LS 122 104x - Regtops

wanderooswarrenAI and Robotics

Nov 21, 2013 (3 years and 6 months ago)

68 views



Course Name

VPN Fundamentals

Course Number

LS 122 104

Course Duration

2 days

Course Description

A VPN is a communications environment in which access is
controlled to
permit peer connections only within a defined
community of interest, and is constructed though some form of
partitioning of a common underlying communications medium,
where this underlying communications medium provides services to
the network on a non
-
exc
lusive basis.

Virtual private networks have become an essential part of today's
business networks, as they provide a cost
-
effective means of
assuring private internal and external communications over the
shared Internet infrastructure. Virtual Private Netw
orks:
Technologies and Solutions is a comprehensive, practical guide to
VPNs.

VPN Fundamentals includes VPN concepts and architectures,an in
-
depth examination of advanced features and functions such as
tunneling, authentication, access control, VPN gatewa
ys, VPN
clients, and VPN network and service management.

This course presents the various technology components, concrete
solutions, and best practices you need to deploy and manage a
highly successful VPN.

Course Objective

After completing this course,

attendees will be able to:



Understand IPsec, featuring the Authentication Header,
Encapsulating Security Payload, Internet Key

Exchange, and implementation details



Understand PPTP, L2F, L2TP, and MPLS as VPN tunneling
protocols



Review Two
-
party and th
ree
-
party authentication, including
RADIUS and Kerberos



Explore Public key infrastructure (PKI) concept and its
integration into VPN solutions



Understand Access control policies, mechanisms, and


management, and their application to VPNs



Review VPN gateway functions, including site
-
to
-
site intranet,
remote access, and extranet



Review Gateway configuration, provisioning, monitoring, and
accounting



Explore Gateway interaction with firewalls and routers



Understand VPN client implementation

issues, including
interaction with operating systems



Understand Client operation issues, including working with NAT,
DNS, and link MTU limits



Explore VPN service and network management architectures
and tunnel and security management



Review successful
VPN deployments



Discuss successful and unsuccessful VPN deployments



Step through a practical process for managing a VPN
deployment project



Explore the current and future market trends

Target Audience

IT Managers, Security Officers, Network Engineers, T
ech Support
and anyone who is interested in VPN.

Prerequisites

Basic Knowledge of TCP/IP and Networking

Course Module



Introduction



VPN Definition



Potential Uses and Benefits



VPN Motivation



The VPN Market



VPN Requirements



Building Blocks of a VPN



VPN Technologies



VPN Topology



VPN Protocols



VPN versus Mobile IP



VPN Architectures



VPN Requirements, Building Blocks, and Architectures





Implementer
-
based VPN Architectures



Security
-
based VPN Architectures



Layer
-
based VPN Architectures



Class
-
based V
PN Architectures Site
-
to
-
Site Intranet VPNs



Remote Access VPNs



Extranet VPNs



Key Aspects of VPN Security



Overview of Network Security



Internet Architecture



Security Issues Connecting to Internet



Relevant Cryptography



Generic Secure Channel



Cryptogr
aphy



Shared Key Cryptography



Public Key Cryptography



Digital Signatures



Message Authentication Codes



Tunnels and VPN



Data Integrity and Confidentiality.



VPN Tunneling Protocols



PPTP



L2F



L2TP



Ipsec



MPLS



Point
-
to
-
Point Protocol (PPP
)



Overview and Basic Operation



Basis for L2 VPN Protocols



Major Components



Wire Authentication Protocols



Backend Authentication Servers



Configuration of Network Protocols



Layer Two VPN Protocols



Common Aspects



Advantages and Disadvantages





Layer Two F
orwarding (L2F)



Point
-
to
-
Point Tunneling Protocol (PPTP)



Layer Two Tunneling Protocol (L2TP)



IP Security Protocol (IPSEC)



Basic IPsec Concepts



IPsec and VPNs



Authentication Header (AH)



Encapsulating Security Payload (ESP)



Internet Key Exchange (IKE)




Operational Modes



Security Associations



Mandatory Configurations



Issues with Remote Access



Key Management



ANX Implementation



L2TP with IPSEC



Phase 1 Negotiation



Phase 2 Negotiation



IPsec Implementation



Authentication and access control in VPN



PAP and CHAP



PPP Authentication



RADIUS



S/KEY and OTP



Trusted Third
-
Party Authentication



Kerberos



X.509 Public Key Infrastructure



Pretty Good Privacy Trust Model



Authentication in VPNs



Gateway
-
Gateway Authentication



Access Control Policy



Access C
ontrol Rules



Access Control Lists



Access Control Policy Management



Access Control in VPNs





Public Key Infrastructure (PKI) and VPNs



PKI Architecture



Certification



Validation



Trust Models



Digital Certificate Formats



X.509 Digital Certificate



Certificate Management System



Certificate Protocols



Certificate Use in VPNs



VPN SOLUTIONS and implementations



Assessing Your Environment and Needs



Design Methodology



Basic Administrative Tasks



VPN Project Management



Successful VoIP deployments



A pr
actical process for managing a VoIP deployment project



VPN Gateways.



Gateway Configuration and Provisioning



VPN Gateway and Firewall



VPN Design Issues



A VPN Solution Scenario



VPN Clients



Alternative VPN Clients



A Remote Access VPN Scenario



QOS and

Performance Issues



Factors Affecting Performance



QOS Defined



TCP Operation



Broad Protocol Options



Applicability to VPNs



Role of the ISP



Multiprotocol Label Switching (MPLS)



Evolution of Typical ISP Backbone



Attempts at Switching IP Traffic





Applicability to VPNs



VPN Network and Service Management



Network Management Architecture



Network Management Protocols



Applicable MIBs and Probes



SNMP Issues



VPN Service Management.



Service Level Agreement.



Network Operations Center (NOCs)



Redundancy

and Load
-
balancing



Integration with Existing Security



Survey of VPN Products and Services



Product Categories



Vendor Survey



Factors in Product Selection



Outsourcing Options



Future Trends