network access for remote users
play

Network Access for Remote Users Dr John S. Graham ULCC - PowerPoint PPT Presentation

Sep 09, 2023 •740 likes •957 views

Network Access for Remote Users Dr John S. Graham ULCC j.graham@ulcc.ac.uk Review of Technologies Remote Site Private Leased Lines Kilostream or Megastream Circuits LES ISDN EPS9 ISP Remote User

  1. Network Access for Remote Users Dr John S. Graham ULCC j.graham@ulcc.ac.uk

  2. Review of Technologies • Remote Site – Private Leased Lines • Kilostream or Megastream Circuits • LES – ISDN – EPS9 – ISP • Remote User – Private Dialup Service – ISP

  3. Site-to-Site Private Infrastructure

  4. Traditional Dialup Service � High Costs � Security Guaranteed � Support Burden � Limited to 56K Analogue Dialup � Limited Service

  5. Virtual Private Network � Highly Flexible Solution � Complex Security Issues � Uses Existing Infrastructure

  6. VPN Roadmap VPN Tunnelling Encryption Authentication IP Framework Symmetric Asymmetric Endpoints Data User

  7. Tunnelling Methods • Layer III – GRE – IPSec • Layer II – L2F – PPTP – L2TP

  8. Layer 3 Tunnelling (GRE) IP TCP Data GRE IP GRE IP TCP Data passenger protocol encapsulating protocol carrier protocol

  9. Tunnelling In Action IP TCP Data IP GRE IP GRE IP TCP Data Source 62.49.38.138 Destination 194.82.103.186 192.168.17.26 192.168.17.26

  10. Layer 2 Tunnelling (L2TP) PPP IP TCP Data L2TP IP UDP L2TP PPP IP TCP Data L2TP + IPSec IP ESP UDP L2TP PPP IP TCP Data ESP

  11. Layer 2 Tunnelling Modes Compulsory L2 Tunnelling Voluntary L2 Tunnelling

  12. Authentication • Peer Identity – Shared Secret – Digital Certificate • Data Integrity – Digital Signatures • User Identity – Kerberos – RADIUS

  13. IP Security (IPSec) • Protocols – Authentication Header – Encapsulating Security Payload – Internet Key Exchange • Modes – Tunnel – Transport

  14. IPSec Protocols Next Payload Reserved SPI Header Length SPI Sequence Number Sequence Number IV Authentication Data Data Pad Next Pad Length Header Authentication Data Authentication Header (51) Encapsulating Security Protocol (50)

  15. IPSec Modes Tunnel Mode IP AH/ESP IP TCP Data Transport Mode IP AH/ESP TCP Data

  16. Equipment at Remote Site • ‘Wires Only’ ADSL Connection – One Static IP Address • Splitter • Cisco 827H Router – Ethernet hub (4 ports) plus ATM port

  17. Customer Installation

  18. Router Configuration Ethernet B1 Routing Table Tunnel A1 B2 NAT IPSec A2 B3 Dialer

  19. IPSec Followed by NAT • Immutable fields of outer IP header included in AH protocol’s ICV data. • Transport mode IPSec renders TCP/UDP checksums invalid. • Multiple incompatibilities between SA parameters and NAT. http://www.ietf.org/internet-drafts/draft-ietf-ipsec-nat-reqts-04.txt

  20. Fragmentation Hell

  21. http://www.ja.net/documents/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Distributed File Systems Security: Anonymous access all files available to all users 14B.

Distributed File Systems Security: Anonymous access all files available to all users 14B.

5/30/2018 Distributed File Systems Security: Anonymous access all files available to all users 14B. Remote Data Access: Security no authentication required may be limited to read-only access 14C. Remote Data: Robustness examples:

391 views • 9 slides
Remote Access Plus Enterprise Remote Access Sofuware - Product Overview Covers all your

Remote Access Plus Enterprise Remote Access Sofuware - Product Overview Covers all your

Remote Access Plus Enterprise Remote Access Sofuware - Product Overview Covers all your troubleshooting needs ! On Premises Available on cloud Feature Highlights Advanced remote desktop sharing Voice, video and text chat Remote

222 views • 11 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Distributed File Systems Security: Anonymous access all files available to all users 14B.

Distributed File Systems Security: Anonymous access all files available to all users 14B.

6/6/2017 Distributed File Systems Security: Anonymous access all files available to all users 14B. Remote Data: Security no authentication required may be limited to read-only access 14C. Remote Data: Reliability & Robustness

89 views • 8 slides
DTCP + Remote Access Proposal for Discussion with 3S October 28, 2009 1 Remote Access (RA)

DTCP + Remote Access Proposal for Discussion with 3S October 28, 2009 1 Remote Access (RA)

DTCP + Remote Access Proposal for Discussion with 3S October 28, 2009 1 Remote Access (RA) Basic Rules Remote Connection AKE RA Encoding Rules 2 Remote Access Basic Rules Source devices may permit remote access to content

326 views • 15 slides
Remote Access and SSH a t t e n t i i g r e e n ! P a y t o t e x t o n n T h e s e c o r r e c t

Remote Access and SSH a t t e n t i i g r e e n ! P a y t o t e x t o n n T h e s e c o r r e c t

Remote Access and SSH a t t e n t i i g r e e n ! P a y t o t e x t o n n T h e s e c o r r e c t i d o n e a f t h e l e c t u r e ! t e r a r e o n s 1 Remote Access Modern computing requires the use of a variety of resources located on

652 views • 44 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
Remote access access to GP Desktops Desktops Desktops Desktops Dr Paul Mi aul Miller SCIMP

Remote access access to GP Desktops Desktops Desktops Desktops Dr Paul Mi aul Miller SCIMP

Remote access access to GP Desktops Desktops Desktops Desktops Dr Paul Mi aul Miller SCIMP CIMP paulmiller@ ler@nhs.net Remote Access Access to desktop Applications Files E-mail Web From Home Nursing Homes

595 views • 26 slides
CompSci 514: Computer Networks Lecture 17: Network Support for Remote Direct Memory Access

CompSci 514: Computer Networks Lecture 17: Network Support for Remote Direct Memory Access

CompSci 514: Computer Networks Lecture 17: Network Support for Remote Direct Memory Access Xiaowei Yang Some slides adapted from http://www.cs.unh.edu/~rdr/rdma- intro-module.ppt Overview Introduction to RDMA DCQCN: congestion control

1k views • 48 slides
Access Network Access Network Access network: local loop infrastructure It is the last

Access Network Access Network Access network: local loop infrastructure It is the last

Access network and access service Access Network Access Network Access network: local loop infrastructure It is the last mile of the network Connects the user with the first network POP Can use different technologies

369 views • 11 slides
Remote Network Server Access Michael P. Andrews Ameritech Electronic Commerce Senior Technology

Remote Network Server Access Michael P. Andrews Ameritech Electronic Commerce Senior Technology

Remote Network Server Access Michael P. Andrews Ameritech Electronic Commerce Senior Technology Consultant Network Services - National Operations Mike.Andrews@Ameritech.COM Mike@MikeA.COM 5/27/97 Mike Andrews 1 Work At Home On-Line

1.06k views • 63 slides
No/fied Access: Extending Remote Memory Access Programming

No/fied Access: Extending Remote Memory Access Programming

spcl.inf.ethz.ch @spcl_eth R OBERTO B ELLI , T ORSTEN H OEFLER No/fied Access: Extending Remote Memory Access Programming Models for Producer-Consumer Synchroniza/on

843 views • 61 slides
Distributed File Systems 14A. Remote Data Access: Architectures Operating Systems Principles

Distributed File Systems 14A. Remote Data Access: Architectures Operating Systems Principles

5/25/2016 Distributed File Systems 14A. Remote Data Access: Architectures Operating Systems Principles 14B. Remote Data Access: Security 14C. Remote Data Access: Reliability Distributed File Systems 14D. Remote Data Access: Performance 14E.

321 views • 8 slides
Distributed Systems User-directed connection to access remote resources We want more

Distributed Systems User-directed connection to access remote resources We want more

Accessing files FTP, telnet : Explicit access Distributed Systems User-directed connection to access remote resources We want more transparency Distributed File Systems Allow user to access remote resources just as local ones Paul

247 views • 3 slides
Software development Several users work on a same project Remote or collocated users

Software development Several users work on a same project Remote or collocated users

Software development Several users work on a same project Remote or collocated users Each one works on its own computer Groupware and Collaborative Interaction (asynchronous) Collaborative Software Development Work on different

260 views • 12 slides
We mean .Network File System Introduction: Remote File-systems When networking became widely

We mean .Network File System Introduction: Remote File-systems When networking became widely

We mean .Network File System Introduction: Remote File-systems When networking became widely available users wanting to share files had to log in across the net to a central machine This central machine quickly become far more loaded then

470 views • 35 slides
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1415/ Chapter 16: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1415/ Chapter 16: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1415/ Chapter 16: 1 Chapter 16: Communications Security Chapter 16: 2 Agenda Threat model Secure tunnels Protocol design principles IPsec SSL/TLS EAP

695 views • 48 slides
Network Infrastructure Security APRICOT 2005 Workshop February 18-20, 2005 Merike Kaeo

Network Infrastructure Security APRICOT 2005 Workshop February 18-20, 2005 Merike Kaeo

Network Infrastructure Security APRICOT 2005 Workshop February 18-20, 2005 Merike Kaeo merike@doubleshotsecurity.com Agenda (Day 2) Securing Data Traffic Packet Filters Encryption (IPsec vs SSL) Logging Information What to

1.38k views • 114 slides
What's New with SELinux Stephen D. Smalley sds@tycho.nsa.gov National Information Assurance

What's New with SELinux Stephen D. Smalley sds@tycho.nsa.gov National Information Assurance

What's New with SELinux Stephen D. Smalley sds@tycho.nsa.gov National Information Assurance Research Laboratory National Security Agency National Information Assurance Research Laboratory 1 Advances in SELinux Deploying new

440 views • 25 slides
iLab IPsec Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de Chair of

iLab IPsec Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de Chair of

iLab IPsec Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de Chair of Network Architectures and Services Department of Informatics Technical University of Munich Lab 8 18ss 1 / 29 Outline Overview IPsec databases

563 views • 29 slides
Host Identity Protocol Updated Feb 23, 2005 Pekka Nikander Ericsson Research Nomadiclab and

Host Identity Protocol Updated Feb 23, 2005 Pekka Nikander Ericsson Research Nomadiclab and

Host Identity Protocol Updated Feb 23, 2005 Pekka Nikander Ericsson Research Nomadiclab and Helsinki Institute for Information Technology http://www.hip4inter.net Presentation outline Background HIP in a Nutshell Mobility and

713 views • 55 slides
Routerlab: Tunneling Thorben Kr uger original slides by Philipp S. Tiesel and Franziska

Routerlab: Tunneling Thorben Kr uger original slides by Philipp S. Tiesel and Franziska

Overview L2/L3/L4 VPN Other tunneling technologies Routerlab: Tunneling Thorben Kr uger original slides by Philipp S. Tiesel and Franziska Lichtblau June 1, 2016 1 / 27 Overview L2/L3/L4 VPN Other tunneling technologies Overview 1

663 views • 27 slides
Port Restricted IP Address Assignment draft-bajko-v6ops-port-restricted-ipaddr-assign Gabor

Port Restricted IP Address Assignment draft-bajko-v6ops-port-restricted-ipaddr-assign Gabor

Port Restricted IP Address Assignment draft-bajko-v6ops-port-restricted-ipaddr-assign Gabor Bajko (Nokia) Teemu Savolainen (Nokia) Softwires WG meeting @ IETF#73 1 Intended usage scenarios Managed and tightly controlled networks

371 views • 11 slides
Networking Friday Four Square! Outside Gates, 4:15PM Computer Networks Computer networks

Networking Friday Four Square! Outside Gates, 4:15PM Computer Networks Computer networks

Networking Friday Four Square! Outside Gates, 4:15PM Computer Networks Computer networks allow us to get amazing things done. Sharing knowledge (Wikipedia, Khan Academy, etc.) Solving huge problems (folding@home, SETI, etc.)

714 views • 42 slides

More recommend