Wide Area Networks (WANs)

Questions and Answers

In the context of network infrastructure, what primary function does a Wide Area Network (WAN) serve?

• To provide high-speed data transfer within a limited geographical area, typically within a building.
• To interconnect various network segments across large geographical distances, such as cities and countries. (correct)
• To secure wireless communications within a small office environment.
• To facilitate direct connections between personal computers and local servers.

What distinguishes a Local Area Network (LAN) from a Wide Area Network (WAN)?

• A LAN uses optical fibers, whereas a WAN uses only copper cables.
• A LAN is managed by an Internet Service Provider (ISP), while a WAN is managed internally.
• A LAN operates within a limited geographical area, while a WAN spans larger areas. (correct)
• A LAN primarily uses packet switching, while a WAN uses circuit switching.

Which WAN technology or service is typically favored when enterprises prioritize network reliability and security for their data transmission?

• DSL (Digital Subscriber Line)
• MPLS (Multiprotocol Label Switching)
• Private Lines (correct)
• VPN (Virtual Private Network) over the public internet

Which of the following is a key drawback of using private lines for Wide Area Network (WAN) connections?

High cost (B)

What is a primary advantage of using MPLS (Multiprotocol Label Switching) lines compared to traditional private lines for WAN connectivity?

MPLS is generally less expensive while still ensuring a reasonable level of security. (A)

Which factor most significantly influences the decision to use VPN technology for establishing secure connections over a Wide Area Network (WAN)?

The requirement for cost-effective security over a public network like the Internet. (A)

In the context of Enterprise WAN Interconnection, what is the role of an ISP line when an enterprise cannot build its own WAN?

It is leased by the enterprise to build enterprise WANs, often in conjunction with VPN or private line technologies. (C)

Within the context of enterprise network design, why might an organization with existing WAN capabilities still choose to lease ISP lines?

To provide Internet access for their employees. (C)

How does Software-Defined Networking (SDN) address the challenges associated with managing a large number of branch networks in an enterprise?

By enabling centralized control and automation of network configurations and policies. (D)

What fundamental shift does SDN introduce in traditional network architecture?

separating the network control functions from the data forwarding functions (A)

What are the three layers which SDN architecture can be divided from top to bottom?

Service, Control, and Infrastructure Layer (A)

In the context of SD-WAN, how does a centralized network control system simplify the process of connecting multiple branch offices to a headquarters?

By abstracting network complexities and automating service provisioning through service-oriented interfaces. (A)

What key capability enables SD-WAN to optimize access to SaaS applications efficiently?

The ability to perceive network Service Level Agreement (SLA) quality of each optional path in real time and select the optimal SaaS access path. (C)

How does SD-WAN address the challenge of varying network quality among multiple WAN links in a hybrid WAN environment?

By implementing link selection based on the Service Level Agreement (SLA) quality requirements of applications. (D)

What is the primary goal of WAN optimization techniques in SD-WAN?

To improve network fault tolerance and ensure data transmission quality when WAN link conditions are degraded. (D)

Which SD-WAN characteristic directly addresses the need for robust security in enterprise WAN application data transmission?

Secure and reliable interconnection (C)

Alongside security, what management capability is crucial for enterprises to effectively utilize a SD-WAN system?

Visualized O&M (B), Bandwidth proportion of key applications (D)

In regard to the core values of SD-WAN, what best describes 'Powerful Interconnection'?

Flexible networking for on-demand interconnection of multiple clouds and multiple networks (D)

An enterprise uses private lines because of reliability, what is the main disadvantage of them?

Investment Cost (D)

An enterprise has mobile users needing network access, what would eliminate geographical differences??

VPN Technology (C)

What characterises carrier's high-quality private lines, and what is an example of one?

Expensive but have excellent performance, SDH (A)

An enterprise requires a cost-effective network with ease of expansion and is easy to control, what service may suit them?

Enterprise-built VPN (D)

What is the performance of MPLS VPN, compared to transmission private lines?

MPLS VPN is poorer and cheaper (A)

What statement decribes Bare optical fibre?

No intermediate device is deployed (A)

Your enterprise requires high reliability and security, and need to interconnect two branches what type of private line would you use?

MSTP or SDH (B)

What is an advantage of MPLS VPN??

Low cost (A)

A company uses Internet widely to connect company resources, what is used to build the network?

VPN (B)

A VPN is setup to connect gateways based on the Internet, what Main technology can achieve this?

GRE (B)

What is mainly used to connect internal users?

L2TP over Ipsec (C)

GRE uses some network layer protocols to transmit packets, which options are correct?

IPX (C)

Under the decapsulation process of the GRE (Generic Routing Encapsulation), what does Router_B check to ensure the packet's proper handling after accessing its physical interface connected to the Internet?

Router_B examines the destination address and protocol ID. (D)

A network requires encapsulation of multicast for secure data transmission, which protocol would be used?

GRE Over IPsec (A)

What IPsec protocol can guarantee both data integrity and origin authenticity??

AH (C)

In setting up a GRE tunnel what can ensure the tunnel functions correctly even when the remote interface is temporarily unreachable?

Keepalive Detection (D)

What IPsec mechanism has these steps: (1) Establish and IKE SA is Established, (2) use to negotiate encrypted packets with IKE, (3) Then IPsec SA's can be used to encrypt the data?

IPsec (C)

What is the core difference between IKEv1 and IKEv2 negotiations in IPsec?

IKEv2 uses fewer message exchanges to establish a secure connection and re-negotiate IPsec SAs. (C)

What best describes a Symmetric encyption?

Uses a preconfigured secret key for the encryption/decryption (A)

What data encyption method presents data from being leaked during data forwarding??

Encryption (A)

If you had the need to transmit L2TP through a secure IPsec what can you achieve?

Address Allocation (D)

Flashcards

What is a WAN (Wide Area Network)?

Provides interconnection services between regions, cities and countries over long distances, using optical fibers.

What is a LAN (Local Area Network)?

Connects computers and devices in a limited geographical area, like a campus or factory, within thousands of meters.

What is the relationship between LAN and WAN?

A WAN spans a larger geographical area, while a LAN is confined to a smaller local area.

What is Enterprise WAN interconnection?

Refers to the interconnection between nodes at different levels such as headquarters, data centers, branches, fixed offices and mobile offices.

How do enterprises without WANs establish connections?

Enterprises that cannot build their own WANs, lease ISP lines and use VPN or private line technologies.

How carriers MPLS or private lines are used?

MPLS or private lines are used to connect regional networks for enterprises with high SLA requirements.

How is carrier Internet + VPN technology used?

The carrier Internet+VPN technology is used for connection for branches without high SLA requirements

How carriers point-to-point private lines are used?

Carriers Point-to-point private lines are used to implement cross-city or cross-border connections

How to ensure enterprise WAN security?

Reliability and security are ensured by leasing MPLS or private lines from carriers.

MPLS lines vs Private Lines

Compared to private lines, MPLS lines are cheaper, but service reliability is not as good.

What is using the Internet for VPN?

The Internet is used to reduce costs with VPN, but reliability of key services isn't assured.

What is SDN (Software-Defined Networking)?

Decouples the forwarding, control, and service applications to aid quicker network adjustments and new service deployment.

What is advantage of the SDN network?

SDN provides programmability by separating the network's control from the forwarding functions.

What is the function of the SDN service Layer?

The service layer interacts with network application services to understand user needs.

What is the SDN control layer?

The control layer controls network devices' forwarding behavior through interfaces.

What is the SDN infrastructure layer?

Consists of network devices forwarding traffic based on policies from the control layer.

What are the characteristics of SD-WAN?

Service and intent orientation, implementing network orchestration and automatic provisioning.

How SD-WAN manages Branch devices?

Employs a centralized network control system to manage all branch devices.

Describe the cloud connection with SD-WAN.

A cloud site that requires an NFV-based device to connect enterprise branches to the public cloud.

How SD-WAN optimizes SaaS?

SD-WAN optimizes SaaS with the capability of optimizing SaaS access paths.

Intelligent Traffic Steering?

Measure the quality of different WAN links and implement link selection based on the SLA quality requirements.

WAN Optimization?

WAN optimization technologies are used to improve network fault tolerance and ensure data transmission quality

Characteristics of SD-WAN?

Network controller provides open and programmable northbound RESTful interfaces.

Core Values of SD-WAN

With powerful interconnection, optimal experience, high performance, and easy O&M anytime and anywhere.

Powerful Interconnection?

Flexible networking for on-demand interconnection of multiple clouds and multiple networks to quickly provision networks and reduce link costs.

Optimal Experience

Ensure the key application experience with application-based traffic steering and optimization

High Performance?

High-performance branch devices build a new forwarding engine.

Easy O&M

Intent-driven simplified branch network O&M (Operations and Maintenance) to implement intent-based centralized management and control on the entire network.

Private Lines

Can meet interconnection requirements of enterprises and ensure reliability and security but expensive.

VPN Technology

Provides High Security by encrypting data before being transmitted and security control is in the hands of users.

Carriers’ Private Lines provide...

Provide dedicated connections for different industries and scenarios by carriers.

Currently, the following private line technologies are widely used:

Bare optical fiber, SDH/MSTP/WDM, MPLS VPN.

3 Types of Private Lines

MPLS/VPN; Bare optical Fibers; SDH/MSTP/WDM

Introduction to Bare Optical Fibers

Carries provide a bare optical fiber line where no intermediate device is deployed. The network capacity depends on the enterprise devices at both ends of the bare optical fiber.

SDH/MSTP/WDM Private Lines

transmission private line; Tenants exclusively occupy part of the bandwidth of the transmission private line giving high reliability and security.

Enterprise can establish?

VPNs, GRE,DSVPN,SSL VPN, through carriers' networks.

enterprises can establish VPNs such as?

SSL VPN, DSVPN,IPSec VPN ,through carriers networks.

MPLS VPN Private Line used to..

MPLS VPN Technology compromise between cost and performance and for enterprises that can build their own WAN.

Virtual private dial-up Network (VPDN) technologies to...?

Used to allows terminal users or branches to dial up to the carrier network or headquarters by virtual private dial-up networks, such as PPTP, L2TP,OR PPPoE.

Study Notes

• A Wide Area Network (WAN) provides interconnection for different regions, cities, and countries, typically spanning kilometers.
• Optical fibers are used to meet the transmission requirements due to the distances a WAN covers.

LAN vs WAN

• Local Area Networks (LANs) connect devices such as computers, peripherals, and databases within limited areas such as campuses, factories, or organizations.
• WANs provide more extensive coverage than LANs and Metropolitan Area Networks (MANs) through packet switching technology.
• WAN communication subnets utilize public packet switching, satellite, and wireless networks for resource sharing across different areas.
• The Internet represents the globe's largest WAN.
• LANs are confined to a single area, while WANs cover larger areas and connect LANs and company networks, exemplified by a company with a headquarters in Beijing and branches distributed nationwide.
• WAN rates range from 56 kbit/s to 155 Mbit/s, with newer technologies reaching 622 Mbit/s to 2.4 Gbit/s, with transmission delays from milliseconds to hundreds of milliseconds, especially with satellite use.

Enterprise WAN Interconnection

• Enterprise WAN interconnection connects nodes at different layers, including headquarters, data centers (DCs), fixed and mobile offices & branches
• Enterprise WAN interconnection relies on carrier-built or self-built WANs.
• Businesses unable to construct a WAN often secure connectivity through leased ISP lines, utilizing VPN or private line technology for enterprise WANs.
• Companies equipped with WAN infrastructure typically do not lease ISP lines, except for internet connectivity.

Enterprise WAN Interconnection Modes

• Enterprise WANs connect using different modes
• Regional networks connect via carrier MPLS or private lines, this provides high Service Level Agreement (SLA) but is more costly.
• Connection accomplished also through carrier Internet + VPN technology, which is suitable for smaller branches without high SLA demands.
• P2P private lines ensure cross-city or cross-border connections mainly used for connections between DCs, headquarters, or major arms of a business, but are an expensive option
• Industries use self-built private lines which include electric power and transportation
• Enterprise WANs often use a combination of the above connection styles.

MPLS and Private Line Tech

• MPLS and private lines are leased from carriers in order to ensure reliability when building Enterprise WANs.
• Private lines are expensive but keep service quality and data security by relaying data on dedicated lines.
• Leasing MPLS lines from carriers is more economical, but service reliability not guaranteed like private lines.
• Enterprises with resources such as power companies can save costs by building their own backbone networks.

Internet and VPN Tech

• Integration of enterprise services possible with the Internet.
• Since the Internet is an open network, VPN technology facilitates secure and reliable connections.
• VPDN technologies such as PPTP, L2TP & PPPoE lets branches dial into the carrier or HQ networks.
• IPsec and GRE protocols are used to build networks between enterprise branches or between the enterprise branches and HQs.
• Large networks use Dynamic Smart VPN (DSVPN) and Any to Any (A2A) VPN technologies as they simplify IPsec configuration.

Cloud computing challenges

• Before cloud computing, networks expanded bandwidth in order to ensure service quality that was typically not managed.
• Due to cloud computing, there is a need to balance between line prices and service quality with growing volumes of traffic.
• Relying on carriers' private cloud lines is typical to guarantee key services, however, these solutions have limitations:
• Significant bandwidth required
• Building VPNs using the Internet may reduce cost, reliability of services can be compromised.
• Managing key services carried on private lines alongside Internet-carried common services can be complex and difficult.

Multiple services challenges

• Enterprises cannot guarantee key services effectively due to poor service traffic awareness & quick adjustment
• Prioritization is difficult due to absent application visibility and results in primary links overloading at peak hours.
• Transmitting SaaS application services through headquarters causes delays.
• Inability to monitor and control affects smooth video conferences and more accurately adjust service traffic

Multiple Services Traditional tech

• Traditional network management technologies can only monitor the bandwidth usage of interfaces.
• Interface bandwidth use cannot be monitored through service applications, therefore the quality of the main services going undetected.
• Controlling services precisely not possible due to not identifying application services.

Large branch number challenges

• Many cross-city, cross-province, and cross-border branches of companies gives rise to specific challenges of network management.
• High O&M costs are typical in network builds with too many branches.
• Branch services take a long time in terms of provisioning.
• Rectifying any faults on these branch networks poses a difficulty.
• Software-Defined Networking (SDN) technology may deal with challenges brought by available services on Enterprise WANs

SDN Overview

• SDN is a framework for managing the complexities of conventional networks.
• SDN decouples the forwarding, control, and service planes
• This allows quick network adjustments and deployment of new services that facilitates IT applications in underlying networks.

Key SDN characteristics

• Network virtualization, offering abstracted network services - hardware irrelevant
• Allows automated network resource management and configuration reducing human error
• Provisioning service for rapid deployment and scalability of services
• Network to be programmed and integrate with different management platforms.

SDN Architecture

• The SDN structure is split into service, management, and infrastructure layers
• The Open Networking Foundation (ONF) supplies SDN network architecture.
• Service layer offers user-level management of applications, performance, and security.
• Control layer centrally manages network functions and translates service layer requests to infrastructure changes
• Infrastructure layer contains the physical devices (switches & routers) forwarding data as dictated by the control layer.

SD-WAN: Auto network orchestra

• Aims at providing network orchestration and automated provisioning that keeps operating costs within budget
• With SD-WAN, network parameters are set centrally.
• Centralized control systems abstract, orchestrate, & automatically provision network services that in the end lowers skill requirements in its operators.
• New network service operations run more efficiently with less errors and better user experience.

SD-WAN: Cloud interconnection

• SD-WAN essential for flexible cloud connections in modern enterprise networks since cloud migration grows and requires interconnection with cloud resources such as IaaS and SaaS.
• If a system is in a cloud, it is a cloud site and requires an NFV device to act as a gateway to connect enterprise branches with public clouds.
• Remote centralized control systems remotely schedule public cloud resources in real-time for devices on the cloud.
• Enterprises access remote SaaS applications on the cloud through the WAN either by Internet, MPLS network or the HQ.
• Measuring Quality of Service and selecting efficient SaaS access paths in real time can be improved through the centralized network control.

SD-WAN: Intelligent traffic steering

• The technology guarantees traffic routing and application performance.
• Multiple WAN hybrid links in SD-WAN provides different service qualities in the enterprise traffic.
• High value applications are transmitted over highly valuable links that are application SLA based
• Network link selection should be on the basis of Quality of Service (QoS).
• Application traffic is dynamically adjusted as the network conditions change during use for end user experience and meets application SLA

SD-WAN: WAN Optimization

• Seeks to ensures network tolerance & keep quality when it goes down.
• Common WAN optimization technologies include transmission optimization, data optimization and packet loss concealment optimization
• Forward Error Correction (FEC) improves data tolerance on degraded links through optimal packet reconstruction or optimization
• WAN Optimization delivers efficient tech that uses compute/storage resources to improve network transmission

SD-WAN: Secure, visualized Open Interface O&M

• SD-WAN applications ensure reliability & security for system/service.
• Systems possess network device security and security capabilities, including attack prevention when connected to the WAN and public Internet.
• Authentication and encryption prevents data leakage on the WAN
• Centralized visualized management occurs through a centralized system with alarm monitoring or remote real time management.
• SD-WAN delivers the dashboard and key performance data, bandwidth proportion of apps, and application health scores

SD-WAN: North bound open API

• The network controller provides RESTful interfaces for integration to third parties.
• Third party software interconnect through northbound APIs.

SD-WAN: Core values

• It helps any company flex and conveniently get highly valuable WAN with powerful interconnection, ultimate experience, superior performance, and easy O&M, all the time and any place
• SD-WAN resolves problems enterprise WANs face.
• Interconnection enables to connect clouds and support a variety of Ethernet connections, and other functions
• SD-WAN offers features that are able to meet diverse needs through several connection models.
• Optimizes app traffic by directing high-priority traffic to links that meet SLA requirements and identifying application information
• Builds powerful forwarding engines
• Packet forwarding can be enhanced and optimized through SD-WANs high-performance branch features.
• Makes the design simple by being based on fundamental SDN principles and has functions of centralized control, visualization, and easier centralized management.

Private line and VPN comparison

• Private lines costly, but guarantee requirements of connection such as reliability and security that they need.
• As networks changed, more market share goes to VPN technologies, but private line tech kept being demanded.

Carriers' private lines

• Many line resources used to launch different private lines.
• High quality transmission is provided by SDH, MSTP, and optical fibers all excellent, but costly.
• MPLS VPN is different version offered by carriers with lower transmission but are less expensive
• Financial industry leases carriers MSTP/SDH to maximize network reliability.

Enterprise-Built Private Lines/VPN

• Connecting enterprise and establishing their own VPN often comes from the carriers' networks
• Laying fiber is more widely used thanks to being cost effective plus are simple to have expanded
• Controllable VPNs are extensively implemented to deliver efficient features

Overview: Private line tech

• ATM discontinued as private line tech has evolved.
• Private line tech include Bare optical fiber, SDH/MSTP/WDM (hard pipes) and MPLS VPN.
• MPLS private lines make use of Ethernet and offer the cost effective benefit.

Intro to Bare Optical Fibers

• Connectivity where capacity dictated by enterprise devices where no intermediate device.
• Costs dependent on range, where greater distances incur a bigger expense
• Max distance is 300km unless the use of repeaters.

App Scenario: Bare optical fibers

• Fiber is leased between main and branch campuses so as to the campuses being able to connect.

SDH/MSTP/WDM Private Lines

• Enterprises secure long transmissions/security through SDH/MSTP/WDM which are expensive where parts exclusively take up bandwidth of the private line for transmission
• Private lines are shared by tenants and exclusively employ hard pipes securing the whole system
• The most frequent private lines are MSTP/WDM private lines which are functional.

Overview of VPN services

• Enterprises build into their networks via virtual VPN to make the Internet have
• Access VPN provides remote access that uses L2TP for network connections
• GRE plus DSVPN can connect an enterprise's frameworks
• To build extranet that uses SSL VPN technology, an enterprise's network can interact with its partners.

Access VPN overview:

• Access VPN makes connections over dial ups
• Enterprise networks, which have interfaces, are encapsulated in tunnels to be shipped over
• Point-to-Point Tunneling Protocol (PPTP), Layer 2 Forwarding (L2F) and Layer 2 Tunneling Protocol (L2TP) are the three technologies that VPN commonly brings

PPTP overview

• VPN protocol which relies on the core functions of PPP and functions on the layer level.
• Lacks powerful security.

L2F overview

• Cisco introduced L2F so as to handle issues of PPTP
• Packets independent from different users after encapsulation

L2TP overview

• Integrates advantages of PPTP and L2F that brings a solution that is best for networks and uses AAA servers.

Apply VPN to real network

• Main access to Internet users is mostly in the form of L2TP over IPsec
• Seldom does traffic reach headquarters through branches with DSVPN

Intro: GRE overview

• GRE is capable of encapsulating some upper functions, therefore networks must deploy GRE given very selected branches
• A GRE tunnel is a P2P connection allowing data transmission

Explanation of GRE

• The interfaces on each end encapsulate the packet which is then forwarded to the destination
• The module protocol checks if there will be one that will direct towards an external tunnel. For the traffic is for external to the tunnel, the protocol will forward.
• Packets use GRE and a new IP header during encapsulation

Keepalive Detection

• GRE protocol doesnt always retain connectivity for network/interfaces. Remote will stay linked and continue transferring and transferring packets, even with unreachable destinations
• "Keepalive" detection may see the status and will see if remote can still be reached.
• Operations where after tunnel start will set the time, and when replies with the peer will be used to then verify counter value

GRE security threats

• High degree of data tampering
• GRE tunnel setup vulnerable to illegal addresses

GRE data check

• Checksums verify at each point what there will be for packets
• "GRE header" checksum is a C bit is activated when being transferred

GRE Key

• Prevents certain connections from becoming an error. Authentication prevents interconnections to a specific key or transfer

IPsec Background

• Private lines and interconnections use IPsec protocol
• This has the issue of having expensive features that this system resolves

IPsec overview

• Functions as good security protection, but is interoperable
• In order to be supported, has protocols built-in before getting made efficient
• This is not confined to one virtual tech

Data encryption

• Aims to forestall any leaking or external interception
• Traditional types is based on the receiver and share one encryption key (a symm encryption key)

Data authentication

• Aims to forestall data leaking on a packet. Hash values from the sender are sent to an opposite point for the receiver to know whether anything got exposed

IPsec Encryption

• For great security, provides and uses symm encryption plus asymm, uses the latter to allow better transferring and control data used for key/cipher

Security Association

• Frameworks like encryption standards for authentication algorithms of IPsec are agreed security relationships (SA)
• Negotiating this may involve Internet Key Exchange. Can manually config

Key Exchange

• By protocol and application of user level, may or may not go through SA encryption channels by IPsec module

Data encryption

• For data checks the receiver uses integrity
• Provides functions such as MD5/SHA1/etc which verify if there are data packs sent, and in such cases, requires that everything must be in order during every protocol

Security protocols

• ESP and Authentication Header (AH) can secure data transmitted
• If AH is used, both sides authenticate, and otherwise, with ESP both encrypt and authenticate
• Field of protocol has two components, that is unique in every transmission to defend it from replay attacks

Encap Modes

• In this IP sec is encapsulated, giving an end connection
• Either AH or ESP, modes have similar ways of having headers and encapsulating everything in

IPSec Mechanism

• The mechanism is that within a peer IKE, there must be phases
• In the phases comes the IPsec configuration of everything regarding exchanging data, such as the protected flows

Key elements of IKE V1

• The V1 and V2 are what the negotiation utilizes if what they're trying to negotiate is not right it will try again/restart (IKEV)

All points of IPSec negotiation that are utilized

• Is that every node has the same ability of key info as it authenticates everyone.
• In order for IPsec to fully work in both modes, it needs to encrypt/authenticate at same rate as what's been used

IKEV2, the more complicated IKE config

• Process needs those number of exchanged messages/keys
• V2 is what is needed when defining how the protocol flows.

The "creating a child" component of that V2 protocol

• In IKE SA's, that can create exchanged info to be passed, if there's something wrong, then it may trigger a renegotiation
• V2 is that it has message capability of which both parties use between them - can be a responder/initiator

Information V2 Exchange protocol

• That when needed then exchanges information such as for errors/notifications
• Needs to work underneath such as SA, plus everything protected by exchanges then must align in protocols

What's protected: IPsec

• Protected data follows these options which have been made known
• Rules like ACl's may have set the perimeters but requires the ACLs to be working.
• Routes, likewise, can have such control (that has what's made routes to interfaces)
• GRE protocol usually is chosen for a base flow

With routes, now you have a list of the advantages

• No longer is IP section difficult as protocols just will be now directly on the interfaces without ACL/etc
• May be used for dynamic protocol also
• Multicast is secured thanks to being secured with GRE over IP section.

Advantage of IP Sec with GRE

• GRE is used more because when combined there's easier multicast and the regular packet that forms up the Internet
• Data goes between protocols of IP section and GRE

How do these methods function?

• Well their's protocols for the different type. These types mean data or data links aren't the same as a direct connection
• This creates public and even private links that then are for the different "protocol" links whether private or not.
• GRE is then for the source for all those tunnels as source protocol.

Info: L2TP/ IPsection for data

• Over the internet protocol they do what must be done. They apply all features and security and such.
• Headquarters can also utilize these methods

L2TP encryption, and then the packet forwarding which does IPsection process:

• Well its applied to almost each device along with the protocols needing to talk to headquarters depending on the interface set (such as L2TP, or internet type.) That then can use things such as broadband devices

These different devices and the relationship that they give

• With IPsection and all the layers as before, the headquarters has a constant reach
• Branch offices and any remote user is fully interconnected and private.

Now a summary!

• It's the IPsec protocols that do transmission that is required and utilized by things such as SA protocols
• Securing the parameters between them is what helps SA as that sets a baseline connection.

There are actually only 2 types of versions being able to connect.

• There are the 1 and 2 of IKE protocol
• Version 1 runs in 2 phases while two needs IKE2s negotiation. Then 1 offers different configurations
• While all are tested and setup, V protocol offers better set that makes for an quicker end.