Intranets and Virtual Private Networks (VPNs)

Similar documents
Secure VPNs for Enterprise Networks

Cloud Leased Line (CLL) for Enterprise to Branch Office Communications

Competitive Public Switched Telephone Network (PSTN) Wide- Area Network (WAN) Access Using Signaling System 7 (SS7)

VIRTUAL PRIVATE NETWORKS (VPN)

RingCentral White Paper UCaaS Connectivity Options in the New Age. White Paper. UCaaS Connectivity Options in the New Age: Best Practices

There are two ways to establish VCs:

Truffle Broadband Bonding Network Appliance

Fig (1) client and Server network

School of Computer Sciences Universiti Sains Malaysia Pulau Pinang

Virtual private networks

A typical WAN structure includes the following components.

Frame Relay or Internet VPNs

BLM6196 COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS

Introduction to WAN Technologies

Enterprise Network Design

Network Devices,Frame Relay and X.25

E-Commerce. Infrastructure I: Computer Networks

Local area network (LAN) Wide area networks (WANs) Circuit. Circuit switching. Packets. Based on Chapter 2 of Gary Schneider.

Cisco How Virtual Private Networks Work

A Software-Defined WAN is a Business Imperative

WAN Technologies CCNA 4

Exam: Title : Routing & Switching Exam (RSS) Ver :

Data and Computer Communications

Evaluating networking technologies

Network Services. Product Catalog

WITH RELIABLE, AFFORDABLE ENTERPRISE PRI

L2F Case Study Overview

Enterprise Network Design

Computers: Tools for an Information Age. Chapter 7 Networking: Computer Connections

By VPNet Technologies. What s a VPN Anyway? A Virtual Private Networking Primer

VPN. The Remote Access Solution. A Comprehensive Guide to Evaluating: Security Administration Implementation. the virtual leader

Networks: Communicating and Sharing Resources

NETWORK ARCHITECTURE

ON-LINE EXPERT SUPPORT THROUGH VPN ACCESS

Class X Subject : IT (Vocational) Chapter -1 Ouestion / Answer

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005

VeriSign Communications Services. IP Network Solutions. Outsourcing the Softswitch Functionality. Where it all comes together.

X.25 Substitution. Maintaining X.25 services over a fully supported NGN/IP infrastructure. The Challenge. How it Works. Solution

INTRODUCTION TO ICT.

Converged Voice Service Summary

ENTERPRISE INTERNET SOLUTIONS AWS IS CLOUDCONNECT SOLUTION OVERVIEW

NETWORK TOPOLOGIES. Application Notes. Keywords Topology, P2P, Bus, Ring, Star, Mesh, Tree, PON, Ethernet. Author John Peter & Timo Perttunen

Lecture 1 Overview - Data Communications, Data Networks, and the Internet

CtrlS Datacenters Placement Questions And Answers

AfriConnect Satellite Technology Overview

SOFTWARE-DEFINED NETWORKING WHAT IT IS, AND WHY IT MATTERS

What is a Network? A connection of two or more computers so that they can share resources.

MPLS VPN: Business Ready Networks. The cost-effective, scalable and robust network solution

Router Router Microprocessor controlled traffic direction home router DSL modem Computer Enterprise routers Core routers

An Introduction to the Max PVN

State of Florida uses the power of technology to accomplish objectives. Sprint provides state-of-the-art voice and data solutions

WHY NETWORK FAILOVER PROTECTION IS A BUSINESS NECESSITY

Accessing the WAN Chapter 1 Modified by Tony Chen 07/20/2008

Virtual Private Networks (VPNs)

Dr./ Ahmed Mohamed Rabie Sayed

Cisco Cisco Sales Expert. Practice Test. Version

Computers Are Your Future

Xceedium Xio Framework: Securing Remote Out-of-band Access

Automating VPN Management

Full file at Chapter 2: Technology Infrastructure: The Internet and the World Wide Web

Choosing a WAN Solution IP VPN vs. Frame Relay or ATM

Area Covered is small Area covered is large. Data transfer rate is high Data transfer rate is low

MPLS in the DCN. Introduction CHAPTER

Virtual Private Networks

The Business Case for Secure VPNs

Network &Network Devices Introduction. 2000, Cisco Systems, Inc. 1-1

Prepared by Agha Mohammad Haidari Network Manager ICT Directorate Ministry of Communication & IT

PassReview. PassReview - IT Certification Exams Pass Review

Chapter 1 Living in a Network Centric World

MPLS VPN Challenge. Ron Jubainville Director Sprint International Products. Copyright Sprint All rights reserved.

Wide Area Networks (WANs) Slide Set 6

SS7 Solution for Internet Access

A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, 5e. Chapter 10 Networking Essentials

(These notes are to be used in conjunction with the slides on QOS - Lecture 1)

31270 Networking Essentials Focus, Pre-Quiz, and Sample Exam Answers

Business Paper. ML-IP Achieves Universal Broadband Access Independent of Provider Networks

CHAPTER 8 NETWORKS: COMMUNICATING AND SHARING RESOURCES

Integrated t Services Digital it Network (ISDN) Digital Subscriber Line (DSL) Cable modems Hybrid Fiber Coax (HFC)

The EXTender/PBXgateway Product Suite Simplified Voice Networking for Distributed Enterprises

IP VPn COMMITTED TO QUALITY

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

SPECIFIC SERVICE TERMS FOR GLOBAL CROSSING ENTERPRISE VoIP TOLL-FREE SERVICES

IT114 NETWORK+ Learning Unit 1 Objectives: 1, 2 Time In-Class Time Out-Of-Class Hours 2-3. Lectures: Course Introduction and Overview

Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice

What is the fundamental purpose of a communication system? Discuss the communication model s elements.

Transform your network and your customer experience. Introducing SD-WAN Concierge

Introduction to Computer Science (I1100) Networks. Chapter 6

Benefits of SD-WAN to the Distributed Enterprise

Computer Networks and Internet

QUALITY OF SERVICE AND THE EFFECTS OF DATA ENCRYPTION ON VSAT NETWORKS (GOVERNMENT NETWORKS)

Chapter 2: Technology Infrastructure: The Internet and the World Wide Web

Internet Telephony. Definition. Overview. Topics. 1. Introduction

Network Definition A network can be defined as two or more computers connected together in such a way that they can share resources.

How Cisco ASR 1000 Enables Cisco Business Strategies by Providing Capacity and Resiliency for Collaborative Applications

How to Configure a Hybrid WAN in Parallel to An Existing Traditional Wan Infrastructure

Increase MPLS and SD-WAN Speeds and Reduce Operating Costs

Multi-plant Connectivity

Local Area Network(LAN)

INTRODUCTION OUR SERVICES

RSVP Scalability Enhancements

Transcription:

Intranets and Virtual Private Networks (VPNs) Definition Private networking involves securely transmitting corporate data across multiple sites throughout an entire enterprise. Creating a truly private corporate network generally requires an intranet. A virtual private network (VPN) is one means of accomplishing such an implementation using the public Internet. Overview This tutorial explores the benefits of a private corporate network and reviews a traditional wide-area network (WAN) architecture implementation. It then compares the WAN model to present-day private-networking strategies, specifically examining two types of modern private-network implementations: encryption-based VPNs and private networks based on frame-relay permanent virtual circuits (PVCs). It also reviews important security issues associated with the different technologies used to implement a private network. Topics 1. Introduction 2. Benefits of ISP Based Private Networks 3. Traditional WAN Network Architecture 4. Encryption-Based VPNs 5. Private Networking Using Frame-Relay PVCs Self-Test Correct Answers Glossary

1. Introduction Today's corporations are challenged by the need to support a wide variety of communications across a highly distributed number of sites and offices. At the same time that the number of sites and offices increases, corporations are pressured to reduce the cost of their overall communications expenses. In addition to the increased number of office locations, employees expect to access corporate resources from a more diverse set of locations, including customer sites, home offices, and travel destinations. As more emphasis is placed on electronic communication, business partners also expect to access corporatepartner data as well. All of these trends drive the need to establish a corporate private-network infrastructure. With regard to communications expenses, however, corporations are finding that traditional architecture does not provide the flexibility and solutions required. Using dedicated leased-line circuits to interconnect main offices and branch offices often requires significant planning time, and once in place the circuits cannot support remote or customer sites. The increase in telecommuting and remote computing is, in turn, increasing resources spent on remote-access modems, servers, and long-distance telephone charges. Private networks that utilize the Internet backbone can significantly reduce the costs of establishing and maintaining a WAN for private-networking purposes. Internet service provider (ISP) based private networks offer a global footprint with ubiquitous local network access. Using an ISP based private network, corporations can connect their offices to the ISP's local points of presence (PoPs) rather than purchase costly leased-line circuits to interconnect their office locations. The corporation takes advantage of the ISP's established backbone, which is usually more geographically diverse than its WAN architecture. The ISP can also offer local dial-up access at a diverse number of locations, which helps reduce long-distance remote-access costs. 2. Benefits of ISP Based Private Networks ISP based private networks can offer direct cost savings over traditional WAN architectures as well as other indirect cost savings. The increased flexibility and scalability of ISP based private networks can often reduce equipment costs while minimizing network management and technical-training resources. The most significant benefit of an ISP based private network is its direct cost savings over traditional WANs. A traditional WAN is composed of distancesensitive leased-line circuits, which can be subject to interstate and international tariffs and taxes. In comparison, an ISP based private network only requires shorter leased-line circuits from each office to the ISP's closest PoP. ISPs can also offer flexibility in line speeds; corporations can usually purchase access in 2/14

fractional tier-1 (T1) increments rather than in an entire T1 circuit from a telco or local exchange carrier (LEC). Outsourcing network management to an ISP can also indirectly reduce operating costs and resources. In-house technical resources are no longer needed to install, configure, and manage network equipment. A corporation will not need to support dial-up plain old telephone service (POTS) lines or integrated services digital network (ISDN) and leased-line circuits. The information technology (IT) department can concentrate resources on data and server equipment rather than on low-level network equipment. Several different ways to implement an ISP based private network can be used. One common implementation transmits corporate traffic over the public Internet but uses encryption to protect the data from unauthorized access. Frame-relay technology also enables the creation of logically isolated circuits or PVCs that provide a private network in which data does not need to be encrypted because it travels only along these logically private circuits. 3. Traditional WAN Network Architecture Traditional WAN based private networks used leased-line circuits from each site back to a corporate headquarters. These leased-line circuits were priced according to distance, making them expensive for geographically dispersed locations. These traditional WANs often used a hub-and-spoke model, requiring traffic going between branch offices to travel through the corporate headquarters. Despite these disadvantages, traditional WANs did offer the highest level of security and network performance. Corporations were paying for the fulldedicated bandwidth of the network. Traditional WANs required highly specialized technical in-house resources and required corporations to manage their own networks. Older corporations often have extensive WAN infrastructure investments and are hesitant to adopt newer infrastructure implementations despite large potential cost savings. Figure 1 illustrates a typical WAN implementation where all traffic is cross-connected at the corporate headquarters. Each branch office or partner company is connected directly to the headquarters location. 3/14

Figure 1. Traditional WANs 4. Encryption-Based VPNs Encryption-based VPNs create a VPN using the public Internet infrastructure. A corporation establishes public Internet connections from each of its office locations to an ISP's PoP. The corporation can establish the connections with a single ISP or multiple ISPs. Encryption-based VPNs are susceptible to any weaknesses that the public Internet may experience. Typically, these weaknesses are related to data security and network performance. The original design and implementation of the Internet did not address the security and performance requirements of private networks. Encryption-based VPNs are often the easiest type of ISP based private network to create. Several different encryption vendors supply a large range of solutions. Figure 2 shows a typical encryption-based VPN implementation. Each branch office or partner company connects to any ISP; users simply must have access to the public Internet. An encryption device (typically a router or firewall) is placed at each location. The encryption devices receive encrypted data from the other locations and perform the appropriate decryption. 4/14

Figure 2. Encryption-Based VPNs 5. Private Networking Using Frame-Relay PVCs Another way to implement a private-networking solution while capitalizing on an ISP's backbone is to create a private-network using frame-relay PVCs. Framerelay PVC is a technology available to homogeneous frame-relay networks; the ISP must be able to implement the frame relay networking protocol across its entire network. A PVC is a way to logically create a separate independent circuit within the same physical circuit. Figure 3 illustrates three separate PVCs within the same physical interface. Each PVC acts logically as a private circuit, similar to a traditional WAN dedicated circuit. 5/14

Figure 3. Subinterface Model Frame-relay PVCs offer the advantages of high security because sensitive corporate data is not transmitted to the public Internet. Instead it is only transmitted down a customer's own PVC, which remains logically separate from the public Internet. A frame-relay PVC private-network implementation is also not as susceptible to network congestion, as each PVC only carries data for one customer. Figure 4 illustrates a private network utilizing frame-relay PVCs. No additional encryption devices are necessary. Each branch office or partner company is connected to the homogeneous network of a selected ISP. Figure 4. Frame-Relay PVC Networking Technology 6/14

Self-Test 1. Private networking refers to which of the following? a. different types of network firewalls b. networking where network protocols are not used c. securely transmitting corporate data d. accessing Web servers using the HTTP protocol 2. A VPN is which of the following? a. an implementation of a private network b. a network built using frame-relay technology c. a high-speed network protocol d. a standard way to encrypt files for secure transmission 3. Corporate networks are now challenged because of which of the following? a. computer equipment requires a greater amount of storage space b. centrally located computers are consuming greater amounts of electrical power c. multiple protocols are taxing existing network resources d. the need to support a wide variety of communications across a large geographic area 4. Traditional WAN architecture. a. is growing because it ideally meets corporate network needs b. is a low-cost solution to a wide variety of needs c. is less flexible and more costly to implement d. improves data transmission over long distances 5. Remote access modems require which of the following? a. increased equipment and management resources 7/14

b. minimal equipment and network resources c. no additional long-distance charges d. that telecommuters use specific remote-access hardware to access the internal network 6. ISP based private networks. a. require entirely new server and internal-network equipment b. are a cost-effective alternative to traditional WANs c. increase management costs as a result of additional network equipment d. are more secure than traditional WANs 7. Compared to a single corporation, ISPs tend to have which of the following? a. fewer remote-access dial-up ports b. greater diversity in local remote-access points c. minimal international remote-access capabilities d. a smaller, more concentrated network backbone 8. Compared to a WAN, an ISP based private network. a. costs more due to the additional cost of a diverse network backbone b. offers significant cost savings c. offers a greater level of security and network performance d. requires a greater number of dedicated leased-line circuits 9. Internal network management resources. a. must be increased when using an ISP based private network, as a result of Internet security issues b. are still required when using an ISP based private network to support network technologies including POTS, ISDN, and leased-line circuits c. can be decreased when using an ISP based private network due to the outsourcing of network management 8/14

d. never change regardless of private-network type 10. Traditional WANs are built using which of the following? a. multiple dial-up links interconnecting each office location b. short leased-line circuits connecting each office to its closest neighbor c. inexpensive wireless network transmission technologies d. expensive, distance-sensitive leased-line circuits 11. International WANs are which of the following? a. extremely expensive as a result of distance-sensitive leased-line circuits b. impossible to build using traditional WAN technologies c. inexpensive because corporations can share network costs with other corporations d. built using satellite technology, which limits network performance 12. Encryption-based VPNs. a. use the public Internet infrastructure to create a VPN b. use inexpensive hardware to encrypt data traveling across the Internet c. are more secure than traditional WANs due to data encryption d. are not susceptible to Internet weaknesses and outages 13. Encryption-based VPNs. a. require encryption hardware only at the primary headquarters location b. cannot accommodate dial-up remote-access users c. require an encryption equipment at each location of the network d. aggregate network traffic through a central location 9/14

Correct Answers 1. Private networking refers to which of the following? a. different types of network firewalls b. networking where network protocols are not used c. securely transmitting corporate data d. accessing Web servers using the HTTP protocol See Definition. 2. A VPN is which of the following? a. an implementation of a private network b. a network built using frame-relay technology c. a high-speed network protocol d. a standard way to encrypt files for secure transmission See Definition. 3. Corporate networks are now challenged because of which of the following? a. computer equipment requires a greater amount of storage space b. centrally located computers are consuming greater amounts of electrical power c. multiple protocols are taxing existing network resources d. the need to support a wide variety of communications across a large geographic area See Topic 1. 4. Traditional WAN architecture. a. is growing because it ideally meets corporate network needs b. is a low-cost solution to a wide variety of needs c. is less flexible and more costly to implement 10/14

d. improves data transmission over long distances See Topic 2. 5. Remote access modems require which of the following? a. increased equipment and management resources b. minimal equipment and network resources c. no additional long-distance charges d. that telecommuters use specific remote-access hardware to access the internal network See Topic 1. 6. ISP based private networks. a. require entirely new server and internal-network equipment b. are a cost-effective alternative to traditional WANs c. increase management costs as a result of additional network equipment d. are more secure than traditional WANs See Topic 2. 7. Compared to a single corporation, ISPs tend to have which of the following? a. fewer remote-access dial-up ports b. greater diversity in local remote-access points c. minimal international remote-access capabilities d. a smaller, more concentrated network backbone See Topic 1. 8. Compared to a WAN, an ISP based private network. a. costs more due to the additional cost of a diverse network backbone b. offers significant cost savings c. offers a greater level of security and network performance 11/14

d. requires a greater number of dedicated leased-line circuits See Topic 2. 9. Internal network management resources. a. must be increased when using an ISP based private network, as a result of Internet security issues b. are still required when using an ISP based private network to support network technologies including POTS, ISDN, and leased-line circuits c. can be decreased when using an ISP based private network due to the outsourcing of network management d. never change regardless of private-network type See Topic 2. 10. Traditional WANs are built using which of the following? a. multiple dial-up links interconnecting each office location b. short leased-line circuits connecting each office to its closest neighbor c. inexpensive wireless network transmission technologies d. expensive, distance-sensitive leased-line circuits See Topic 3. 11. International WANs are which of the following? a. extremely expensive as a result of distance-sensitive leasedline circuits b. impossible to build using traditional WAN technologies c. inexpensive because corporations can share network costs with other corporations d. built using satellite technology, which limits network performance See Topic 2. 12. Encryption-based VPNs. a. use the public Internet infrastructure to create a VPN 12/14

b. use inexpensive hardware to encrypt data traveling across the Internet c. are more secure than traditional WANs due to data encryption d. are not susceptible to Internet weaknesses and outages See Topic 4. 13. Encryption-based VPNs. a. require encryption hardware only at the primary headquarters location b. cannot accommodate dial-up remote-access users c. require an encryption equipment at each location of the network d. aggregate network traffic through a central location See Topic 4. Glossary ISP Internet service provider ISDN integrated services digital network IT information technology LEC local exchange carrier POP point of presence POTS plain old telephone service PVC permanent virtual circuit VPN virtual private network 13/14

WAN wide-area network 14/14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback