Cisco CCNA VPN

Organizations can utilize VPN solutions to connect corporate headquarters with branch offices, suppliers, telecommuters and others.  VPNs offer flexible and scalable connectivity that can provide a secure, fast and reliable remote connection. VPNs are cost-effective Internet based solutions and they can provide secure communications via encrypted VPN tunnels. These tunnels leverage the Internet without the high cost of dedicated connections.

 

•VPN solutions provide cost-effective Internet-based solutions for connecting remote locations
•VPNs provide secure communications via encrypted VPN tunnels
•Utilizing VPN tunnels enables the use of high bandwidth Internet connectivity without the high cost of dedicated connections

 

Cisco CCNA VPN Types

You basically have two types of VPN networks.  Your site to site VPN network in which each site is terminated by a VPN device like a Cisco ASA 5510.  They are dedicated firewall boxes that are optimized for such activities and do these tasks better than routers.  The sending VPN device is responsible for encapsulation and encrypting outbound traffic and the receiving VPN device is responsible for de-encapsulationg and decrypting the inbound traffic.

 

•Site-to-site VPN
•End hosts communicate through a VPN device which is typically a router or Cisco Adaptive Security Appliance (ASA)
•Sending VPN device is responsible for encapsulating and encrypting outbound traffic
•Receiving VPN device is responsible for de-encapsulating and decrypting inbound traffic

 

 

Cisco CCNA Benefits of VPNs

VPN Stands for “Virtual Private Network”.  Benefits are as follows:

  • Cost savings: VPNs enable organizations to use cost-effective Internet connectivity to connect remote locations / users while providing privacy and confidentiality of data.
  • Security: VPNs take advantage of advanced encryption and authentication protocols.  Two options are IPsec and SSL.
  • Compatibility: VPNs work with essentially any Internet connectivity which allow for significant flexibility for telecommuters.
  • Scalability: VPNs enable organizations to utilize Internet infrastructure which makes it easy to add users.  Hence, organizations can add capacity without significant infrastructure costs.

Cisco CCNA SSL and IPSec Protocols

IPsec Characteristics:

  • Data Integrity: Receiver can verify data was transmitted without being altered.  Utilizes checksums which is a redundancy check.
  • Confidentiality: Sender encrypts data prior to transmitting packet.  Encryption ensures packers cannot be read if intercepted during transmission.
  • Authentication: Ensures connectivity is made with the correct destination.  IPsec utilizes IKE to authenticate users and devices.  IKE can utilize several types of authentication.
  • Anti-replay protection: Verifies that each packet is unique and not duplicated.