| Who Should Attend: |
| |
| IT Managers, Security Officers, Network Engineers, Tech Support and anyone who is interested
in VPN. |
| |
| Prerequisites: |
| |
| Basic Knowledge of TCP/IP and Networking |
| |
| Course Description: |
| |
A VPN is a communications environment in which access is controlled to permit peer connections
only within a defined community of interest, and is constructed though some form of partitioning of a common underlying
communications medium, where this underlying communications medium provides services to the network on a non-exclusive
basis.
Virtual private networks have become an essential part of today's business networks, as they provide a cost-effective
means of assuring private internal and external communications over the shared Internet infrastructure. Virtual
Private Networks: Technologies and Solutions is a comprehensive, practical guide to VPNs.
VPN Fundamentals includes VPN concepts and architectures,an in-depth examination of advanced features and functions
such as tunneling, authentication, access control, VPN gateways, VPN clients, and VPN network and service management.
This course presents the various technology components, concrete solutions, and best practices you need to deploy
and manage a highly successful VPN. |
| |
| Course Objectives: |
|
After completing this course, attendees will be able to:
- Understand IPsec, featuring the Authentication Header, Encapsulating Security Payload, Internet
Key
- Exchange, and implementation details
- Understand PPTP, L2F, L2TP, and MPLS as VPN tunneling protocols
- Review Two-party and three-party authentication, including RADIUS and Kerberos
- Explore Public key infrastructure (PKI) concept and its integration into VPN solutions
- Understand Access control policies, mechanisms, and management, and their application to
VPNs
- Review VPN gateway functions, including site-to-site intranet, remote access, and extranet
- Review Gateway configuration, provisioning, monitoring, and accounting
- Explore Gateway interaction with firewalls and routers
- Understand VPN client implementation issues, including interaction with operating systems
- Understand Client operation issues, including working with NAT, DNS, and link MTU limits
- Explore VPN service and network management architectures and tunnel and security management
- Review successful VPN deployments
- Discuss successful and unsuccessful VPN deployments
- Step through a practical process for managing a VPN deployment project
- Explore the current and future market trends
|
| |
| Course Outline: |
| |
|
Introduction
- VPN Definition
- Potential Uses and Benefits
- VPN Motivation
- The VPN Market
- VPN Requirements
- Building Blocks of a VPN
- VPN Technologies
- VPN Topology
- VPN Protocols
- VPN versus Mobile IP
VPN Architectures
- VPN Requirements, Building Blocks, and Architectures
- Implementer-based VPN Architectures
- Security-based VPN Architectures
- Layer-based VPN Architectures
- Class-based VPN Architectures Site-to-Site Intranet VPNs
- Remote Access VPNs
- Extranet VPNs
Key Aspects of VPN Security
- Overview of Network Security
- Internet Architecture
- Security Issues Connecting to Internet
- Relevant Cryptography
- Generic Secure Channel
- Cryptography
- Shared Key Cryptography
- Public Key Cryptography
- Digital Signatures
- Message Authentication Codes
Tunnels and VPN
- Data Integrity and Confidentiality.
- VPN Tunneling Protocols
- PPTP
- L2F
- L2TP
- Ipsec
- MPLS
Point-to-Point Protocol (PPP)
- Overview and Basic Operation
- Basis for L2 VPN Protocols
- Major Components
- Wire Authentication Protocols
- Backend Authentication Servers
- Configuration of Network Protocols
Layer Two VPN Protocols
- Common Aspects
- Advantages and Disadvantages
- Layer Two Forwarding (L2F)
- Point-to-Point Tunneling Protocol (PPTP)
- Layer Two Tunneling Protocol (L2TP)
IP Security Protocol (IPSEC)
- Basic IPsec Concepts
- IPsec and VPNs
- Authentication Header (AH)
- Encapsulating Security Payload (ESP)
- Internet Key Exchange (IKE)
- Operational Modes
- Security Associations
- Mandatory Configurations
- Issues with Remote Access
- Key Management
- ANX Implementation
- L2TP with IPSEC
- Phase 1 Negotiation
- Phase 2 Negotiation
- IPsec Implementation
Authentication and access control in VPN
- PAP and CHAP
- PPP Authentication
- RADIUS
- S/KEY and OTP
- Trusted Third-Party Authentication
- Kerberos
- X.509 Public Key Infrastructure
- Pretty Good Privacy Trust Model
- Authentication in VPNs
- Gateway-Gateway Authentication
- Access Control Policy
- Access Control Rules
- Access Control Lists
- Access Control Policy Management
- Access Control in VPNs
Public Key Infrastructure (PKI) and VPNs
- PKI Architecture
- Certification
- Validation
- Trust Models
- Digital Certificate Formats
- X.509 Digital Certificate
- Certificate Management System
- Certificate Protocols
- Certificate Use in VPNs
VPN SOLUTIONS and implementations
- Assessing Your Environment and Needs
- Design Methodology
- Basic Administrative Tasks
- VPN Project Management
- Successful VoIP deployments
- A practical process for managing a VoIP deployment project
- VPN Gateways.
- Gateway Configuration and Provisioning
- VPN Gateway and Firewall
- VPN Design Issues
- A VPN Solution Scenario
- VPN Clients
- Alternative VPN Clients
- A Remote Access VPN Scenario
QOS and Performance Issues
- Factors Affecting Performance
- QOS Defined
- TCP Operation
- Broad Protocol Options
- Applicability to VPNs
- Role of the ISP
Multiprotocol Label Switching (MPLS)
- Evolution of Typical ISP Backbone
- Attempts at Switching IP Traffic
- Applicability to VPNs
VPN Network and Service Management
- Network Management Architecture
- Network Management Protocols
- Applicable MIBs and Probes
- SNMP Issues
- VPN Service Management.
- Service Level Agreement.
- Network Operations Center (NOCs)
- Redundancy and Load-balancing
- Integration with Existing Security
Survey of VPN Products and Services
- Product Categories
- Vendor Survey
- Factors in Product Selection
- Outsourcing Options
- Future Trends
|
