Header
Home | Sitemap  
Sections
Archive
Su Mo Tu We Th Fr Sa
1
2345678
9101112131415
16171819202122
23242526272829
30
Syndication


Home : Wi-Fi Security : Common VPN and Tunneling Protocols

Common VPN and Tunneling Protocols

by

image

 

Common VPN and Tunneling Protocols

Let us discuss the most common and widely used real-world VPN protocols. The growing number of users, the ease of accessibility, and the reduced cost of the Internet connection have introduced a greater need for cost-effective and secure communications without purchase of leased lines. Many companies participated in the development that resulted in the creation of different VPN standards and protocols. We discuss the most common ones here.

IPSec

IPSec is the most widely acknowledged, supported, and standardized of all VPN protocols. It is the ultimate choice for interoperability reasons. IPSec is a framework of open standards that produced a secure suite of protocols that can be run on top of the existing IP connectivity. It provides both data authentication and encryption services at the third OSI layer and can be implemented on any device that communicates over IP. Unlike many other encryption schemes that protect a specific high-layer protocol, IPSec, working at the lower layer, can protect all traffic that is carried over IP. It is also used in conjunction with Layer 2 tunneling protocols to provide both encryption and authentication for non-IP traffic.

The protocol incorporates three major components: the Authentication Header (AH), Encapsulating Security Payload (ESP), and Internet Key Exchange (IKE).

The AH is added after the IP header and provides packet-level authentication and integrity services, ensuring that the packet was not tampered with along the way and originated from the expected sender. ESP provides confidentiality, data origin authentication, integrity, optional antireplay service, and limited traffic flow confidentiality. Finally, IKE negotiates security associations that describe the use of security services between participating entities.

PPTP

Point-to-Point Tunneling Protocol (PPTP) is a proprietary development of Microsoft intended for VPN-like communications. PPTP offers user authentication employing authentication protocols such as MS-CHAP, CHAP, SPAP, and PAP. The protocol lacks the flexibility offered by other solutions and does not possess the same level of interoperability as the other VPN protocols, but its use is easy and abundant in the real world.

It consists of three types of communication:

  • PPTP connection, where a client establishes a PPP link to an ISP.

  • PPTP control connection, where the user creates a PPTP connection to the VPN server and negotiates the tunnel characteristics.

  • PPTP data tunnel, where both client and server exchange communications inside an encrypted tunnel.

PPTP is commonly used for creation of secure communication channels between a large number of Windows hosts on the intranet. We have to caution you that it has a long history of insecurities and typically uses lower grade encryption ciphers, such as MD4 or DES.

GRE

Generic Routing Encapsulation (GRE) is a Cisco-developed protocol that is used in networking to tunnel traffic between different private networks. This includes non-IP traffic that cannot be carried across the network in its native form. Even though it does not provide any encryption by itself, it does provide efficient low-overhead tunneling. GRE is often used in conjunction with network-layer encryption protocols to accommodate both features provided by GRE, such as encapsulation of non-IP protocols, and encryption provided by other protocols, such as IPSec.

L2TP

Jointly developed by Cisco, Microsoft, and 3Com, L2TP promised to replace PPTP as a major tunneling protocol. It is essentially a combination of PPTP and Cisco Layer Two Forwarding (L2F), merging both into a single standard. L2TP is used to tunnel PPP over a public IP network. It relies on PPP to establish a dial-in connection using PAP or CHAP authentication but, unlike PPTP, L2TP defines its own tunneling protocol. Because L2TP works on Layer 2, the non-IP protocols can be transported through the tunnel, yet it will work on any Layer 2 media, such as ATM, Frame Relay, or 802.11. The protocol does not offer encryption by itself, but it can be used in conjunction with the other protocols or application-layer encryption mechanisms to provide for security needs.

283 times read

Related news
» L2TP
by admin posted on Jul 13,2007
» IPsec
by admin posted on Jul 13,2007
» VPN Types
by admin posted on Oct 14,2007
» Tunneling
by admin posted on Jun 30,2007
» Alternative VPN Implementations
by admin posted on Dec 26,2006


More Top News
Cisco Wireless Networking
arrow What is a WLAN?
arrow How does a Wireless LAN Work?
arrow WLAN Benefits
arrow WLAN Design Considerations
arrow Accounting for the Fresnel Zone and Earth Bulge
arrow Radio Frequency Interference
arrow Interference from Radio Transmitters
arrow Harmonics
arrow Application Considerations
arrow Structural Considerations
arrow Security Considerations
arrow Network Management Considerations
arrow WLAN Modes of Operation
arrow What is a Wireless-aware LAN?
arrow Wireless-aware LAN Benefits
arrow Wireless Domain Services for IEEE 802.1X Local Authentication Service and Fast Secure Roaming Support
arrow Rogue AP Detection and Locatio
arrow Interference Detection to Isolate and Locate Network Interference
arrow Simplified WLAN Deployment Processes with Assisted Site Surveys
arrow Streamlined WLAN Management and Operations Support
arrow Seamless Delivery of Enhanced Network Security Solutions
arrow Radio Frequency (RF) Basics
arrow Transmitting Radio Signals over EM Waves
arrow Rogue AP Detection and Locatio
arrow Anatomy of a Waveform
arrow Propagating a Strong Radio Signal
arrow Understanding Signal Power and S/N Ratio
arrow Attenuation
arrow Bouncing
arrow Who Uses Wireless Technology?
arrow Wireless Security Filtering
arrow Wireless Security WPA
Most Popular
Featured Author

admin

image
wireless Business Project Management Beautiful Pictures
Website Statistics