3.3 VPN's Flashcards
What device manages encryption for VPN’s?
VPN concentrator. It’s a stand alone device or built into the firewall.
What are the different deployment options for VPN’s?
Specialized VPN hardware or software-based VPN’s.
The software VPN’s
Can VPN’s use SSL?
Yes, its common to use a “coffee shop” VPN that operates over port 443. These usually prevent firewall issues. You will probably authenticate with a user name/password and/or two-factor authentication.
How do VPN’s and HTML5 work together?
HTML5 supports API’s to include a Web Cryptography API as a part of the browser. This means you don’t need to install VPN software, SSL VPN’s are basically built into HTML5. You just need to have a browser that supports HTML5.
How does a Full Tunnel VPN connection work?
How does this differ from Split Tunnel VPN’s?
The remote user will send ALL traffic to the networked VPN concentrator first. If the user wants to visit something else on the internet, it will still be routed through the VPN concentrator.
In a split tunnel, the user can visit somewhere else on the internet without having to go through the networked VPN concentrator first.
How do “site-to-site” VPN’s work?
Generally a remote work location and the corporate network will both have firewalls which will also act as VPN concentrators. The VPN concentrators will connect to one another. Additionally, it is very common for that VPN connection to be active all of the time.
What is an L2TP VPN?
L2TP is the Layer 2 Tunneling Protocol. The VPN connects the sites over a layer 3 network, but they act as if they are connected at layer 2.
These are commonly encrypted by IPsec. It’s called L2TP over IPsec.
What part of IPsec provides anti-replay?
Both the AH and the ESP. Packet Signing and sequence numbers.
What is the difference between IPsec Transport and Tunnel Modes?
Transport: Data is encrypted. IP Header is not.
Tunnel: IP header and data is encrypted. A new IP header is placed on the packet and is sent to the IPsec concentrator on the other side of the tunnel.
If you only care about the Integrity of the data, would you use the AH or the ESP? How does this work?
Use the AH only. This is a hash of the packet and a shared key between the two IPsec concentrators.
Hash provides integrity. Shared key provides authentication. Sequence numbers provide anti-replay.
What encryption and hash does the ESP use?
Commonly uses SHA-2 for hash and AES for encryption.
What is the order of the packet in Transport Mode?
IP Header > AH Header > ESP Header > Data > ESP Trailer > Integrity Check Value
What is the order of the packet in Tunnel Mode?
New IP Header > AH Header > ESP Header > IP Header > Data > ESP Trailer > Integrity Check Value
