So Your Customer Wants a VPN. Howard C. Berkowitz
|
|
- Horatio Golden
- 5 years ago
- Views:
Transcription
1 NANOG May Eugene, OR So Your Customer Wants a VPN Howard C. Berkowitz Gett Communications hcb@clark.net (703)
2 Issues Understanding Requirements Managing Expectations Defining your Service Deployment Issues 2
3 Motivations 3
4 Customer Goals Saving money Saving money Saving money Saving money Saving money Saving money Saving money Saving money Saving money Saving money Enabling workforce distribution Building strategic alliances Improving operational flexibility oooo 4
5 Customer Constraints Availability & Performance Security Compatibility Manageabiity Budget Clue Factor oooo 5
6 Common Customer Confusions VPN over IP = VPN over Internet whee! I can replace all my Frame Relay with $20 a month ISP connections! VPN = selling on the net Membership must be established before communication The VPN does all my security I can get controlled QoS over the Internet 6
7 Workforce Distribution Road Warrior Hotel Telecommuter Mobile User Satellite Office User Source: Cisco University VPN Seminar 7
8 Special Challenges Voice Video Image retrieval Greater involvement with applications 8
9 High Speed Last Mile V.90, multiple modems (MLPPP) ISDN xdsl Fixed wireless Cable Fiber to the neighborhood/building 9
10 Network Commerce Cost Savings Cost Per Transaction $1.20 $1.00 $0.80 $0.60 $0.40 $0.20 $0.00 Branch Telephone ATM PC Banking Internet Department of Commerce, 5/98 1 0
11 Customer Financial Analysis 1 1
12 Cost Components Direct one-time costs Access servers Server routers Direct recurring costs Dial charges Line charges Vendor support Indirect recurring costs WAN Administrator time Security/server administrator time 1 2
13 Direct Cost Comparison Traditional Dial-Up Access VPN Set-up Costs Number of Users Remote Access Server One-time time-installation installation Fee 10 Phone Lines Recurring Costs Monthly Long-Distance charges per minute Average use Per Day Per User in Minutes 20 $3,000 $1,000 $ Number of Users Access Router, T1/E1, DSU/CSU, Firewall VPN Client Software ($50 per user) T1/E1 installation Central Site T1/E1 Intranet Access Monthly ISP access ($20 per user) 20 $4,600 $1,000 $5,000 $2,500 $400 Source: Cisco University VPN Seminar 13
14 Payback in Four Months! Capital Outlay Payback $10.6K Payback: 4 months Annual savings: $30,000 Capital outlay: $10, Month Source: Cisco University VPN Seminar 1 4
15 VPN Outsourcing Options Increasing Enterprise Network Role 90% Network Manager Buys Products from VPN Vendors and Manages Network SP Supplies Basic Internet Access 10% 50% Network Manager Provides Ongoing Application and Configuration Management and Help Desk Support SP Supplies VPN Equipment and Adds QoS to Bandwidth Offering 50% 10% Net Manager Administers Security Server SP Supplies Complete VPN Solution, including Service, Training, and Help Desk 90% Infonetics, 1997 Increasing Service Provider Role 15
16 Defining VPNs 1 6
17 What is it? 3Com white paper "A VPN is a connection that has the appearance and many of the advantages of a dedicated link but occurs over a shared network." VPNs use tunneling 1 7
18 What is it? Ascend (3 related architectures) Virtual Private Remote Networking (VPRN) with tunneling for remote LAN access Virtual Private Trunking (VPT) to establish the equivalent of leased lines among major facilities Virtual IP Routing (VIPR) to internetwork branch offices or establish extranets with closed user groups 1 8
19 What is it? Cisco Customer connectivity deployed on a shared infrastructure with the same policies as a private network Ferguson & Huston A VPN is a private network constructed within a public network infrastructure, such as the global Internet. 1 9
20 What is it? Infonetics VPNs use public networks to extend the reach of the enterprise network to remote sites, individual remote workers, and business partners. V--One "the security technology that will enable companies to leverage the Internet as private enterprise backbone infrastructure." 2 0
21 IETF Work No WG yet. BOF last met in Orlando (December) Many working drafs at draft-gleeson-vpn-framework-01.txt draft-rosen-bgp-mpls-0x.txt draft-berkowitz-vpn-tax-00.txt draft-fox-vpnid-00.txt 2 1
22 Scope and Function Source: VPNet Technologies 2 2
23 More Formally, a VPN has... Core User Capabilities Optional user capabilities Administrative model Mapping methods Transmission infrastructure 2 3
24 Core User Capabilities User Scope Intranet via provider Extranet via provider Hybrid/bypass Set of users and servers Security policy Availability policy Addressing & Naming Model VPN ID (which may be null) 2 4
25 Optional User Capabilities Security mechanisms QoS Mechanisms Billing Addressing & naming services Non-IP support 2 5
26 Operational Model Responsibility for premises routers WAN LAN Responsibllity for user support Responsibility for security Responsibility for QoS Help desk Adds and changes QoS Engineering Measurement Compliance Security Policy Enforcement Response to events 2 6
27 Mapping Functions Tunnels Virtual circuits Real on-demand circuits Real dedicated lines 2 7
28 Transmission Infrastructures Dial networks local loop alternatives: xdsl, cable, etc Frame relay, ATM, other VC services Routed IP clouds MPLS Dedicated lines RFC
29 Core Capabilities 2 9
30 Membership Has to be defined by customer Endpoint may belong to: More than one VPN Intranet Extranet Public Internet Provider has to track multiple VPNs 3 0
31 Security Policy (distinct from plan) Who is authorized to use what Time of day, other qualifiers Kinds of users Operations, inside, partners, public Enforcement policy Something backed by top management Good policy is 1-2 pages 3 1
32 A Secure Communication may have: Authenticity User/client, server Integrity Unitary vs. sequential Non-Repudiation Confidentiality Lightweight, middleweight, strong Availability Network failures, denial of service attacks 3 2
33 Addressing & Naming Model Issues Private vs. public space PI vs PA Multihomed routing Routing registries NAT Application transparency End-to-end assumption traceability Other addressing & naming manipulation 3 3
34 NHS Architecture Customer Core Frame Relay Core VCs VPN Network Mgt Customer Distribution Data Ctr ISP 1 ISP 2 Clinic Data Ctr Local Trans. Clinic address space registered may be private or registered 3 4 Arbitrary registered space -- transcriptionist addresses
35 Clinic Site ISP Access Frame IPsec 3DES Dial/ISDN Interface Voice Server Printer Management Port Router NAT Switch Clinic network PC PC Clinic Network 3 5
36 Non-IP Services Issues Does the ISP really understand these? Transition planning Performance expectations 3 6
37 Trust Models End-to-end Security gateway ISP-centric 3 7
38 Application Models 3 8
39 Access VPN Core VPN Service Remote Users Central Site Clients Central Distribution Central Servers 3 9
40 VPN Distribution Tier VPN Router Access Control Internet Router Provider Network Network Access Servers 4 0
41 Dual VPN access Core Internet Access VPN Service Remote Users Central Site Clients Central Distribution Central Servers 4 1
42 VPN service organization Ent. 2 Ent. 1 Ent. 3 Ent. 4 Service Organization 4 2
43 Hybrid VPN Ent. 2 Ent. 1 Ent. 3 Ent. 4 Service Organization 4 3
44 VPN bypass Ent. 2 Ent. 1 Ent. 3 Ent. 4 Service Organization 4 4
45 Need for Policy Routing Ent. 2 X Ent. 1 Ent. 3 Ent. 4 Service Organization 4 5
46 Optional User Capabilities 4 6
47 Security Services Components Host Customer firewall Network Service provider firewall Certificate Authority Identification servers Log servers Activities User IDs Certificates Key management Attack detection Attack response 4 7
48 Who is Responsible? User identifiation & authorization Password/key management Per-user access lists End-to-end encryption Client distribution Key management Network security Customer routers/firewalls Provider devices Key management Intrusion detection & response 4 8
49 Encryption Performance Tradeoffs Clients IPsec SOCKS/SSL Application Servers Software encryption Coprocessor Router Software encryption Coprocessor Encryption server Firewall Access server Proxy L2TP + IPsec Keys Key size Pregeneration Change frequency Revocation 4 9
50 QoS Deployment Prerequisites Policy Means of identifying and marking priority traffic Workload assumptions KISS mechanisms Dedicated media VCs with good SLA Advanced RSVP WFQ, WRED, etc. Bleeding edge Multiprovider QoS 5 0
51 Addressing & Naming Services Mechanisms DNS inside & outside? who runs? Dynamic addressing DHCP inside PPP (static inside, NAS pools, AAA server, DHCP proxy) Address management for infrastructure Addressing & Naming Manipulation Caches, load-sharing mechanisms 5 1
52 Non-IP services Mechanisms Tunneling Translation Proxies 5 2
53 Operational Responsibilities 5 3
54 Control Points Customer router ISP router at customer site NAS 5 4
55 Help Desks Customer-operated single point ISP-operated single point Separate network & application 5 5
56 Adds, Moves, & Changes Models User to ISP Customer admin to ISP Coordination between customer and ISP 5 6
57 Mapping Functions & the User 5 7
58 NATs and Proxies Load Aware DNS Application Caches Load Sharing NAT PAT/NAPT Classic NAT Content-Aware Proxy Traffic-Aware Proxy Application Proxy Circuit Proxy Stateful Packet Filter Packet Filter Frame Filter IPsec Tunneling 5 8
59 What has to happen? Application Data Transport Data Transport Checksum Application Data Transport Data Transport Checksum Source Port Dest. Port NAT Source Port Dest. Port IP Checksum IP Checksum Source Address Dest. Address Source Address Dest. Address 5 9
60 Layer 3/4 Tunnels IPsec (provides security) GRE (carries security or runs over trusted network) PPTP X9.17, etc. Host IPsec with bogus addresses Other encryption 6 0
61 Layer 2 Tunnels Proxy remote access service Upper layer protocol independent Potential for roaming 6 1
62 Basic Tunnel Payload packet Layer 2 Of payload Tunnel header Present only when tunneling nonroutable nrotocols Delivery 6 2
63 Tunneling Traceroute / /30 Customer Router 1 Tunnel Customer Router 2 ISP Router 1 ISP Router 2 ISP Router / / / / / / / /30 6 3
64 Tunneling MTU Issues Host (MTU=1500) Payload packet Ingress Router (all interfaces MTU=1500) Tunnel header Delivery
65 Secure Paths Multiplexed Routed Encrypted Trusted provider Encrypted Untrusted provider 6 5
66 IPsec scope H End-to-end H H Gateway Gateway H Host- to- Gateway Gateway- to- Gateway Host- to- Gateway 6 6
67 IPsec packets Tunnel Mode Payload Transport Payload IPsec Processing AH/ESP Payload AH/ESP Payload 6 7
68 Combined Tunnels--ISP security IPsec PPP Server User User L2TP 6 8
69 Combined Tunnels -- user security IPsec User IPsec + PPP User L2TP Server 6 9
70 Transmission Infrastructure Constraints 7 0
71 Basic Criteria Adequate bandwidth? Dedicated On-Demand Trust? 7 1
72 Additional Criteria Fault tolerance Quality of Service Service contract (ATM) Dedicated facility Traffic engineered routing RSVP Emerging QOSR 7 2
73 Routed Infrastructure Convergence Policy/special considerations Inter-provider coordination 7 3
74 Conclusions VPNs are a valuable approach to design Even if we aren t quite sure what they are Challenges for ISPs Understanding customer requirements perceptions and beliefs Managing expectations & responsibilities Use deployable technologies 7 4
Virtual Private Networks (VPNs)
CHAPTER 19 Virtual Private Networks (VPNs) Virtual private network is defined as customer connectivity deployed on a shared infrastructure with the same policies as a private network. The shared infrastructure
More informationSecure VPNs for Enterprise Networks
Secure Virtual Private Networks for Enterprise February 1999 Secure VPNs for Enterprise Networks This document provides an overview of Virtual Private Network (VPN) concepts using the. Benefits of using
More informationVirtual private networks
Technical papers Virtual private networks Virtual private networks Virtual private networks (VPNs) offer low-cost, secure, dynamic access to private networks. Such access would otherwise only be possible
More informationSchool of Computer Sciences Universiti Sains Malaysia Pulau Pinang
School of Computer Sciences Universiti Sains Malaysia Pulau Pinang Information Security & Assurance Assignment 2 White Paper Virtual Private Network (VPN) By Lim Teck Boon (107593) Page 1 Table of Content
More informationCisco 5921 Embedded Services Router
Data Sheet Cisco 5921 Embedded Services Router The Cisco 5921 Embedded Services Router (ESR) is a Cisco IOS software router application. It is designed to operate on small, low-power, Linux-based platforms
More informationCreating VPN s with IPsec
2014 Creating VPN s with IPsec SPRING ENTERPRISE INFO SECURITY 4040/601 WILSON CHANCE HINCHMAN This paper will define the term VPN, explain for what and why VPNs are used. IPsec, which is vital to the
More informationCisco How Virtual Private Networks Work
Table of Contents How Virtual Private Networks Work...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 Background Information...1 What Makes a VPN?...2 Analogy:
More informationMicrosoft Privacy Protected Network Access: Virtual Private Networking and Intranet Security
Operating System Microsoft Privacy Protected Network Access: Virtual Private Networking and Intranet Security White Paper Abstract The Microsoft Windows operating system includes technology to secure communications
More informationVPN. Virtual Private Network. Mario Baldi. Synchrodyne Networks, Inc. VPN - 1 M.
VPN Virtual Private Network Mario Baldi Synchrodyne Networks, Inc. http://www.synchrodyne.com/baldi VPN - 1 M. Baldi: see page 2 Nota di Copyright This set of transparencies, hereinafter referred to as
More informationHUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date
HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN Issue 1.1 Date 2014-03-14 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or
More informationMPLS in the DCN. Introduction CHAPTER
CHAPTER 5 First Published: January 3, 2008 Last Updated: January 3, 2008 Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images Use Cisco Feature Navigator to find information
More informationTHE MPLS JOURNEY FROM CONNECTIVITY TO FULL SERVICE NETWORKS. Sangeeta Anand Vice President Product Management Cisco Systems.
THE MPLS JOURNEY FROM CONNECTIVITY TO FULL SERVICE NETWORKS Sangeeta Anand Vice President Product Management Cisco Systems October 20, 2003 1 Agenda Introducing the Full Service Network The MPLS Journey
More informationArchitecting the Network Part 2
Architecting the Network Part 2 Geoff Huston Chief Scientist, Internet Telstra ISOC Workshop Abstract Design Router Interface design model Peer Network Interface Network Infrastructure Client Interface
More informationService Description Safecom Customer Connection Version 3.5
Service Description Safecom Customer Connection Version 3.5 2006 Telecom NZ Ltd Commercial in Confidence CONTENTS 1 INTRODUCTION...3 2 SERVICE DEFINITION...3 2.1 SERVICE OVERVIEW... 3 2.2 SERVICE FEATURES...
More informationQ-Balancer Range FAQ The Q-Balance LB Series General Sales FAQ
Q-Balancer Range FAQ The Q-Balance LB Series The Q-Balance Balance Series is designed for Small and medium enterprises (SMEs) to provide cost-effective solutions for link resilience and load balancing
More informationCS519: Computer Networks. Lecture 8: Apr 21, 2004 VPNs
: Computer Networks Lecture 8: Apr 21, 2004 VPNs VPN Taxonomy VPN Client Network Provider-based Customer-based Provider-based Customer-based Compulsory Voluntary L2 L3 Secure Non-secure ATM Frame Relay
More informationCisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p.
Cisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p. 6 Networking Basics p. 14 Wireless LANs p. 22 Cisco Hardware
More informationBy VPNet Technologies. What s a VPN Anyway? A Virtual Private Networking Primer
By VPNet Technologies What s a VPN Anyway? A Virtual Private Networking Primer What s a VPN Anyway? What s a VPN Anyway? or The Cloud s Silver Lining Is Your Net 1998 VPNet Technologies Inc. All rights
More informationHC-711 Q&As. HCNA-CBSN (Constructing Basic Security Network) - CHS. Pass Huawei HC-711 Exam with 100% Guarantee
HC-711 Q&As HCNA-CBSN (Constructing Basic Security Network) - CHS Pass Huawei HC-711 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money
More informationPassReview. PassReview - IT Certification Exams Pass Review
PassReview http://www.passreview.com PassReview - IT Certification Exams Pass Review Exam : 640-863 Title : Designing for Cisco Internetwork Solutions Vendors : Cisco Version : DEMO Get Latest & Valid
More informationVirtual Private Networks.
Virtual Private Networks thm@informatik.uni-rostock.de http://wwwiuk.informatik.uni-rostock.de/ Content Virtual Private Networks VPN Basics Protocols (IPSec, PPTP, L2TP) Objectives of VPNs Earlier Companies
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationIdentify the features of network and client operating systems (Windows, NetWare, Linux, Mac OS)
Course Outline Network+ Duration: 5 days (30 hours) Learning Objectives: Install and configure a network card Define the concepts of network layers Understand and implement the TCP/IP protocol Install
More informationA-B I N D E X. backbone networks, fault tolerance, 174
I N D E X A-B access links fault tolerance, 175 176 multiple IKE identities, 176 182 single IKE identity with MLPPP, 188 189 with single IKE identity, 183 187 active/standby stateful failover model, 213
More informationNetwork Design with latest VPN Technologies
Network Design with latest VPN Technologies Carsten Rossenhövel Managing Director Which VPN type fits the purpose? SOHO Teleworkers Internet Branch Office Questions to identify: What are the business goals?
More informationNever Drop a Call With TecInfo SIP Proxy White Paper
Innovative Solutions. Trusted Performance. Intelligently Engineered. Never Drop a Call With TecInfo SIP Proxy White Paper TecInfo SD-WAN product - PowerLink - enables real time traffic like VoIP, video
More informationLogical Network Design (Part II)
Logical Network Design (Part II) DCS COMSATS Institute of Information Technology Rab Nawaz Jadoon Assistant Professor COMSATS IIT, Abbottabad Pakistan Telecommunication Network Design (TND) Possible (Part
More informationIntranets and Virtual Private Networks (VPNs)
Intranets and Virtual Private Networks (VPNs) Definition Private networking involves securely transmitting corporate data across multiple sites throughout an entire enterprise. Creating a truly private
More informationMPLS VPN. 5 ian 2010
MPLS VPN 5 ian 2010 What this lecture is about: IP CEF MPLS architecture What is MPLS? MPLS labels Packet forwarding in MPLS MPLS VPNs 3 IP CEF & MPLS Overview How does a router forward packets? Process
More informationWireless LAN, WLAN Security, and VPN
Wireless LAN, WLAN Security, and VPN 麟瑞科技台南辦事處技術經理張晃崚 WLAN & VPN FAQ What is WLAN?802.11a?802.11b?802.11g? Which standard (product) should we use? How to deploy WLAN? How to block intruders? How to authenticate
More informationVPN. Agenda VPN VPDN. L84 - VPN and VPDN in IP. Virtual Private Networks Introduction VPDN Details (L2F, PPTP, L2TP)
VPN Virtual Private Networks Introduction VPDN Details (L2F, PPTP, L2TP) Agenda VPN Classical Approach Overview IP Based Solutions IP addresses non overlapping IP addresses overlapping MPLS-VPN VPDN RAS
More informationCisco 5921 Embedded Services Router
Data Sheet Cisco 5921 Embedded Services Router The Cisco 5921 Embedded Services Router (ESR) is a Cisco IOS software router. It is designed to operate on small, low-power, Linux-based platforms to extend
More informationVirtual Private Networks
Chapter 12 Virtual Private Networks Introduction Business has changed in the last couple of decades. Companies now have to think about having a global presence, global marketing, and logistics. Most of
More informationHillstone IPSec VPN Solution
1. Introduction With the explosion of Internet, more and more companies move their network infrastructure from private lease line to internet. Internet provides a significant cost advantage over private
More informationAnalysis of VPN Protocols
Analysis of VPN Protocols ECE 646 Final Project Presentation Tamer Mabrouk Touhidur Satiar Overview VPN Definitions Emergence of VPN Concept of Tunneling VPN Classification Comparison of Protocols Customer
More informationSITE-TO-SITE LAYER 2 VPN WITH PPP BCP
SITE-TO-SITE LAYER 2 VPN WITH PPP BCP Lay Minh (Makito) CCIE # 47682, MikroTik Certified Trainer, MikroTik Consultant May 5 th, 2017 MikroTik User Meeting, Yangon, Myanmar ABOUT ME Lay Minh (Makito) MikroTik
More informationISP and IXP Design. Point of Presence Topologies. ISP Network Design. PoP Topologies. Modular PoP Design. PoP Design INET 2000 NTW
ISP Network Design PoP Topologies and Design ISP and IXP Design Backbone Design Addressing INET 2000 NTW Routing Protocols Security Out of Band Management IXP/IXP Workshops 1999, Cisco Systems, Inc. 1
More information1.264 Lecture 23. Telecom Enterprise networks MANs, WANs
1.264 Lecture 23 Telecom Enterprise networks MANs, WANs Enterprise networks Connections within enterprise External connections Remote offices Employees Customers Business partners, supply chain partners
More informationExam: : VPN/Security. Ver :
Exam: Title : VPN/Security Ver : 03.20.04 QUESTION 1 A customer needs to connect smaller branch office locations to its central site and desires a more which solution should you recommend? A. V3PN solution
More informationNetwork Service Description
Network Service Description Applies to: Office 365 Dedicated Topic Last Modified: 2015-09-03 Contents... 1 Network Architecture... 2 Customer Connectivity to Services... 5 Customer-Owned Private Network
More informationSecurizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN
Platformă de e-learning și curriculă e-content pentru învățământul superior tehnic Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN MPLS VPN 5-ian-2010 What this lecture is about: IP
More informationIngate Firewall & SIParator Product Training. SIP Trunking Focused
Ingate Firewall & SIParator Product Training SIP Trunking Focused Common SIP Applications SIP Trunking Remote Desktop Ingate Product Training Common SIP Applications SIP Trunking A SIP Trunk is a concurrent
More informationCisco Certified Network Associate ( )
Cisco Certified Network Associate (200-125) Exam Description: The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50 60 question assessment that
More informationL2TP Configuration. L2TP Overview. Introduction. Typical L2TP Networking Application
Table of Contents L2TP Configuration 1 L2TP Overview 1 Introduction 1 Typical L2TP Networking Application 1 Basic Concepts of L2TP 2 L2TP Tunneling Modes and Tunnel Establishment Process 4 L2TP Features
More informationNetPro. from Wireless Logic. Available on a per SIM license basis. No CAPEX. Retain your Airtime Contracts with your existing providers
NetPro from Available on a per SIM license basis Real-time usage monitoring of Data SIMs Retain your Airtime Contracts with your existing providers No CAPEX Secure and resilient connectivity via VPN Be
More informationUnified Communications from West
Unified Communications from West We Connect. We Deliver. Transforming the way your business works & improving its performance Delivering world-class service Uniting and deploying business technologies
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationApplication of Cryptographic Systems. Securing Networks. Chapter 3 Part 4 of 4 CA M S Mehta, FCA
Application of Cryptographic Systems Securing Networks Chapter 3 Part 4 of 4 CA M S Mehta, FCA 1 Application of Cryptographic Systems Learning Objectives Task Statements 1.3 Recognise function of Telecommunications
More informationExpected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy
CHAPTER 9 DEVELOPING NETWORK SECURITY STRATEGIES Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy Network Security Design
More information2001, Cisco Systems, Inc. All rights reserved. Copyright 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.
3001_05_2001_c1 2001, Cisco Systems, Inc. All rights reserved. 1 Introduction to IP Mobility Session 3001_05_2001_c1 2001, Cisco Systems, Inc. All rights reserved. 3 Agenda IP Mobility Overview Terminology
More informationConverged World. Martin Capurro
Information Management in a Converged World Martin Capurro Qwest Product Management Agenda I. Changes In Information Technology II. III. IV. Exploring Technology Trends vs. Needs What is the Buying Opportunity
More informationMANAGED WAN SERVICE GENERAL Service Definition Standard Service Features. Monitor and Notify Service Level Monitoring Notification
MANAGED WAN SERVICE 1. GENERAL 1.1 Service Definition 1.2 Standard Service Features 1.3 Optional Service Features 1.4 Customer Responsibilities 2. SUPPLEMENTAL TERMS 3. SERVICE LEVEL AGREEMENT 4. FINANCIAL
More informationUnified Services Routers
Product Highlights Comprehensive Management Solution Active-Active WAN port features such as auto WAN failover and load balancing, ICSA-certified firewall, and D-Link Green Technology make this a reliable,
More informationCCNA Routing and Switching (NI )
CCNA Routing and Switching (NI400+401) 150 Hours ` Outline The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50 60 question assessment that is
More informationPortfolio Solution Story
Portfolio Solution Story Private Data Networking Secure Gateway Services Secure Gateway Services provided by Verizon Business Services. All services may not be available in all areas. 2006 Verizon. All
More informationX.25 Substitution. Maintaining X.25 services over a fully supported NGN/IP infrastructure. The Challenge. How it Works. Solution
Substitution Maintaining services over a fully supported NGN/ infrastructure The Challenge Legacy services such as are still in use worldwide for a range of applications. Over the years, many customers
More informationVPN Virtual Private Networks
VPN Virtual Private Networks Mathias Schäfer WS 2003/2004 Overview 2 Overview Why VPNs VPN-use-cases Requirements Security Performance Conclusion Why VPNs 3 Why VPNs In business-solutions VPN-technology
More informationCCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, ,
CCNA Cisco Certified Network Associate (200-125) Exam DescrIPtion: The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50 60 question assessment
More informationCato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN
Cato Cloud Software-defined and Cloud-based Secure Enterprise Network Solution Brief NETWORK + SECURITY IS SIMPLE AGAIN Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The
More informationUnifying the Distributed Enterprise with MPLS Mesh
Unifying the Distributed Enterprise with MPLS Mesh Technical Whitepaper January 2015 Copyright 2015 AireSpring Introduction Today s modern enterprises employ IT technologies that deliver higher value,
More informationNetwork Interconnection
Network Interconnection Covers different approaches for ensuring border or perimeter security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Lecture
More informationSD-WAN Deployment Guide (CVD)
SD-WAN Deployment Guide (CVD) All Cisco Meraki security appliances are equipped with SD-WAN capabilities that enable administrators to maximize network resiliency and bandwidth efficiency. This guide introduces
More informationfor Metropolitan Area Networks MPLS No. 106 Technology White Paper Abstract
No. 106 Technology White Paper Page: 1 of 7 MPLS for Metropolitan Area Networks Abstract The demand for bandwidth in Metropolitan Area Networks (MANs) and the increased availability of fiber has created
More informationPassTorrent. Pass your actual test with our latest and valid practice torrent at once
PassTorrent http://www.passtorrent.com Pass your actual test with our latest and valid practice torrent at once Exam : 352-011 Title : Cisco Certified Design Expert Practical Exam Vendor : Cisco Version
More informationNETWORK ARCHITECTURE
GLOBAL MPLS NETWORK ARCHITECTURE The IP backbone is designed to service connectivity for IP and IP VPN services. The backbone network provides IP connectivity between Points of Presence (POPs). The design
More informationVPN World. MENOG 16 Istanbul-Turkey. By Ziad Zubidah Network Security Specialist
VPN World MENOG 16 Istanbul-Turkey By Ziad Zubidah Network Security Specialist What is this Van used for?! Armed Van It used in secure transporting for valuable goods from one place to another. It is bullet
More informationOn Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964
The requirements for a future all-digital-data distributed network which provides common user service for a wide range of users having different requirements is considered. The use of a standard format
More informationL2F Case Study Overview
L2F Case Study Overview Introduction This case study describes how one Internet service provider (ISP) plans, designs, and implements an access virtual private network (VPN) by using Layer 2 Forwarding
More informationConfiguring and Troubleshooting a Windows Server 2008 Network Infrastructure
Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure Course 6421B; 5 Days, Instructor-led Course Description: This five-day instructor-led course provides students with the knowledge
More informationProduct information begins on page 2. Lucent and Ascend have merged.
Product information begins on page 2. Lucent and Ascend have merged. With the Lucent-Ascend merger, customers gain a broader and more powerful portfolio of next-generation data, voice, fax, and video services
More informationWAN Technology & Design. Dr. Nawaporn Wisitpongphan
WAN Technology & Design Dr. Nawaporn Wisitpongphan 1 WAN Connection Modules 2 WAN Comparison 3 Integrated Services Digital Network (ISDN) All-digital phone line connection Technology since 1980s Allow
More informationDeployment Scenarios
This chapter describes and shows some typical deployment scenarios for the Cisco 860, Cisco 880, and Cisco 890 series Intergrated Services Routers (ISRs): About the, page 1 Enterprise Small Branch, page
More information4.1.8 PREMISES-BASED IP VPN SERVICES (PBIP-VPNS) (L )
4.1.8 PREMISES-BASED IP VPN SERVICES (PBIP-VPNS) (L.34.1.4) Qwest achieved an industry first with our premises-based IP VPN services. Our Networx PBIP-VPNS employs a proven service delivery model to ensure
More informationCommunications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise
Communications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise The Changing Landscape IP-based unified communications is widely deployed in enterprise networks, both for internal calling
More informationThis course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N
CompTIA Network+ (Exam N10-007) Course Description: CompTIA Network+ is the first certification IT professionals specializing in network administration and support should earn. Network+ is aimed at IT
More informationisco Cisco PPPoE Baseline Architecture for the Cisco UAC
isco Cisco PPPoE Baseline Architecture for the Cisco UAC Table of Contents Cisco PPPoE Baseline Architecture for the Cisco UAC 6400...1...1 Introduction...1 Assumption...1 Technology Brief...2 Advantages
More informationExecutive Summary...1 Chapter 1: Introduction...1
Table of Contents Executive Summary...1 Chapter 1: Introduction...1 SSA Organization... 1 IRM Strategic Plan Purpose... 3 IRM Strategic Plan Objectives... 4 Relationship to Other Strategic Planning Documents...
More informationCSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
More informationBLM6196 COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS
BLM6196 COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS Prof. Dr. Hasan Hüseyin BALIK (1 st Week) Outline Course Information and Policies Course Syllabus 1. Data Communications, Data Networks, and the Internet
More informationCisco IOS Software Release 15M&T Q&A
Cisco IOS Software Release 15M&T Q&A Last updated: July, 2010 General Q. What is Cisco IOS Software Release 15M&T? A. Developed for wide deployment in the world's most demanding Enterprise, Access, and
More informationDPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0
DPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0 i Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any help,
More informationAsheville-Buncombe Technical Community College Department of Networking Technology. Course Outline
Course Number: NET 226 Course Title: Routing and Switching II Class Hours: 1 Lab Hours: 4 Credit Hours: 3 Course Description: This course introduces WAN theory and design, WAN technology, PPP, Frame Relay,
More informationCisco Group Encrypted Transport VPN
Cisco Group Encrypted Transport VPN Q. What is Cisco Group Encrypted Transport VPN? A. Cisco Group Encrypted Transport is a next-generation WAN VPN solution that defines a new category of VPN, one that
More informationInformation and Communication Networks. Communication
Information Technology Communication Information and Communication Networks Integrating IP and : Delivering QoS in an IP Environment Multiservice Platforms G One infrastructure supporting voice, video
More informationCato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.
Cato Cloud Global SD-WAN with Built-in Network Security Solution Brief 1 Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The rise of cloud applications and mobile workforces
More informationCisco Exam Questions & Answers
Cisco 648-375 Exam Questions & Answers Number: 648-375 Passing Score: 800 Time Limit: 120 min File Version: 22.1 http://www.gratisexam.com/ Cisco 648-375 Exam Questions & Answers Exam Name: Cisco Express
More informationNetwork Connectivity and Mobility Part 2
Network Connectivity and Mobility Part 2 BSAD 141 Dave Novak Topics Covered Lecture is structured based on the five elements of creating a connected world from the text book (with additional content) 1.
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 13 Virtual Private Networks
CS 393 Network Security Nasir Memon Polytechnic University Module 13 Virtual Private Networks Course Logistics HW due Monday. HW 6 posted. Due in a week. Questions regarding homework are best answered
More informationPPPoA Baseline Architecture
PPPoA Baseline Architecture Document ID: 12914 Contents Introduction Assumption Technology Brief Advantages and Disadvantages of PPPoA Architecture Advantages Disadvantages Implementation Considerations
More information: Designing for Cisco Internetwork Solutions (DESGN) v2.1
640-864: Designing for Cisco Internetwork Solutions (DESGN) v2.1 Course Introduction Course Introduction Module 01 - Network Design Methodology Overview Understanding the Network Architectures for the
More informationExam: Title : Routing & Switching Exam (RSS) Ver :
Exam: 646-521 Title : Routing & Switching Exam (RSS) Ver : 01.02.04 Missing answer will be provided shortly. QUESTION 1 What does the Catalyst 6500 Network Analysis Module (NAM) do? (Choose two) A. Gives
More informationIPv6 Deployment Planning
IPv6 Deployment Planning ISP Workshops Last updated 1 st October 2016 1 Introduction p Presentation introduces the high level planning considerations which any network operator needs to be aware of prior
More informationUpdate on IP VPN work in ITU-T
Update on IP VPN work in ITU-T Marco CARUGI France Télécom R&D marco.carugi@francetelecom.fr San Diego - December 2000 PPVPN-14.12.00-Carugi 1 ITU work on IP VPNs starts in Kyoto, March 00 Study Group
More informationEvaluating networking technologies
Evaluating networking technologies Navigating through the latest range of networking solutions can be challenging for enterprises aiming to improve their productivity and efficiency. They need to select
More informationTunnel within a network
VPN Tunnels David Morgan Tunnel within a network B C E G H I A D F - Packet stream of protocol X - Packet stream of protocol Y - Packet stream: X over Y or X tunneled in/through Y 1 Packet encapsulation
More informationThe high-speed services required for these customers and environments include:
Chapter 7 NETWORK MODELS THE NEED FOR MULTISERVICES technology provides a cost-effective means for service users to gain access from the residence or office to very high-speed network services. transmission
More informationDHCP Overview. Information About DHCP. DHCP Overview
The Dynamic Host Configuration Protocol (DHCP) is based on the Bootstrap Protocol (BOOTP), which provides the framework for passing configuration information to hosts on a TCP/IP network. DHCP adds the
More informationTEXTBOOK MAPPING CISCO COMPANION GUIDES
TestOut Routing and Switching Pro - English 6.0.x TEXTBOOK MAPPING CISCO COMPANION GUIDES Modified 2018-08-20 Objective Mapping: Cisco 100-105 ICND1 Objective to LabSim Section # Exam Objective TestOut
More informationWAN Technologies CCNA 4
WAN Technologies CCNA 4 Overview Note: Most of this will be described in more detail in later chapters. Differentiate between a LAN and WAN Identify the devices used in a WAN List WAN standards Describe
More informationCustom Connect. All Area Networks. customer s guide to how it works version 1.0
All Area Networks Custom Connect customer s guide to how it works version 1.0 The information in this technical user guide and the glossary of terms has been prepared in good faith and is correct at the
More information