Cisco ICND2 – Describe VPN technology (including: importance, benefits, role, impact, components)

VPN stands for Virtual Private Network and extends network access to that beyond its current network. There are different types of VPN, these are:

  • Site-to-site VPN – Connects a company remote sites over the Internet together
  • Remote access VPN – Allow users to connect in from any remote location outside of the company over the Internet.

IPSec operates at layer 3 of the OSI model. IPSec is an industry standard created by IETF that provides security at the network layer.

Authentication Header (AH)  – Sender and receiver generate the same one-way hash. If packet has been changed it will be dropped.

Encapsulation Security Payload (ESP) – Provides data confidentiality, data integrity and replay service.

Symmetric encryption uses a shared secret to encrypt and decrypt. DES, 3DES and AES are different types of encryption.

Assymmetric encryption uses private and public keys. Public key is shared but private key is only know to the host. RSA is common encryption.

Benefits:

  • Cheaper – No need to get a second line to link sites, can use VPN and use existing connections to the Internet
  • Encrypted making the connection secure
  • Can have more than one VPN connection – Can connect to mutliple sites and allow remote users

Disadvantages:

  • Requires more overhead on the Router for encryption/decryption