Types of VPN and Encryption Techniques
Added on -2022-09-16
| 13 pages| 2690 words| 49 views
Trusted by 2+ million users,
1000+ happy students everyday
Showing pages 1 to 4 of 13 pages
Running head: TYPES OF VPN AND ENCRYPTION TECHNIQUES
Types of VPN and Encryption Techniques
Name of the Student
Name of the University
Author Note
Types of VPN and Encryption Techniques
Name of the Student
Name of the University
Author Note
TYPES OF VPN AND ENCRYPTION TECHNIQUES
1
Summary
As per several researches conducted thus far, VPNs are found to play an
important role in securing networks of organizations. The report evaluates SSL
and IPsec VPN mechanisms and investigates SSL VPN implementations along
with the authentication and encryption involved. First, the report presents the
literature review on SSL and IPsec VPN. Then the report proceeds to answer the
various questions regarding the investigation of SSL VPN used by a website. After
mentioning the attacks to remote access, the report ends with concluding notes.
1
Summary
As per several researches conducted thus far, VPNs are found to play an
important role in securing networks of organizations. The report evaluates SSL
and IPsec VPN mechanisms and investigates SSL VPN implementations along
with the authentication and encryption involved. First, the report presents the
literature review on SSL and IPsec VPN. Then the report proceeds to answer the
various questions regarding the investigation of SSL VPN used by a website. After
mentioning the attacks to remote access, the report ends with concluding notes.
TYPES OF VPN AND ENCRYPTION TECHNIQUES
2
Introduction
The report tries to highlight how important VPNs are in securing network
infrastructures of organizations. This report evaluates SSL and IPsec VPN
mechanisms and investigates SSL VPN implementations along with the
authentication and encryption involved. The report starts by presenting the
literature review on SSL and IPsec VPN. Then the report shows and discusses of
SSL VPN use by a website with the help of screenshots and similarly show use of
digital signatures and SHA encryptions. The report also talks about SSL VPN
client options and remote database access with SSL VPN. Then the SSL attacks
and attacks to remote access get discussed after which the report ends with
concluding notes.
A. Literature Review
A VPN or Virtual Private Network is an application or service that serves to
protect privacy of users as also increase overall security against cyber-attacks
over the Internet [5]. VPNs is used to connect two computers in a secure and
private manner through the internet. VPNs are designed for providing secure,
encrypted tunnels for transmitting data with remote users from the company
network.
The IPsec VPN is a functionality of the IP layer protocol which enables
transmission of encrypted packets of all kinds of protocols be it TCP, UDP or ICMP
without getting modified [8]. Internet Key Exchange or IKE is the IPsec or Internet
Protocol Security’s standard protocol that gets used for ensuring secure VPN
negotiations as well as remote network access.
SSL refers to the application layer protocol that is used for protecting HTTP
transactions and is also used for purposes like POP3 and IMAP. SSL is only
compatible with applications that run using the TCP protocol though the
applications need to be modified to run with SSL. SSL makes use of four key
protocols namely the handshake protocol, change cipher spec protocol, alert
protocol and application data protocol.
The Cisco Adaptive Security Appliance or ASA makes use of IPsec for LAN
to LAN VPN connection and provides options to use IPsec for client to LAN VPN
connections [10]. While establishing the tunnel, two peers negotiate the security
associations governing the authentications, encryptions, encapsulations, and key
2
Introduction
The report tries to highlight how important VPNs are in securing network
infrastructures of organizations. This report evaluates SSL and IPsec VPN
mechanisms and investigates SSL VPN implementations along with the
authentication and encryption involved. The report starts by presenting the
literature review on SSL and IPsec VPN. Then the report shows and discusses of
SSL VPN use by a website with the help of screenshots and similarly show use of
digital signatures and SHA encryptions. The report also talks about SSL VPN
client options and remote database access with SSL VPN. Then the SSL attacks
and attacks to remote access get discussed after which the report ends with
concluding notes.
A. Literature Review
A VPN or Virtual Private Network is an application or service that serves to
protect privacy of users as also increase overall security against cyber-attacks
over the Internet [5]. VPNs is used to connect two computers in a secure and
private manner through the internet. VPNs are designed for providing secure,
encrypted tunnels for transmitting data with remote users from the company
network.
The IPsec VPN is a functionality of the IP layer protocol which enables
transmission of encrypted packets of all kinds of protocols be it TCP, UDP or ICMP
without getting modified [8]. Internet Key Exchange or IKE is the IPsec or Internet
Protocol Security’s standard protocol that gets used for ensuring secure VPN
negotiations as well as remote network access.
SSL refers to the application layer protocol that is used for protecting HTTP
transactions and is also used for purposes like POP3 and IMAP. SSL is only
compatible with applications that run using the TCP protocol though the
applications need to be modified to run with SSL. SSL makes use of four key
protocols namely the handshake protocol, change cipher spec protocol, alert
protocol and application data protocol.
The Cisco Adaptive Security Appliance or ASA makes use of IPsec for LAN
to LAN VPN connection and provides options to use IPsec for client to LAN VPN
connections [10]. While establishing the tunnel, two peers negotiate the security
associations governing the authentications, encryptions, encapsulations, and key
TYPES OF VPN AND ENCRYPTION TECHNIQUES
3
management processes. Such negotiations include two phases one - tunnel
establishment (IKE SA) and two – traffic governance within tunnel (IPsec SA).
Cisco AnyConnect can support multiple connections on mobile devices by
addressing various secure gateways and VPN tunnels [6]. Connection entries
identify the secure gateway address from the fully qualified domain name that is
IP address, as also the tunnel URL if needed. Thus, this VPN can protect from
rapid proliferation of mobile devices on a daily basis.
B. Authentication and Access Control
1. Analyse and write report on how the browser ensures
that it is communicating to the right server. Please visit
a website and add screenshots also highlighting the
related part. How SSL and TLS provide authentication?
The web browser and the web servers work in tandem to operate on a client-
server basis. In the field of computer networking, client-server system refers to
the standardized method to design applications in which data gets stored on
central locations that is the servers and are efficiently shared among a range of
computers called clients as per the requests received. Every web browser act as
a client which requests information from the websites that is web servers hosting
the website.
3
management processes. Such negotiations include two phases one - tunnel
establishment (IKE SA) and two – traffic governance within tunnel (IPsec SA).
Cisco AnyConnect can support multiple connections on mobile devices by
addressing various secure gateways and VPN tunnels [6]. Connection entries
identify the secure gateway address from the fully qualified domain name that is
IP address, as also the tunnel URL if needed. Thus, this VPN can protect from
rapid proliferation of mobile devices on a daily basis.
B. Authentication and Access Control
1. Analyse and write report on how the browser ensures
that it is communicating to the right server. Please visit
a website and add screenshots also highlighting the
related part. How SSL and TLS provide authentication?
The web browser and the web servers work in tandem to operate on a client-
server basis. In the field of computer networking, client-server system refers to
the standardized method to design applications in which data gets stored on
central locations that is the servers and are efficiently shared among a range of
computers called clients as per the requests received. Every web browser act as
a client which requests information from the websites that is web servers hosting
the website.
Found this document preview useful?
You are reading a preview
Upload your documents to download
or
Become a Desklib member to get accesss
Paid Plans
Free Plan
Single Unlock
Monthly Plan
Yearly Plan