Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 08_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
Tags
Related
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 02_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 04_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 09_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 12_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 03_ocred_fax_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 04_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Point-to-Point VPN Topology 1...
Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Point-to-Point VPN Topology 1 2 3 Unlike the Hub-and-Spoke topology, This topology treats two end points Only Regular IPsec or IPsec/GRE is offices at different locations can as two peer devices participating in assigned for the tunnel, as any of directly communicate with each communication the peer devices can initiate the other without any IPsec failover communication Point-to-point oifif;fé-poMt VPN Secure Tunnel Topology Site 1 Point-to-Point VPN Topology In a point-to-point topology, any two end points are considered as peer devices that can communicate with each other. Any of the devices can be used to initiate the connection. Unlike a hub-and-spoke topology, offices at different locations can directly communicate with each other without any IPsec failover. The IPsec technology assigned can be either IPsec or IPsec/GRE. Regular IPsec point-to-point VPNs are commonly configured and known as extranets. This is where a connection is established between a device in a regularly managed network and an unmanaged device in the service provider’s network. The major features of the point-to-point topology are as follows: = Easy routing of data, which need to pass through only one router = Optimal Optimal routing between customer sites = Introduces encryption and authentication to confirm the integrity of packets in transit = Uses a tunneling process to capture data packets with normal IP packets for forwarding over IP-based networks Secure Tunnel MAM Msssnsssnnns Figure 7.114: Point-to-point VPN topology Module 07 Page 944 EC-Council Certified Cybersecurity Technician Copyright © by EG-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Full Mesh VPN Topology Q This topology is suitable for complicated networks where all peers communicate with one another OQO Device to device communication in a network takes place with a unique IPsec tunnel Q A peer-to-peer connection is established between each device, preventing a bottleneck at the VPN gateway and saving encryption/decryption overhead Q This topology is reliable and offers redundancy L. AlAll Rights Reserved., Reserved. Reproduction ReproductionIs Strictly Prohibited. Full Mesh VPN Topology In a fully meshed VPN network, all peers can communicate with each other, making it a complex network. This topology is suitable for complicated networks where all peers communicate with one another. This topology allows all the devices in the network to communicate directly with each other through an IPsec tunnel. A peer-to-peer connection is established between each pair of devices, preventing a bottleneck at the VPN gateway and saving encryption/decryption overhead. A fully meshed VPN can implement normal IPsec, IPsec/GRE, and GET VPN technologies. Advantages = Any failure on one of the devices does not affect the entire network. = |tis very reliable and offers redundancy. = |t prevents any kind of block at the gateway. Disadvantages = |t increases the number of devices connected to the network, making it difficult to manage. = There are chances of redundancy in network connections. Module 07 Page 945 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Secure Tunnel MMM M ressssssnssnsnsnnnsnnnE ressssssnssssnsnnnnnnE AW N X, Secure :..-.-.,..Tunnel “**e.,, Tunnel : Site 1....'. E Secure E Secure Tunnel : Tunnel H. Site3 Site4 Figure 7.115: Full mesh VPN topology Module 07 Page 946 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Star Topology Branchoffice Branch office., " Branch office This topology allows remote branches to securely "y AR, oy AR | communicate with corporate headquarters e = : :: : [N =N ili il il LT Interconnection between branches is not allowed fi"w _.:" _.-"' Corporate Head "'-.. ".-.. Deployed in a bank network, preventing one branch SLES uara. from compromising another branch > "< “
