Library items tagged: security

Anonymous
The Cisco® ASA family of devices are based on the Cisco® PIX platform (Figure 19); however they have been re-engineered and improved with feature rich functions. Included in the ASA Platform is IPSec VPN, SSL VPN, Web Portal and Secure Desktop facilities. The IPSec VPN functions are included for no extra charge; the remainder are chargeable options after version 7.0 of the ASA.
Anonymous
Overview SSL VPN technology has grown in popularity in recent years and like its IPSec counterpart allows users to connect remotely back to their home organisation, obtaining access to restricted network resources. There are several different variants of SSL VPN architecture and an increasing number of vendors and Open Source projects providing solutions.
Anonymous
This chapter shows how the facilities provided by IPSec can be used in practice to create secure VPNs. The examples use Cisco® routers and Windows® 2000/XP workstations. These devices have been chosen because they are widely used and most readers will have access to hardware similar to that discussed in the examples. Two common requirements are discussed: providing a secure VPN tunnel between two private networks, for example a remote site or office and a main campus, and providing a secure remote access service for staff working at home.
Anonymous
There are no security provisions within the IP standard that guarantee that received packets:
Anonymous
Many corporate networks are shielded from the outside world by firewall devices or by the simple expedient of running the network on private IP addresses that are not routed over the global Internet. Either or both of these measures may be present at both ends of a VPN, preventing external packets from reaching systems connected to the LAN. However the purpose of a VPN is to allow a remote host or site to become part of the LAN, and so the security measures used to guard against intrusion from the Internet must be selectively circumvented to allow the VPN to work.
Anonymous
The degree of security of a system is largely governed by the quality of the authentication procedures that are employed. Authentication may be defined as the process by which proof of identity or of integrity is established in response to some form of challenge. This chapter examines authentication methodologies based on asymmetric algorithms and their application to VPNs.
Anonymous
Cryptography is one of the essential technologies used in building a secure VPN. Different applications of the same basic algorithms can provide both encryption that keeps data secret and authentication that ensures the two security peers in a VPN are who they claim to be. This chapter introduces some basic concepts in cryptography and demonstrates how they can be used in practice to provide data confidentiality. The next chapter continues this theme with a discussion of mutual authentication using cryptographic algorithms.
Anonymous
A number of diverse computing topics contribute to the subject of VPNs and this can make the subject appear daunting to a newcomer. This section seeks to provide a roadmap for readers interested in implementing a straightforward IPSec or SLL VPN with minimal background reading. A discussion of the practicalities of implementing an IPSec VPN using Windows® and Cisco® routers is provided in Section 7 along with some examples. SSL VPNs are covered in more detail in Section 8 followed by a configuration guide in Section 9.
Anonymous
Testing Before any system is introduced into the production environment, it must undergo a period of testing and evaluation. This is usually done in a test environment away from the production infrastructure.
Anonymous
There are a number of issues that need to be considered before a new firewall is deployed or an existing one replaced on an organisation’s network. Requirements Analysis Defining a requirements specification will allow a successful evaluation of the various solutions available. There are many different elements involved in a firewall solution and the balance which needs to be achieved between these will differ significantly between organisations.