Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 8: VPN and IPsec Concepts - Coggle Diagram
Module 8: VPN and IPsec Concepts
8.1 VPN Technology
VPN (Virtual Private Network): extends a private network over a public one.
Uses tunneling protocols to encapsulate and encrypt data.
Common VPN protocols: IPsec, SSL/TLS, GRE, L2TP, MPLS.
Provides confidentiality, integrity, and authentication.
Two main types of VPN connections:Site-to-Site VPNs: connect entire networks (e.g., branch to HQ).
Remote Access VPNs: connect individual users securely to a company network.
8.2 Types of VPNs
Enterprise VPNs: used by organizations for secure internal communication.
Service Provider VPNs: offered by ISPs using MPLS or other technologies.
GRE (Generic Routing Encapsulation): allows tunneling of various protocols over IP.
IPsec VPNs: use encryption/authentication at Layer 3 for strong security.
SSL VPNs: use HTTPS and browser access for easier setup.
VPNs can combine encryption and tunneling for hybrid security.
Site-to-Site VPNs:
Use routers/firewalls at both ends.
Often built using IPsec tunnels.
Transparent to users.
Remote Access VPNs:
Users connect via client software or web browser.
Secured by SSL/TLS or IPsec.
8.3 IPsec
IPsec (Internet Protocol Security): framework for encrypting and authenticating IP packets.
Provides confidentiality, integrity, authentication, and anti-replay protection.
Works in two modes: Transport Mode: encrypts only the data payload.
Tunnel Mode: encrypts the entire IP packet (used in VPNs).
Main IPsec protocols: AH (Authentication Header): provides authentication and integrity (no encryption).
ESP (Encapsulating Security Payload): provides encryption and authentication.
IKE (Internet Key Exchange): negotiates security associations and keys automatically.
Security Associations (SAs): define encryption/authentication parameters between peers.
IPsec process:
Establish IKE phase 1 (secure channel).
Exchange keys and negotiate SAs.
Secure data with ESP or AH.
Used for both site-to-site and remote-access VPNs.
8.0 – Introduction
Focuses on how VPNs provide secure remote connections.
VPNs use encryption and tunneling to protect data across public networks.
IPsec is a key protocol suite for VPN security.