level security are to protect against basic firewalls, network attacks and cryptographic assaults.Lacoul 3Basic firewallsFirewalls are one of the key components to maintain security in VPN. It scans restricted IP addresses or port requests and discards those who try to intrude. When two or more networks are connected over the public network, the use of firewalls sounds more appealing and safe. However, not all the services offered in a firewalled network can be trusted. There are methods to creep into firewalled network and access information readily. Especially in VPN, the sole use of firewalls does do no good to protect connections in a public area. Other mechanisms must be implemented for a higher level of security. With the use of basic firewalls, it only opens a hole in security of VPN technology. Firewall attacks are common among the attackers who want to access the services that a firewall blocks and the machines they are restricted into. Network AttacksNetwork attacks are the most common interceptions
View Full Document
Unlocking...