IP Sec...

IPSec:

Ø  IPSec-IP security

Ø  It is open standard protocol

Ø  IPSec is actually a group of standards, protocol and technologies that work together to build a secure session, commonly called a tunnel, to a remote peer

Ø  It works at network layer and protects IP packets

Ø  It can be used for site-site VPN and remote access VPN

IPSec services:

IPSec provides four main services

1.       Authentication

Ø  Verifying the identify of remote peers

Ø   Service attacks

Ø  digital certificates

2.       Confidentiality

Ø  Guaranteeing that no intermediate device can decipher the contents of the payload in a packet

Ø  Encryption  is used to hide the real data

3.       Integrity

Ø  Guaranteeing that the contents of a packet have not been changed by an intermediate device

Ø  HMA functions are used to verify the source of every packet as well as checking if it was tampered(changed) or not

4.       Anti-reply protection

Ø  Verifying that each packet is unique and not duplicated

Ø  Ensuring that copies of a valid packet are not used to create a denial of service attacks

Ø  Protected sequence number are  used to detect duplicate packets and drop them

IPSec Protocols:

Ø  IPSec is actually a group of standards, protocols that work together to build a secure session

Ø  An IPSec  tunnel comprises three connections

One management connection and two unidirectional data connections

Ø Tunnel is built across two phases

Ø  The management connection is built during phase 1 and is used to share IPSec- related information between the two peers

Ø  The two data connections are built during phase 2 and are used to transmit user tariff

Ø  All three connections are protected

ISAKMP –Internet security association and key management protocols, used to build and maintain the tunnel. It defines the format of the management payload

IKE – Internet key exchange protocol is responsible for generating and managing keys used for encryption algorithms and HMAC functions

DH –Diffie-Hellman process is used to secure the management and data connections

AH –Authentication header protocols is used only to validate the origination validity of data packets (on the data connections) received from a peer

ESP- Encapsulation security payload protocol is used to provide packet confidentiality and authentication. It provides confidentiality through encryption and packet authentication through an HMAC function

VPN Basics...

What is VPN?

                                                  

 Virtual private network

It is a logical secured tunnel establishes between networks in unsecured network

Public network is unsecured network

The secured networks can communicate via internet with security using VPN

The end network devices take care of encapsulation/encryption of packets

With VPN, networks can have security equal to private network security

Benefits of VPNs:

Ø  Security:

Security is provided through data encryption to protect confidentiality

Ø  Cost:

VPN reduce WAN infrastructure cost of a company

Ø  Bandwidth:

Inexpensive high bandwidth connections, such as DSL can be used to interconnect offices to allow fast and secure access to corporate offices

Ø  Scalability:

Companies can easily add large number of users and offices without building significant WAN structure

                                             

                                               VPN Types

                         VPNs fall under two implementation types

·         Site to site VPN

·         Remote access VPN

                Site to site VPN:

Ø  Site to site VPNs, sometimes called as LAN-to-LAN or L2L VPNs

Ø  Connect two locations or sites together (similar to P2P wan connectivity)

Ø  Two intermediate devices (VPN gateways) protect the traffic between two LANs

Ø  The original IP packet from one LAN is encrypted by one gateway, forwarded to destination gateway and then decrypted and forwarded to the local LAN

Ø  Traffic is protected by IPSec protocol

Site to Site VPNs are two types

·         Intranet: VPN between sites belong to same company

·         Extranet: VPN between sites belong to different companies

Remote access VPN:

Ø  VPN connectivity between a site and remote user

Ø  Remote access VPN is used by mobile users to have the connectivity with site

Ø  The can have access to resources as they are in site

Ø  VPN software is required in the PC to access site (Cisco VPN client)

Ø  Traffic is protected  by protocols like IPSec, SSL, PPTP, L2TP

Ø  Remote access VPN has two implementations

·         Easy VPN

·         Web VPN

OSI Layer Description....

OSI Layers                    

Ø  OSI layers explain the complete network communication process

Ø  It explains how the systems interact with each other

Ø  OSI layered architecture was designed by ISO& ITU-T

ISO –International standards organization

ITU-T-International telecommunication union –Telecom standard sector

                               

Application, presentation, session layers are called software layers

Transport layer is called Heart of OSI

Network, data link, physical layers are called hardware layers

7.Application layer

Functions:

Ø  It provides user interface

Ø  It gives network services to the user

Ø  Identification of port no depends on service

Protocols:

DNS, DHCP, HTTP, FTP, SMPT, Telnet

6.Presentation layer

Functions:

Ø  It converts data from standard format to machine format

Ø  Encryption  and decryption

Ø  Compression and decompression

Protocols:

ASCII, EBCDIC, GIF, TIFF, BMP, JPEG, MPEG, AVI, WAV

Ø  ASCII – American standard code for information interchange

Ø  EBCDIC – Extended  binary coded decimal interchange code

Ø  JPEG – joint picture expert group

Ø  TIFF – Tagged image file format

Ø  GIF – Graphical image format

Ø  BMP – Bit map image

Ø  MPEG – Motion picture expert group

Ø  AVI – audio video interleave

Ø  WAV – Windows audio video

5. Session layer

                   Functions:

Ø  It establish , maintains and terminate a logical session

                             Protocols:

                      NFS – Network file system

                      RPC – Remote procedure call

4. Transport layer

                              Function:

Ø  Segmentation

Ø  Adding TCP/UDP header

Ø  Sequencing &reassembling

Ø  Multiplexing & Demultiplexing

Ø  Error connection

Ø  Flow control

Protocols:

TCP – Transmission control protocol

UDP – User datagram protocol

Segmentation:

Ø  It is not possible to handle whole data as a unit

Ø  TCP typically handles 64KB of data as pay load

Ø  The data is divided into smaller segments

Ø  No of segments =total size /64KB

Ø  Example :1MB of data is made into 16 segments

Adding TCP/UDP header:

Ø  TCP/UDP header is added to the data fragment

Ø  TCP header size is 20 bytes

Sequencing and reassembling:

Ø  Segment will be rearranged if they arrive in different order

Ø  This can be done with the help of sequence number in TCP header

Multiplexing and Demultiplexing :

Ø  When a system communities with multiple systems , if send segments to all systems simultaneously

Error connection:

Ø  Destination system queries the source for missing segments. Source  needs to resend them

Flow control:

Ø  Speed is adjusted automatically between source and destination computers , if one of the computers is lower

TCP & UDP differences:

TCP	UDP
Transmission control protocol	User datagram protocol
Connection oriented	Connection less
Reliable and slow	Unreliable and fast
Eg : Telnet FTP , HTTP , SMTP	Eg : SNMP , TFTP , DHCP

3. Network layer:

Function:

Ø  It provides logical IP addressing scheme

Ø  IP header is added at network layer

Ø  It chooses best path to destination

Ø  Carries the data in the chosen path

Protocols:

Ø  Routing protocols : finds all possible paths and chooses the best path

Ø  RIP – Routing information protocol

Ø  IGRP – Interior gateway routing protocol

Ø  EIGRP – Enhanced IGRP

Ø  OSPF – Open shortest path first

Ø  ISIS – Intermediate system to intermediate system

Routed protocols: carries the data in the chosen path

Ø  IP – Internet protocol

Ø  IPX – Internet packet exchange

Ø  Apple talk

2. Data Link Layer:

Function:

Ø  It gives network services to the computer

Ø  It does error detection (No correction)-FCS

Ø  Data link Header and Tailor are added to the packet

Protocols/sub layers:

Ø MAC Sub Layer: Media Access control

        

·         LAN Protocols (LAN connectivity)

·         FDDI, token ring, Ethernet

·         FDDI – Fiber Distributed Data Interface

Ø LLC Sub Layer: Logical Link Control

   

·         WAN Protocols( WAN Connectivity)

·         HDLC, PPP, Frame-Relay, X.25

HDLC	PPP
High Level Data Link control	Point to Point Protocol
Cisco Proprietary	Open Standard
No compression	Supports compression
Doesn’t support Authentication	Supports authentication PAP - Password Authentication Protocol CHAP – Challenge handshake Authentication protocol

Adding data link Header and Tailor:

14 byte data link header is added to the packet at beginning

4 byte data link tailor is added to the packet at ending(FCS/CRS)

Data link tailor is used for error checking

Source computer generates one value by running CRC algorithm on the data and sends that value in the tailor. Destination computer also runs CRC and compares that value with original. Destination system accepts the data if it matches.

Layer 2 limitations:

Ø Connect to upper layers via logical link control(LLC)

Ø Uses addressing schemes to identify devices

Ø Uses frames to organize bits into groups

Ø Uses (MAC) to identify transmission sources

1.   Physical Layer

Functions:

Ø It deals with electrical and mechanical properties

Ø Cables, connectors, voltage levels

Ø Example:  Rj-45, Rj-11 connectors, transceiver, v.35 cables

Layer 1 limitations:

Ø  Cannot connect to upper layers

Ø  Cannot identify devices

Ø  Only recognizes streams of bits

Ø  Cannot determine the source of a transmission when multiple devices are transmitting 

Basic Networking.....

What is a Network :

Group of two or more computers / devices connected together

Requirements of network:

Ø  Computers with operating system

Ø  NIC(Network Interface card) for every computer

Ø  Cables and RJ-45 connectors

Ø  Centralized device ( Hub/ Switch)

Ø  IP address for  every computer(Internet Protocol Address)

LAN

Ø  Local area network

Ø  Network devices connected in a limited geographical area

Ø  Within room, with in building , with in campus

Ø  No service provide existence

Ø  Computers are connected to switches

WAN

Ø  Wide area network

Ø  Network devices are in distant areas

Ø  In different cities, countries

Ø  Service provider existence

Ø  Networks are connected with the help of routers

MAN

Ø  Metropolitan area network

Ø  It can be applied across a city

Topology Types:

Ø  Bus topology

Ø  Ring topology

Ø  Mesh topology

Ø  Star topology

Ø   extended topology

Network Devices

NIC:  (Network Interface Card)

Gives the network services to the computer. Every computer must have NIC to communicate with other computers

Hub :

Used to group the devices (regenerates the signal). Called as multi port repeater

Switch :

Used to group the devices (forwards data).faster than Hub

Router :

Used to communicate between different networks

Nic –Addresses

Two addresses are associated with Nic

Physical Address :

Ø  MAC-media access control

Ø  L2 Address

Ø  Permanent-BIA

Ø  48 Bit

Ø  Hexadecimal notation

Ø  Example : 01-5c –D9-6B-03-2E

Logical Address :

Ø  IP –INTERNET PROTOCOL

Ø  L3 Address

Ø  Logical(can be changed)

Ø  32 Bit

Ø  Dotted decimal notation

Ø  Example :192.168.6.1