Please enable JavaScript.
Coggle requires JavaScript to display documents.
VPN and IPsec Concepts - Coggle Diagram
VPN and IPsec Concepts
8.1. VPN Technology
Virtual Private Networks
A VPN is virtual in that it carries information within a private network, but that information is actually transported over a public network.
-
Site-to-Site
A site-to-site VPN is created when VPN terminating devices, also called VPN gateways, are preconfigured with information to establish a secure tunnel. VPN traffic is only encrypted between these devices.
Remote-Access
A remote-access VPN is dynamically created to establish a secure connection between a client and a VPN terminating device.
-
8.2. Types of VPNs
-
SSL VPNs
SSL uses the public key infrastructure and digital certificates to authenticate peers. Both IPsec and SSL VPN technologies offer access to virtually any network application or resource. However, when security is an issue, IPsec is the superior choice.
Site-to-Site IPsec VPNs
Site-to-site VPNs are used to connect networks across another untrusted network such as the internet. In a site-to-site VPN, end hosts send and receive normal unencrypted TCP/IP traffic through a VPN terminating device.
Dynamic Multipoint VPNs
Dynamic Multipoint VPN (DMVPN) is a Cisco software solution for building multiple VPNs in an easy, dynamic, and scalable manner. Like other VPN types, DMVPN relies on IPsec to provide secure transport over public networks, such as the internet.
8.3. IPsec
-
-
Integrity
Data integrity means that the data that is received is exactly the same data that was sent. Potentially, data could be intercepted and modified.