VPN

Question 1

VPN Concentrator

Answer 1

VPN Concentrator

• Dedicated device with all services to create VPN
• Placed in DMZ

Question 2

IPSec

• Modes
• What does packet contain?
• What does it provide?
• Port

Answer 2

IPSec
-Tunneling protocol

• Tunnel mode encrypts entire packet
• —–IP address of internal network encrypted
• —–Only IP address of VPN server visible
• Transport mode only encrypts payload
• —–Used in private networks
• —–IP address of internal network visible
• ESP (Encapsulating Security Payload) includes AH (Authentication Header)
• ——-Confidentiality, authentication, integrity

-Use IKE (Internet Key Exchange) over UDP port 500

Question 3

TLS Tunneling Protocol

• What encrypts it?
• Port?

Answer 3

TLS Tunneling Protocol

• proprietary TLS-based VPN protocol.
• Windows
• SSTP (Secure Socket Tunneling Protocol) encrypts VPN traffic using TLS port 443

Question 4

Split Tunnel

Answer 4

Split Tunnel

• VPN admin determines what traffic should use encrypted tunnel
• ie, only encrypt traffic going to private IP address within private network
• Internet searches not encrypted

Question 5

Full Tunnel

Answer 5

Full Tunnel

• All traffic goes through encrypted tunnel
• Force all traffic to go through UTM device
• Can be slow

Question 6

Site-To-Site VPN

Answer 6

Site-To-Site VPN

• Two VPNs act as gateway for two networks separated geographically (remote office and HQ)
• Automatic - no action needed from users to access remote severs

Question 7

NAC

Answer 7

NAC

• Network Access Control
• Continuously inspects computers (antivirus up to date, OS up to date, firewall enabled)
• Prevent computers from accessing network if they don’t pass inspection
• Prevents infected computers from accessing VPN
• Authentication or health agents
• If client doesn’t meet health conditions, VPN can redirect client to remediation or quarantine network