SEMINAR ON VIRTUAL

PRIVATE NETWORK
PREPARED BY:

NIHAR M. BAXI (ROLL NO.4)

MIHIR V. JOSHI (ROLL NO.16)

GUIDED BY:
G.T CHAVAN SIR
 VIRTUAL PRIVATE
NETWORK
 Definition and introductory notes
VPN is the network which uses
open distributed infrastructure of
the internet to transmit data
between corporate sites.
 NEED FOR DEVELOPING
VPN
 Remote employees interested to
access database of corporations.
 Corporate sites developing new

relations.
 Increasing growth of the corporation.
 VPN RESOLVES THE
PROBLEM
 It provides flexibility and scalability
 Cost advantage.

 Makes free from maintenance and

training.
 WORKING OF VPN
 STEP1…
 STEP2…

 STEP3…

 STEP4…
 WORKING-STEP1 (cont…)
 The remote user dials into their local ISP and
logs into the ISP’s network as usual.

BACK
 WORKING-STEP2 (cont…)
 When connectivity to the corporate network is
desired, the user initiates a tunnel request to
the destination Security server

• BACK
 WORKING-STEP3 (cont…)
 The user then sends data through the tunnel which encrypted by the VPN software before
being sent over the ISP connection

BACK
 WORKING-STEP4 (cont…)
 The destination Security server receives
the encrypted data and decrypts.
 TYPES OF VPN
 VLL-Virtual leased lines.
 VPRN-virtual private routed network.

 VPDN-virtual private dial-up network.

 VPLS-virtual private LAN segments.

 Intranet VPN.

 Extranet VPN.

 Remote access VPN.

 VIRTUAL LEASED LINES
 Point to point link
between two CPE
 IP tunnel between
2 ISP edge routers.
 Frames are relayed
between IP tunnels.
 VIRTUAL PRIVATE
ROUTED NETWORK
 Emulation of multisite
WAN using internet.
 Packet forwarding at
network layer.
 VPRN specific
forwarding table at
ISP routers that
forwards the traffic.
VIRTUAL PRIVATE DIAL-UP
NETWORK
 On demand tunnel between remote
user and corporate sites.
 There are possible 2 tunnels.

1… compulsory tunnel.
2… voluntary tunnel.
 COMPULSORY TUNNEL
 In this scenario L2TP
Access Contractor
(LAC) acting as a dial
or network access
server extends a PPP
session across a
backbone using L2TP
to a remote L2TP
Network Server
(LNS). The operation
of initiating the PPP
session to the LAC is
transparent to the
user.
BACK
VOLUNTARY TUNNEL
 Voluntary tunnel
refers to the case
where an individual
host connects to a
remote site using a
tunnel originating on
the host, with no
involvement from
intermediate network
nodes. Tunnel
mechanism chosen can
be IPSec or L2TP.
VIRTUAL PRIVATE LAN
SEGMENTS
 A Virtual
Private LAN
Segment (VPLS)
is the emulation
of a LAN
segment using
internet
facilities.
INTRANET VPN
 The branch office
scenario securely
connects two
trusted intranets
within the
organization.
 Routers or
firewalls acting as
gateways for the
office with vpn
capabilities can be
used to protect the
corporate traffic.
 EXTRANET VPN
 In this scenario multiple supplier intranets that need to
access a common corporate network over the Internet.
Each supplier is allowed access to only a limited set of
destinations within the corporate network.
 REMOTE ACCESS VPN
 A remote user wants to be able to communicate securely
and cost-effectively to his corporate intranet. This can be
done by use of an VPN IPSec enabled remote client and
firewall (or gateway).
 TUNNELING
 tunneling is the process of placing an entire packet within
another packet and sending it over a network.
 Tunneling requires three different protocols
1… Carrier protocol
2… Encapsulating protocol
3… Passenger protocol

 EXAMPLE OF TUNNELING
 TUNNELING (cont…)
 The truck is the carrier protocol, the box is the
encapsulating protocol and the computer is the passenger
protocol.
 VPN PROTOCOLS
 1. PPTP (Point-to-point tunneling
protocol)
 2. IPsec (IP security).

 3. L2TP (layer2 transmission protocol).

 LAYER2 TRANSMISSION
PROTOCOL

 What is actually the layer two

transmission protocol ???

NEXT
 POINT TO POINT
TUNNELING PROTOCOL
 Introduction to PPTP.
 How actually PPTP works ???

 Security provided by PPTP.

 Advantages of PPTP.

 Disadvantages of PPTP.

BACK
 INTERNET PROTOCOL
SECURITY
 Introduction to IP security.
 Features of IP security.

 Types of IPsec protocols.

 Types of modes used in IPsec.

BACK
 SECURITY OF VPN

 Hardware solution
 Remote access control.
 CERTAIN H/W AND S/W
SPECIFICATIONS…
 Desktop software client for each remote
user
 Dedicated hardware such as a VPN
Concentrator or Secure
 PIX Firewall
 Dedicated VPN server for dial-up services
 NAS (Network Access Server) used by
service provider for
 remote user VPN access
 VPN CONCENTRATOR
 It incorporates the
most advanced
encryption and
authentication
techniques for
Remote access
VPN.
VPN-OPTIMIZED ROUTER
 VPN-optimized
routers provide
scalability, routing,
security and quality
of service.
 PIX FIREWALL
 Firewall combines
dynamic network
address
translation, proxy
server, packet
filtration, firewall
and VPN
capabilities in a
single piece of
hardware.
VPN/VOIP Application
 ADVANTAGES OF VPN

 Cost saving.
 Reduces the long distance charges of

electronic transactions.
 Concrete security.
 DISADVANTAGES OF VPN
VPNs require an in-depth understanding of public
network security issues and taking proper
precautions in VPN deployment.

The availability and performance of an organization's

wide-area VPN (over the Internet in particular)
depends on factors largely outside of their control.

VPN technologies from different vendors may not

work well together due to immature standards.
 CONCLUSION

 From this we can conclude that VPN

provides a very safe , secure and
cost-effective communication
infrastructure.
ANY QUERIES ???
THANKING YOU !!!