CompTIA Sec+ | Microsoft MTA Security: Tunneling

• gol


• 5 Feb 2016

Tunneling, VPN, and IPSec

we learned about some of the more common remote access protocols in use today. You should recall that a remote access protocol allows remote access to a network or host and is usually employed in dial-up networking. Alternatively, some remote access technologies are involved in remote control of a host, such as through secure shell or Telnet.

However, another class of remote access technologies does exist. This class is related to two of the fundamental aspects of information security: confidentiality and availability. This type of remote access technology allows a user to securely dial in or otherwise access a remote network over an encrypted and difficult-to-intercept connection known as a “tunnel.” These protocols are therefore usually referred to as tunneling or secure remote access protocols.

 

VPN

A virtual private network is a pseudo-LAN that is defined as a private network that operates over a public network. It allowsremote hosts to dial into a network and join the network basically as if it were a local host, gaining access to network resources and information as well as other VPN hosts. The exam will test you on your ability to recognize different applications of VPN networks. Use common sense here! Obviously, VPN networks would likely be employed in settings in which information security is essential and local access to the network is not available. For example, a VPN might be utilized by a telecommuting employee who dials into the office network.

 

PPTP

PPTP, or Point-to-point tunneling protocol, is a commonly implemented remote access protocol that allows for secure dial-up access to a remote network. In other words, PPTP is a VPN protocol. PPTP utilizes a similar framework as PPP (point-to-point protocol) for the remote access component but encapsulates data into undecipherable packets during transmission. It is as its name implies: an implementation of PPP that utilizes tunneling by encapsulating data.

 

IPSec

IPSec is a heavily tested area of the Security+ exam. You will inevitably see at least one question on IPSec and probably around three, so it will be to your benefit to understand IPSec well. IPSec allows for the encryption of data being transmitted from host-to-host (or router-to-router, or router-to-host… you get the idea) and is basically standardized within the TCP/IP suite. IPSec is utilized in several protocols such as TLS and SSL. You should know that IPSec operates in two basic modes. We will now study these modes in greater detail.

• Transport Mode – Provides host-to-host security in a LAN network but cannot be employed over any kind of gateway or NAT device. Note that in transport mode, only the packet’s information, and not the headers, are encrypted.
• Tunneling Mode – Alternatively, in tunneling mode, IPSec provides encapsulation of the entire packet, including the header information. The packet is encrypted and then allowed to be routed over networks, allowing for remote access. Because of this, we are usually most interested (at least for exam purposes) in the Tunneling mode.

IPSec is comprised of two basic components that provide different functionality:

• AH – Authentication Header (AH) can provide authentication of the user who sent the information as well as the information itself
• ESP – Encapsulating Security Protocol (ESP) can provide actual encryption services which can ensure the confidentiality of the information being sent.

L2TP

L2TP, or Layer 2 Tunneling Protocol, is an alternative protocol to PPTP that offers the capability for VPN functionality in a more secure and efficient manner. Rather than actually replacing PPP as a remote access protocol or IPSec as a security protocol, L2TP simply acts as an encapsulation protocol on a very low level of the OSI model – the Data Link layer. L2TP, therefore, commonly utilizes PPP for the actual remote access service and IPSec for security. Note that L2TP operates on a client/server model with theLAC (L2TP Access Concentrator) being the client and the LNS (L2TP Network Server) acting as the server.

 

 

 

**Source by wikipedia**

To Become Cretified For CompTIA Security+ Please Visit This Link ;