Remote Networking 10 Flashcards
In remote access networking a node
A node uses a remote connection to connect to a network. The node can access resources and function as if it is on the same physical network.
What is remote networking
A type of networking that enables users not on the physical location to access network resources.
Uses specific protocols for connectivity
Limitations: available bandwidth, link latency and security.
What is Remote Desktop control
A connection mode that enables users to access any network system for the workstation and perform tasks on the remote system as if they were working locally.
Names some benefits of Remote Desktop Controls
Centralized application deployment and access
Multiple device support
Server administration and maintenance
Enhanced security
What is RAS Servers
Remote Access Services servers are available from many sources. From Microsoft it is called RRAS Routing and Remote Access Services.
Remote access is a feature that allows an admin to access client systems from any location on the network.
What is RADIUS
Remote Authentication Dial-In User Service
A protocol that enables a server to provide standardized central authentication for remote users.
When a network contains several remote access servers you can configure them to be a RADIUS server and all of the others as RADIUS clients.
What is diameter
An authentication protocol that is an updated version of RADIUS and improves on some of its features. Not backward compatible with RADIUS but does provide an upgrade path.
A stronger protocol but not widespread due to lack of compatible products.
Name the four remote control protocols
RDP Remote Desktop Protocol. The backbone of microsofts Remote Desktop system. Capabilities include data encryption, remote audio and printing, access to local files, and redirection of the host computers disk drives and peripheral ports
VNC Virtual Network Computing. A platform independent desktop sharing system. Uses Remote Buffering Protocol RBC Which allows the client and server to determine the best version of RFB. Not inherently secure
Independent Computing Architecture ICA. Citrix ICA protocol is a remote terminal protocol as an add on to Microsoft Terminal Services
X Window System. A protocol that uses a client-server relationship to provide GUI and input device management functionality to applications.
What is remote access protocol
Enables a user to access a remote access sever and transfer data.
Can provide direct dial in connections via modems or via ISPs and the Internet.
Various ones such as PPP, PPPoE, and EAP
Describe PPP
Point to Point Protocol
A remote networking protocol that works on the data link layer.
Used to send IP datagrams over serial point to point links. Can be used in synchronous and asynchronous connections. Can dynamically configure and test remote network connections. Provides encryption.
Name the PPP variants
PPPoE provides functionality of PPP to DSL connections using ethernet to transfer signals.
EAP an extension of PPP and provides support for additional authentication methods such as tokens, smart cards and certificates.
PEAP protocol that secures EAP by creating an encrypted channel between a remote client and s server.
Steps to remote access authentication
Session initiation
Connection request
Link establishment
Authentication credentials communications
Describe web based remote access
Access to services and data via web browsers. Allows clients to access web based applications and data without any additional software installed in their systems.
What is a VPN
A virtual private network
A private network that is configured by Tunneling through a public network like the Internet
Tunneling encapsulates and encrypts data. Need VPN protocols to ensures that connection between endpoints are secure
What is a secure socket layer VPNs
SSL VPN A VPN format that works with a web browser without needing the installation of a separate client. ensures that the connection can be made only by using HTTPS
Describe tunneling
A logical path through the network that appears like a point to point connection.
A data transport technique in which a data packet from one protocol, the passenger protocol, is transferred inside the frame or packet of another protocol, the carrier protocol.
The carrier protocol can encapsulate and route nonroutable passenger protocols or it can provide additional security by hiding passenger data from the carrier networks.
Describe the two tunnel types
Voluntary. Created between endpoints at the request of a client.
Compulsory. Established by a WAN carrier with no involvement with client endpoints.
Name the three VPN types
Access VPNs. Provides remote access to single users via dial-up, ISDN, xDSL, or cable modem connections
Intranet VPNs. Connects sections of a network such as remote office tying into a corporate hq
Extranet VPNs. Connects networks belonging to different companies for the purpose of sharing resources.
Name the VPN classifications by their implementations
Hardware based uses routers for encryption
Firewall based. Uses firewalls for security
Software based. Uses software when VPN endpoints are not controlled by the same organization
What are the two big advantages of VPNs
Cost savings and data confidentiality
It’s also versatile.
VPNs data encryption is accomplished by either MPPE or IPSec. Describe the two
MPPE Microsoft Point to Point Encryption. Often used with PPTP. Provides both strong, 128-bit key and standard, 40 or 56-bit key, data encryption
IPSec in tunneling used with L2TP. Data encryption using DES data encrypted standard or 3DES triple DES encryption
What is a VPN concentrator
A device that incorporates advanced encryption and authentication methods to handle a large number of VPN tunnels.
Geared toward secure remote access or site to site VPNs
List the two VPN connection Models
Site to site. Each node on the network is connected to a remote network that may be separated by public or other secured networks. IPSec used to ensure data transactions. Either open or closed. Open VPN the exchange of data among nodes can be unsecured. Closed VPN data can be communicated only using secure mode
Client to site. Open and closed. Open VPN the path between the end node and the IPSec gateway is not secured. Closed VPN the path between the end node and the IPSec gateway is secured.
List some VPN protocols
PAP Password Authentication Protocol
CHAP Challenge Handshake Authentication Protocol
TACACS+ Terminal Access Control System Plus
PPTP Point to Point Tunneling Protocol
L2TP Layer 2 Tunneling Protocol
SSTP
PAP is
Password Authentication Protocol
Is remote access authentication method that sends client IDs and passwords as cleartext. Used when a remote client is connecting to a non windows PPP server that does not support password encryption
What is CHAP
the Challenge Handshake Authentication Protocol
A RAS protocol that uses an encryption method to transmit authentication information
Developed so passwords would not have to sent in plain text. Uses a combination of MD5 hashing and challenge response mechanism
Describe the Challenge Response Authentication Process
The password is never sent across the network.
Client request a connection to a RAS
Server sends the challenge sequence
Client encrypts the challenge sequence
Server encrypts the challenge sequence and compares the results.
What is TACACS +
Terminal Access Controller Access Control System plus
Ciscos product. Uses TCP port 49
Protocols that provide centralized authentication and authorization services for remote users.
Process wide encryption
supports Multiple protocols
More secure and scalable than RADIUS Because it accepts login requests and authenticates the access credentials of the user.
What is PPTP
Point to Point Tunneling Protocol
A layer 2 Microsoft VPN protocol that increase the security of PPP by providing tunneling and data encryption for PPP packets.
Deployed over public unsecured networks like the Internet it encapsulates and transports multiprotocol data traffic over IP networks
What is L2TP
Layer 2 Tunneling Protocol
Works on the Internet and combines the capabilities of PPTP and Layer 2 Forwarding L2F to enable the tunneling of PPP sessions across network protocols. Specifically designed for client to gateway and gateway to gateway connections.
Uses IPSec for encryption
What is SSTP
Secure Socket Tunneling Protocol
Uses the HTTP over SSL protocol
Encapsulates a data packet from IP with an SSTP header encrypted by SSL
An IP header containing the destination address is then added to the packet.
