Vpn with Ipsec
Abstract The goal of VPNs is to provide a cost-effective and secure way to connect business to one another and remote workers to office networks. Network Security Protocols encompasses the basis for safe & reliable data transfer. These security devices should be able to provide accountability, access control, confidentiality, integrity, while all the time being cost effective. This provides us with different security protocols related to the transfer of data through a network.
With a prevalent system of networks the frontier for world data communication, it is absolutely critical to be able to have these protocols provide the most secure service possible. In this report technical review IPSec protocol involved with Network Security. Internet Protocol Security (IPSec) It is a suite of protocol for securing IP communications by authentication and encryption of each IP packet of a communication session. IPSec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiating cryptography keys which is to be used during the session.
IPSec is an end to end security scheme operating in the Layer of Internet of the IP suite. It can be used in protecting data flows between a pair of hosts, between a pair of security gateways, or between a security gateway and a host. 2. Introduction to VPN A VPN is a virtual private network, which is built on top of existing physical network that can provide a secure communication mechanism for data and other information transmitted between networks. Because VPN can be used over existing networks, such as the Internet, it can facilitate the secure transfer of sensitive data across public networks.
This is often less expensive than alternatives such as dedicated private telecommunications lines between organizations or branch offices. VPNs can also provide flexible solutions, such as securing communications between remote telecommuters and the organization’s servers, regardless of where the telecommuters are located. A VPN can even be established within a single network to protect particularly sensitive communications from other parties on the same network. It is important to understand that VPNs do not remove all risk from networking.
While VPNs can greatly reduce risk, particularly for communications that occur over public networks, they cannot remove all risk for such communications. One problem is the strength of the implementation. For example, flaws in an encryption algorithm or the software implementing the algorithm could allow attackers to decrypt intercepted traffic; random number generators that do not produce sufficiently random values could provide additional attack possibilities. Another issue is encryption key disclosure; an attacker who discovers a key could not only decrypt traffic but potentially also poses as a legitimate user.
Another area of risk involves availability. A common model for information assurance is based on the concepts of confidential, integrity, and availability. Although VPNs are designed to support confidentiality and integrity, they generally do not improve availability, the ability for authorized users to access systems as needed. In fact, many VPN implementations actually tend to decrease availability somewhat, because they add more components and services to the existing network infrastructure. This is highly dependent upon the chosen VPN architecture model and the details of the implementation. 3. 1 VPN Technologies
The Internet is a shared public network of networks with open transmission protocols. Therefore, VPNs must include measures for packet encapsulation (tunneling), encryption, and authentication to ensure that sensitive data reaches its destination without modifying by unauthorized parties. Fig: IP Packet 2. 2 Tunnels The thing that makes a Virtual Private Network “virtually private” is known as tunnel. Even though you access your network via Internet, you’re not really “on” the Internet, you are actually “on” your company network. Although the term “tunnel” feels like it’s describing a fixed path through the Internet, this is not the case.
There are some enterprises out there going even higher. Even the fastest computers today would need extended time to crack a code that is complex. You might be tempted to make a policy of always using the highest-bit encryption method available, but keep in mind that processing such complicated cipher-text will require significant, dedicated CPU processing power. There are other ways to use keys to the outmost security to fit your needs. For example, it does, indeed, take time to crack the higher-bit keys. If you establish a policy of periodically changing your keys, the trespassers won’t be able to keep up. . 4. 1 Symmetrical Keys Symmetrical keys means the same key is used at each end of the tunnel to encrypt and decrypt information. Because a symmetrical key is being shared by both parties, there must be an understanding between the two to take appropriate steps to keep the key secret, which is why symmetrical keys are often referred to as “shared secrets. ” These keys become more difficult to distribute, since they must be kept confidential. A technique called “key splitting” may be employed to reduce the potential of key disclosure during transit.
This allows participants to use public channels such as the Internet. More commonly, however, distribution of symmetrical keys is more of a manual operation using paper, removable media, or hardware docking. 2. 4. 2 Asymmetrical Keys Asymmetrical keys are slightly more complicated, but, logistically, much easier to manage. Asymmetrical keys allow information to be encrypted with one key and decrypted with a different key. The two keys used in this scenario are referred to as private and public keys, or the ones you keep to yourself and the ones you distribute to your remote users.
Consider this example: Let’s call our business FQT and HIQT. FQT has a set of two keys, a public key and a private key. His public key has been programmed to encrypt data so that only his own private key can decipher it. In order to communicate securely, FQT hands his public key to HIQT and tells him to encrypt anything he sends with that code. Using this asymmetrical keying method, both are assured that only FQT will be able to read those transmissions because he retains the private decoder key. If the communication is to be bi-directional, HIQT would share his public key with FQT in the same manner. . 5 Key Management Configuring pre-shared secrets in smaller VPNs does not necessarily require software automation or large infrastructure investments. However, larger networks might benefit from deploying a Public Key Infrastructure (PKI) to create, distribute, and track digital certificates on individual-user basis. You can use pre-shared keys or digital signatures if your equipment supports these authentication alternatives. However, if you decide to use certificates, there are options. For example, you may use third-party Certificate Authority services.
Or, you may build your own Certificate Authority using software from Entrust, Xcert, or Baltimore Technologies. Either option will help you establish a comprehensive PKI, which is especially useful in large organizations needed to extend secure, limited network access beyond their own internal users to business partners and customers. 2. 6 Authentication The last bit of housekeeping involved in VPN transmission is authentication. At this step, recipients of data can determine if the sender is really who he says he is (User/System Authentication) and if the data was redirected or corrupted enroute (Data Authentication). . 6. 1 User/System Authentication Consider, again, our two business named FQT and HIQT. When FQT receives a message signed from HIQT, FQT picks a random number and encrypts it using a key which only HIQT should be able to decode. HIQT then decrypts the random number and re-encrypts it using a key only QT should be able to decode. When FQT gets his number back, he can be assured it is really IQT on the other end. 2. 6. 2 Data Authentication In order to verify that data packets have arrived unaltered, VPN systems often use a technique involving “hash functions. A hash function creates a sort of fingerprint of the original data. It calculates a unique number, called a hash, based on fixed or variable length values of unique bit strings. The sender attaches the number to the data packet before the encryption step. When the recipient receives the data and decrypts it, he can calculate his own hash independently. The output of his calculation is compared to the stored value appended by the sender. If the two hashes do not match, the recipient can be able to assume the data has been altered. 3.
VPN Protocols used for tunneling 3. 1 IPSec IPSec is a standard for secure encrypted communication that provides two security methods: Authenticated Headers (AH) and Encapsulating Security Payload (ESP). AH is used to authenticate packets, whereas ESP encrypts the data portion of packets. It can work in two different modes: transport mode and tunnel mode. IPSec is commonly combined with IKE as a means of using public key cryptography to encrypt data between LANs or between a client and a LAN. IKE provides for the exchange of public and private keys. 3. 2 PPP
In networking, the Point-to-Point Protocol (PPP) is commonly used in establishing a direct connection between two networking nodes. It can provide connection authentication, transmission encryption, and compression. 3. 3 L2TP Layer 2 Tunneling Protocol (L2TP) is an extension of the long protocol used to establish dial-up connections on the Internet, Point-to-Point Protocol (PPP). L2TP uses IPSec rather than MPPE to encrypt data sent over PPP. 3. 4 PPTP Point-to-Point Tunneling Protocol (PPTP) is commonly used by remote users who need to connect to a network using a dial-in connection of modem.
PPTP uses Microsoft Point-to-Point Encryption (MPPE) to encrypt data that passes between the remote computer and the remote access server. 3 Technical Review of IPSec over VPN 4. 1 IPSec IPSec is the Internet standard protocol for tunneling, encryption, and authentication. It was designed to protect network traffic by addressing basic usage issues including:- • Access control • Connection integrity • Authentication of data origin • Protection against replays • Traffic flow confidentiality The IPSec protocol allows two operational modes.
In Transport mode, everything behind the packet and not including the IP header is protected. In Tunnel mode, everything behind and including the header is protected, requiring a new pseudo IP header. While the IPSec protocol was under development, two other protocols — L2TP and PPTP used as temporary solutions. L2TP (Layer 2 Tunneling Protocol) encloses non-Internet protocols such as IPX, SNA, and AppleTalk inside an IP envelope. However, L2TP has to rely on other protocols for encryption functions. PPTP (Point-to-Point Tunneling Protocol) is a proprietary Microsoft encryption and authentication protocol.
Although originally developed as a temporary solution, Microsoft continues to deploy L2TP as its tunneling protocol instead of IPSec tunneling. When comparing the three, IPSec is, the most widely used protocol, and the only one that addresses future VPN environments (such as new IP protocols). 4. 1. 2 IPSec Architecture The architecture of the IPSec implementation refers to the selection of device and software to provide IPSec services and the placement of IPSec endpoints within the existing network infrastructure.
These two considerations are often closely tied together; For example, a decision could be made to use the existing Internet firewall as the IPSec gateway. This section will explore three particular aspects of IPSec architecture:- gateway placement, IPSec client software for hosts, and host address space management. Fig: Gateway-to-Gateway VPN for Remote Office Connectivity 4. 1. 3 IPSec Functions Internet Protocol Security (IPSec) has emerged as the most commonly used network layer security control for protecting communications. IPSec is a framework of open standards for ensuring private communications over IP networks.
Depending on how IPSec is implemented and configured, it can provide any combination of the following types of protection: Confidentiality. IPSec can ensure that data cannot be read by unknown parties. This is accomplished by encrypting data using a cryptographic algorithm and a secret key. A value known only to the two parties exchanging data. The data can only be decrypted by someone who has the secret key. Integrity. IPSec can determine if data has been changed (intentionally or unintentionally) during transit. The integrity of data can be assured by enerating a message authentication code (MAC) value, which is a cryptographic checking sum of the data. If the data is altered and the MAC is recalculated, the old and new MACs will be different. Peer Authentication. Each IPSec endpoint confirms the identity of the other IPSec endpoint with which it wishes to communicate, ensuring that the network traffic and data is being sent from the expected host. Replay Protection. The same data is not delivered multiple times, and data is not delivered grossly out of order. However, IPSec does not ensure that data is delivered in the exact order in which it is sent.
Traffic Analysis and Protection. A person monitoring network traffic does not know which parties are communicating, how often communications are occurring, or how much data is being exchanged. However, the number of packets being exchanged can be counted. Access Control. IPSec endpoints can perform filtering to ensure that only authorized IPSec users can access particular network resources. IPSec endpoints can also allow or block certain types of network traffic, such as allowing Web server access but denying file sharing. 4. 1. 4 IPSec Fundamentals
IPSec is a collection of protocols that assist in protecting communications over IP networks. IPSec protocols work together in various combinations to provide protection for communications. The three primary components of the IPSec protocol that provides the protections for the communication are ESP, AH and IKE. Encapsulating security Payload (ESP) ESP is the second core IPSec security protocol. In the initial version of IPSec, ESP provided only encryption for packet payload data. It can perform authentication to provide integrity protection, although not for the outermost IP header.
Also, ESP. s encryption can be disabled through the Null ESP Encryption Algorithm. Therefore, in all but the oldest IPSec implementations, ESP can be used to provide only encryption; encryption and integrity protection; or only integrity protection Authentication Header (AH) AH, one of the IPSec security protocols provides integrity protection for packet headers and data, as well as user authentication. It can optionally provide replay protection and access protection. AH cannot encrypt any portion of packets.
In the initial version of IPSec, the ESP protocol could provide only encryption, not authentication, so AH and ESP were often used together to provide both confidentiality and integrity protection for communications. Because authentication capabilities were added to ESP in the second version of IPSec AH has become less significant; in fact, some IPSec software no longer supports AH. However, AH is still valuable because AH can authenticate portions of packets that ESP cannot. Internet Key Exchange (IKE) The purpose of the Internet Key Exchange (IKE) protocol is to negotiate, create, and manage security associations.
Security association is a generic term for a set of values that define the IPSec features and protections applied to a connection. It can also be manually created, using values agreed upon in advance by both parties, but these security associations cannot be updated; this method does not scale for a real-life large-scale VPNs. In IPSec, IKE is used to provide a secure mechanism for establishing IPSec-protected connections. 4. 1. 5 IPSec Protocol Basics Transport mode is used to provide secure communications between hosts over any range of IP addresses.
Tunnel mode is used to create secure links between two private networks. Tunnel mode is the obvious choice for VPNs; however, there are some concerns about using tunnel mode in a client-to-site VPN because the IPSec protocol by itself does not provide for user authentication. However, when combined with an authentication system like Kerberos, IPSec can authenticate users. 4. 1. 6 Cryptography Used in IPSec Sessions Cryptography policy involves choosing encryption and integrity protection algorithms and key lengths. Most IPSec implementations offer the HMAC-MD5 and HMAC-SHA-1 hashing algorithms.
Neither of these algorithms is computationally intensive. Although both plain MD5 and plain SHA-1 have known weaknesses, both are still considered sufficiently secure in their HMAC versions. In some implementations of IPSec, the cryptography policy settings are not immediately apparent to admin. The default settings for encryption and integrity protection, as well as the details of each setting, are often located down several levels of menus or are split among multiple locations. It is also challenging with some implementations to alter the settings once they have been located. . 1. 7 Authentication Used for Identifying IPSec IPSec implementations typically support two authentication methods: pre-shared keys and digital signatures. To use pre-shared keys, the IPSec admin creates a key or password string, which is then configured in each IPSec device. Pre-shared keys are the simplest authentication method to implement, but key management is challenging. Because of scalability and security concerns, pre-shared key authentication is generally an acceptable solution only for small-scale implementations with known IP addresses or small IP address ranges.
In the digital signature method, a certificate identifies each device, and each device is configured to use certificates. Two IPSec endpoints will trust each other if a Certification Authority (CA) that they both trust has signed their certificates. Many organizations are currently implementing public key infrastructures (PKI) for managing certificates for IPSec VPNs and other applications such as secure e-mail and Web access. 5. Conclusion VPNs allow users or corporations to connect to remote servers, branch offices, or to other companies over internetwork of public, while maintaining secure communications.