IPSEC TUNNEL/ SITE-TO-SITE VPN
VPN- VPN is use for private communication over
public network.
All private communication is passing through secure
tunnel, which is call VPN Tunnel.
Basically there are 2 type of tunnel.
Remote access VPN-
Its use for Business purpose, a
employee can take remote access to company private network, so they can work
from home and also while they are travelling.
Or it can also use for personally purpose.
Site-to-Site VPN-
It basically use to connect for
private communication between two same company or different company in
geographical location.
Two same company are connect through Site-to-Site
VPN is called as Intranet based VPN.
Two different company are connect through
Site-to-Site VPN is called as Extranet based VPN.
Types of VPN Protocol
Layer-2 Tunneling Protocol (L2TP)-
Basically is use
for highly secure VPN tunnel, so it combined with one more protocol like IPSec.
L2TP create tunnel between two point & IPsec protocol make data encrypted.
Point-to Point Tunneling Protocol (PPTP)-
PPTP is
one of most oldest protocol and is use in Window-95, developed by Microsoft.
Its unsecured & repeatedly cracking security analysis.
SSL(Secure
Sockets Layer) & TLS (Transport layer Security)-
SSL and TLS create a VPN connection between web
browser and user access tyo allow specific applications in public network. SSL
and TLS protocol is most popular used by online shopping websites and service
providers. In SSL connections https should be used in beginning of the URL.
Open VPN-
Its open source VPN and useful for
creating Point-to-Point and Site-to-Site tunnel & also used for custom
security protocol which are based on SSL and TLS.
Secure Shell (SSH)-
Its creating the
VPN tunnel so data can be transfer and SSH should be encrypted in Tunnel.
Encrypted should be between SSH client & local port on remote server.
IPSec-
Its used for secure communication over public
network. IPSec also have 4 feature to protect the traffic.
1) Confidentiality-The
data should be accessible only for authorized user.
The
data should be encrypted so hacker or unauthorized person should get be unreadable.
2) Integrity-
In this, the data should not be change, modify or corrupted by hacker.
And
authorized user has use Hashing algorithm to check the data been change or not.
3) Authentication-By
using pre-shared keys or a Certificate Authority (CA), need to confirm the
identification of the host.
4) Anti-replay:
If a packet was encrypted & attacker try to capture packets and send to
host side with sequence numbers packets, IPsec will not transmit any duplicate
packets again.
IPSec has 2 modes
Tunnel mode- In this mode it encrypted entire data.
Transport mode- In this mode it encrypted on message
in the data.
IPSec has 2
protocol to provide security.
1) AH(Authentication
Header)-
It provide Integrity & Authentication only, Its does not encrypted
data, It work on both mode-Tunnel & Transport.
Port number is 51.
2) ESP
(Encapsulated Security Payload)-
It provide Confidentially, Integrity &
Authentication only. It work on both mode-Tunnel & Transport.
Port number is 50.
IPSec has 2 Phase-
1) IKE
Phase-1:
IKE Phase-1 use only for Management traffic & negotiate between
two peer with Security Associations (SA) parameter, IKE Phase-1 has 2 mode-
Main mode- 1st
its exchange algorithm & hashing, 2nd its generate secret key by
using Diffie Hellman & 3rd is verification of other identity all
this step are bi-direction and better security
.
Aggressive mode- its
faster process as compare to Main mode & less secure.
2) IKE-Phase-2:
Its use only secure data of the users & negotiates information for IPsec SA
parameters through the IKE SA.
IKE-Phase-2 has only one mode,
which is called Quick mode, In this mode it exchange nonce providing replay
protection & generate secret key.
Its very helpful...
ReplyDelete