Week 8 Assignment - IPsec, SLL_TLS Standards, and VPN Security

docx

School

Strayer University *

*We aren’t endorsed by this school

Course

505

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

8

Uploaded by stephculbreth

Report
Week 8 Assignment - IPsec, SLL/TLS Standards, and VPN Security Stephanie Culbreth CIS505 Professor Cohen 9/2/2023
Private Networks (VPN) Host-to-host VPN In a host-to-host VPN IPsec can be configured to connect a workstation to another workstation or desktop at the same site. Since the security of the connection is handled by the two hosts, it requires no additional help. With a host-to-host VPN, two computers can create an encrypted tunnel between them. This tunnel will allow the computers to share files and applications as well as access the other computer’s resources. A host-to-host VPN is easy to set up, and depending on the deployment method, a user can host their own VPN server at no extra cost (Vasic). Site-to-site VPN In a site-to-site VPN, two networks are linked together by routing traffic through designated servers. If an organization has two locations, both having its own LAN (local area network), a site-to-site VPN can be used to connect them. This would allow employees to communicate and share resources as though they were on the same network. Instead of relying on a VPN client/server model, a site-to-site VPN creates an encrypted tunnel between VPN gateways in both local area networks. Since a gateway manages the traffic, site-to-site VPN does not require the VPN client to be installed on each device (Higgins). Host-to-site (remote access) VPN In host-to-site VPN the network is configured to connect two hosts, often within the same site. A remote access virtual private network (VPN) enables users to connect to a private network
remotely using a VPN. There are many different types of remote access VPNS on the market. Each VPN uses its own protocols to encrypt and tunnel data sent over the internet; preventing unauthorized users from connecting without permission. Once the user is connected to the VPN, they have full access to all of the network’s resources as though they were at the site (Fortinet, Inc.). If a user is working from home or any other remote location, they could use a remote access VPN to access work resources and servers. Remote access VPN connects the user to a specific server which is selected by the administrator who set up the VPN. Every device using a remote access VPN must have a VPN client app installed (Fortinet, Inc).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
IPsec vs. SSL/TLS SSL (Secure Sockets Layer) and IPsec (Internet Protocol Security) are encryption protocols that play a crucial role in establishing secure connections over virtual private networks (VPNs). While both SSL and IPsec guarantee the privacy of your online activities, they differ in their approaches to creating secure connections between a client device and a VPN server. Security In order for devices to connect to a network through IPsec VPNs, specialized hardware and software must be installed on each device. This installation process is necessary for proper encryption and data transmission. After the client software is successfully installed on both the sending and receiving devices, an encryption process is initiated using a key exchange mechanism. This key exchange allows connected devices to decrypt incoming data. Once the connection is established, data is transmitted in small packets through the network using a transport protocol. Before being transmitted, the data undergoes an authentication process to verify its trustworthiness and origin. SSL VPNs serve as an entry point or gateway to private networks, allowing users to access network resources. To establish a connection, users first authenticate themselves through a web-based portal known as the SSL VPN gateway. This gateway verifies user credentials before granting access. In addition to authentication, SSL VPNs can enforce restrictions such as limiting access to specific resources and controlling the types of devices that can connect to the network. Once the secure connection is established, users can freely access network resources. Acting as a proxy, the SSL VPN gateway encrypts all traffic between the user's device and the network, ensuring data security throughout transmission.
Strengths IPsec Offers complete access to all devices within the network, rather than limiting access to just a single application or utility. Promotes robust security measures by necessitating the installation of appropriate client software. Guarantees stringent authentication procedures through the use of digital certificates, pre-shared keys, or other reliable methods. SSL/TLS SSL VPNs have the ability to effortlessly expand to handle an increasing number of users. Plus, there's no necessity for extra software installation, as they can be accessed directly through a web browser. Not only are they cost-effective due to their lack of dedicated hardware or software requirements, but they also offer the convenience of accessibility from any location and device with an internet connection. Weaknesses IPsec Setting up and managing these VPNs requires the expertise of skilled network engineers. In the event of an IPsec-enabled device malfunction, users may experience disruptions in their VPN connectivity, leading to potential bottlenecks. The associated expenses for hardware, software, and ongoing maintenance can pose a significant financial burden for organizations. SSL/TLS There is a potential for latency problems that may arise from the added processing needed for encryption and decryption, resulting in delays in data transmission. SSL VPNs may not be compatible with older or unsupported devices, which can restrict their effectiveness in certain
business settings. Additionally, limited network availability within SSL VPNs can hinder users from accessing important company applications and data. It is worth noting that SSL VPNs are relatively susceptible to man-in-the-middle attacks. Proposed Internet Standard for Implementing Security Host-to-host & Site-to-site Networks IPSec VPNs are a highly recommended solution for organizations in need of strong security and complex network infrastructure. They are especially effective at securely connecting multiple networks and providing site-to-site connectivity. Moreover, IPSec VPNs are an optimal choice for organizations that prioritize data confidentiality, integrity, and authenticity because they offer end-to-end encryption and dependable authentication algorithms. Host-to-Site (Remote Access) VPN SSL VPNs provide a secure remote access solution for organizations that need to accommodate individual users or devices, such as telecommuters, contractors, or mobile workers. With their simplified setup and management capabilities, SSL VPNs offer an easier alternative to IPSec VPNs. They are particularly effective for accessing web-based applications remotely. In addition, SSL VPNs come equipped with robust access controls that enable organizations to limit user access to specific resources, thereby enhancing the security of their applications and data.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Reflection on Learning Experience in Assignment Between two endpoints, virtual private networks (VPNs) offer a secure data stream. In addition to numerous forms of VPNs, there are many Internet security standards that are used to implement security in these various VPN types. This assignment allowed me to categorize the three types of Virtual Private Networks (VPNs). The assignment afforded me the ability to contrast the advantages of SSL/TLS and IPsec as internet security protocols. The implementation of security in the three various types of VPNs was also evaluated against these two Internet security standards. The lessons learned in this assignment provided me with a better understanding of how virtual private networks play a role in my professional life. Working from home, I utilize a remote access VPN to connect to my organization’s resources and tools. It is comforting to know there are security measures in place to protect the resources that I am accessing on a daily basis.
References Fortinet, Inc. “Remote Access VPN.” Fortinet , 2023, www.fortinet.com/resources/cyberglossary/remote-access-vpn#:~:text=Remote %20access%20VPNs%20work%20by,network%20and%20a%20remote%20user. Higgins, Malcolm. “Site-To-Site VPN vs Remote Access VPN.” NordVPN , 23 Jan. 2023, nordvpn.com/blog/site-to-site-vpn-vs-remote-access-vpn/. Accessed 3 Sept. 2023. Vasic, Dusan. “What Is a Site-To-Site VPN and Do You Need One? | DataProt.” Dataprot.net , 11 Apr. 2023, dataprot.net/articles/what-is-a-site-to-site-vpn/#:~:text=Peer %2Dto%2DPeer%20VPNs&text=This%20type%20of%20VPN%20is%20also%20called %20a%20host%2Dto,access%20the%20other%20computer’s%20resources. Phifer, Lisa. “Choosing between an SSL/TLS VPN vs. IPsec VPN.” Security , TechTarget, 2019, www.techtarget.com/searchsecurity/feature/Tunnel-vision-Choosing-a-VPN-SSL- VPN-vs-IPSec-VPN#:~:text=If%20you%20really%20need%20per,shared%20secret %20encryption%2C%20go%20IPsec. Okeke, Franklin. “SSL VPNs vs. IPsec VPNs: VPN Protocol Differences Explained | ENP.” Enterprise Networking Planet , 8 May 2023, www.enterprisenetworkingplanet.com/security/understanding-vpn-ipsec-ssl-pros-cons/.

Related Documents

AEM2 TASK 3.docx
ACM1 Task 1.docx
Machine Learning and Feature Selection (Nov 27) Class(1).py
BA 222 Introduction to Pandas (Oct 11) Class.py
hw3-client.py
Variability.docx
CIS502 Theories of Security Management.docx
Roles of Core Technologies in an Effective IT System-3.pdf
Module 8 Problems Krishna.docx
CIS502_Performance_Lab_Report_2_Week 6.docx
Assignment 1 Sample Solutions.pdf
Assignment 3 (4).pdf
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
SEE MORE TEXTBOOKS