Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 02_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

How VPN Works
VPN uses authorization and encryption to connect
o,. ] external host securely
A client wil ing ng to connect to a company’s - ‘A\
;\
initially connects to the Internet
work initially
network.& e """""
)i Unauthorized m "+,
UnauthorizedHost "
7" Ruthorized
Authorized
Most VoW client
Wost with VPN
en, hethe client initiates a VPN connection P
57 3 sncrypton
cmodmonted

shing a connection, end points
ishing
nticated through passwords,

nection is established, the Y
-
curely access the company's oy
T

roduction is Strictly Prohibited,

How VPN Works

A VPN enables a secured connection over the Internet from a public network to a private
network placed at a distant site. All the network traffic in a VPN is encrypted and passes
through a virtual secure tunnel placed between the client and VPN server.
All the packets passing through a VPN are encrypted or decrypted with respect to inbound or
outbound traffic. The packets are encrypted at the client side and decrypted at the VPN server.
A client willing to connect to a company’s network initially connects to the Internet. Then, the
client initiates a VPN connection with the company’s server. Before establishing a connection,
end points must be authenticated through passwords, biometrics, personal data, or any
combination of these. Once the connection is established, the client can securely access the
company's network.
For example, when a client with a VPN connection enabled browses Youtube.com, the
outbound traffic is encrypted at the client side. The encrypted data are then sent to the nearest
VPN server, which passes the data to the gateway server. At the gateway server, the data are
decrypted and sent to the server hosting Youtube.com. When Youtube.com sends a reply
request, the VPN server performs the reverse process on the outbound traffic.
A VPN closely monitors any insecure networks. It creates a new IP address for an encrypted
packet, concealing the real IP address; this prevents attackers from finding the real IP address
from which the packets were sent.

Module 07 Page 909 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

VPN uses authorization and encryption to connect
external host securely

o.-.....o..... B..

Unauthorized Host '°'.. * +"" Authorized Host with VPN client
software, which handles
authorization and encryption

Firewall with
with VPN % 2=
option flm
Zopsues

ry. B
b
- -.3:'-"."
--u----.-----..-a.--—c-a-.-----’.:--------
- -.

=i
=l Figure 7.103: Working of VPN
Internal
Network

Module 07 Page 910 EG-Gouncil
Certified Cybersecurity Technician Copyright © by EG-Council
 Certified Cybersecurity
Certified Cybersecurity Technician
Technician Exam
Exam 212-82
212-82
Network Security
Network Security Controls
Controls -— Technical
Technical Controls
Controls

Why Establish VPN?
AA well-designed
well-designed VPN
VPN provides
provides
the
the following
following benefits:
benefits:

v Extend
Extend geographic
geographic connectivity
connectivity

v Reduce operational costs versus traditional WANs

v’ Reduce
Reduce transit
transit times and traveling
traveling costs
costs for
for remote
remote users ‘'

v' Improve productivity

v’ Simplify network topology }

Provide global networking opportunities

Why
Why Establish
Establish VPN?
VPN?
The easy accessibility of sensitive data over the Internet poses a serious security threat to
organizations. Attackers easily exploit and gain access to sensitive information sent
sent over
over an
an
unsecured public network such as the Internet. A VPN ensures reliable communication through
an encrypted tunnel, preventing attackers from gaining access to the organization’s
information. A well-designed and well-implemen
well-implemented
ted VPN can provide the following benefits:
*= Itenables
|t enables a secured connection across multiple geographical locations.
*= It|t saves time and expenditure for employees as it allows the sharing of information
between a corporate office and regional offices.
= |t enhances the level of output for remote users.
*= Itimproves
|timproves the security of data by concealing the IP address from attackers.
*= It|t handles multiple connections simultaneously and provides the same quality of service
for each connection.
*= It|t has the ability to provide a secure connection to large enterprises.
= The implementation of a VPN increases the bandwidth and efficiency of the
the network.
= Maintenance costs are low.
*= It|t reduces
reduces transit
transit times
times and
and traveling
traveling costs
costs for
for remote
remote users.
users.
*= |t improves productivity
Itimproves network topology.
simplifies network
productivity and simplifies topology.
*= It|t provides
provides global
global networking
networking opportunities
opportunities and
and telecommuter
telecommuter support.
support.
*= It|t has
has aa faster
faster return
return on
on investment
investment (ROI)
(ROI) than
than aa conventional
conventional WAN.
WAN.

Module
Module 0707 Page
Page 911
911 Certified Cybersecurity
Certified Cybersecurity Technician
Technician Copyright
Copyright ©© byby E@-Council
EG-Gouncil
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

This encrypted traffic proves beneficial when a user connects their system to Wi-Fi networks in
public places. The encryption makes it difficult for eavesdroppers in the network to identify the
encrypted data.

A VPN allows users to access servers across the world, making it easy for them to access all
types of content. With a VPN, users need not face restrictions such as geo-blocking while
browsing. A VPN allows the user to stay anonymous without sharing their device information in
the network. By hiding such data, a VPN prevents websites from spying on or monitoring the
user. To avoid excessive monitoring from third-party websites or attackers, users should install
a VPN for safe browsing.

Module 07 Page 912 Certified Cybersecurity Technician Copyright © by EG-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

VPN Components
VPN Components
v" VPN client
v Network access server (NAS) VPN Client
VPN Client

v’ Tunnel Terminating Device (or
VPN server)
=
g

v" VPN protocol
VPN protocol Q’Q -Network
Q 0 Q Remote P
»
"

°' i o $v e o[ ] ] eg W
i 15p
Isp : 15P.........
I
PSTN ;
T.
ié Network Access VPNServer
VPN Server gi Corporate Network
Server
Server :

| o g lav.er
Layer 3 lav;r 3
Layer3
VPN Client Protocol Protocol
VPN Client o ool Protocol
°§ 7T~
' VPN I

b

Copyright © by EC- 1. Al Rights
Rights Reserved. Reproductions Strictly Prohibited,
Prohibited.

VPN Components
The VPN architecture consists of four main components.
= VPN client: It is a a computer that initiates a secure remote connection to a VPN server.

= Network access server (NAS): Also called aa media gateway or a remote-access server
(RAS), the NAS is responsible for setting up and maintaining each tunnel in a remote-
access VPN. Users need to connect to the NAS to use a VPN.

* Tunnel terminating device (or VPN server): It is a computer that accepts VPN
connections from VPN clients.
= VPN protocol: It includes VPN-specific protocols used to manage tunnels and
encapsulate private data. It includes the use of PPTP and L2TP protocols, along with
IPsec.

Module 07 Page 913 Certified Cybersecurity Technician Copyright © by EC-Council
Certified Cybersecurity Technician Exam 212-82
Network Security Controls — Technical Controls

The following diagram shows the use of various VPN components in a remote-access VPN:
VPN Client

Q Remote Network
i

: ISP
-.<.llll
°.IIII
I.Ill
o° I-III
3.

>
§. Network Access VPN Server i Corporate Network
: Server :

% Layer 3 Layer3
VPN Client Protocol Protocol

Figure 7.104: VPN components in a remote access VPN

A typical remote-access VPN connection is established as follows:
* The remote user propagates a PPP connection with an ISP’s NAS through a PSTN.

* The packets sent by the user are sent to the tunnel connecting the NAS and VPN server
after authenticating the user.
* The packet is encrypted before placing it in the tunnel.
= The location of the VPN server depends on the model used for the VPN implementation.
= The VPN server accepts the packet from the tunnel, decrypts it, and sends it to the final
destination.

Module 07 Page 914 Certified Cybersecurity Technician Copyright © by EC-Council