Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 12_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 01_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 10_ocred.pdf
- VPN Concentrators PDF
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 06_ocred_fax_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security - 10_ocred_fax_ocred.pdf
- Chapter 7 - 07 - Discuss Fundamentals of VPN and its importance in Network Security_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls i7 j...
Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls i7 j ‘\ a G Connection to VPN: SSH and PPP O PPP and SSH are integrated in kernels that use VPN O VPNs using PPP and SSH work well with dynamic IP addresses Configuring Network Connection ©® While configuring ® Client and server contain ® PPP processes multiple tunnels to the PPP processes to communicate using SSH computer, ensure that IP communicate connection address of every tunnel is unique Connection to VPN: SSH and PPP There are numerous benefits to setting up a PPP-SSH VPN. It is simpler than the other types of VPN. PPP and SSH are built-in with most distributions, and most kernels are pre-configured to utilize them well. If the SSH protocol presently crosses the organization’s firewall, then PPP over SSH will cross the firewall as well. PPP-SSH VPNs do not have any problems with dynamic IP addresses. Setting up a VPN over a dialup connection will not be a problem in the case of PPP-SSH VPNs, and multiple tunnels to a single computer can be set up. The user must ensure that the IP address for each tunnel’s network interface is discrete. For establishing SSH connections, a VPN client and servers are required. Both the client and server have PPP daemons that communicate through the SSH connection. Module 07 Page 964 EG-Council Certified Cybersecurity Technician Copyright © by EC-Council Exam 212-82 Certified Cybersecurity Technician Controls Network Security Controls —Technical P Connection to VPN: SSL and PP socket layer - A - O Point-to-point protocol over a secure 1 connection O Secure Socket Layer QO gh = Built-in support for host authentication throu digital certificates O Establishing a network connection QO ion = |nitial handshake for secure communicat 7 « “Hello” messages establish: and some « sSL Version, support for Cipher suites, random data = Key is determined separately from handshake Data transferred over the link Connection to VPN: SSL and PPP -in nt Protocol (PPP) over a secu ré socket layer (SSL) connection provides built Point-to-Poi digital certificates. support for host authentication through a network connection: The following are the steps for establishing secure communication. = An initial handshake is performed for random “Hell o” mess ages esta blish the SSL vers ion, support for cipher suites, and some = data. the handshake. = The key is determined separately from » Data are transferred over the link. ght © by EC-Council Certified Cybersecurity Technician Copyri Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Connection to VPN: Concentrator O Expert mechanism that allows O Configure the concentrator connections from VPN peers O Set up client software O0O validates its clients O To use VPN, client should use client O Insists on security policies of VPN software O0O Reduces operating cost of VPN administration and encryption from gateways, local hosts Connection to VPN: Concentrator A VPN concentrator is used for remote-access VPNs and allows the use of an encrypted tunnel to securely access a corporate or any other kind of network via the Internet. Concentrator models differ depending on the number of users and amount of throughput. A VPN concentrator is also used to encrypt WLAN or wired traffic. A concentrator must not be mistaken for a gateway or firewall. It is a specialized device that receives a connection from VPN peers by authenticating them. It enforces the security policies with regards to virtual private networking. It takes the overhead of VPN management and encryption off gateways and local hosts. Furthermore, it reduces the operating cost of VPN administration. To configure a network connection, the user must configure the concentrator and set up client software; to use the VPN, the user should use the client software. Module 07 Page 966 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls Jump Servers OQO A jump server, also referred to as a jump box or jump host, is an intermediary gateway inside a secure environment in a network that is used to connect or access hosts or devices located in another security zone such as a DMZ Logged in with valid credentials Efi w...... @...............(@..... [m................................. ‘........... servers Remote administrator WAN/Internet Firewall Jump through a router or server ,,,,,,,....... > iil VPN VPN = = Jump Servers A jump server, also referred to as a jump host, is an intermediary gateway inside a secure location on a network that is used to connect to or access devices or hosts located in another security zone such as a DMZ. This server can be used to jump from one host to higher-security zones, where access is limited for common users. A jump host is a monitoring tool that stretches between two different security zones and allows controlled access between them. Once a jump server is configured successfully, it serves as a one-point auditing host for network traffic, in which all the user accounts are managed. The network administrators must provide privileges to login to the jump host to obtain controlled access to DMZ devices, and all entries and device accesses are logged for later audit. Administrators generally use SSH or RDP to connect to jump servers, which enables end-to-end encrypted traffic flow between a local system and the remote server. Using jump hosts, the security of the servers can also be increased because only the jump server is exposed to the external web. However, the jump server should be configured and managed with utmost care because the entire network can be exposed if jump servers are taken down or compromised. Module 07 Page 967 Certified Cybersecurity Technician Copyright © by EC-Council Certified Cybersecurity Technician Exam 212-82 Network Security Controls — Technical Controls DMz DMZ Logged in with valid credentials °]o | RN YRN peseseasssssiaraenas T RE R R SRR RR R RS R R omm R,. FEEEEEEEE = -,......-> - ;: vv : : : R - S b | |2= L_APP H °................... “— I W — gE = servers Remote administrator WAN/Internet Firewall Jump through a router or server : VPN LT VPN - Figure 7.125: Jump server Module 07 Page 968 Certified Cybersecurity Technician Copyright © by EC-Council
