2. Traditional Remote Access Corporate Headquarters Remote Locations Customers, Suppliers & Consultants Remote Users Leased Lines Modem Bank
3. A New Solution: VPN Virtual Private Networking Internet Telecommuters & Mobile Users Remote Locations Customers, Suppliers & Consultants Corporate Headquarters Allowing cost effective expansion of private and secure networks
4. How does VPN work? 4. Authenticate Connection. 1. Connect to the Internet. 5. VPN Tunnel is complete Intranet Internet 3. Initiate Secure Connection to remote VPN gateway. Database 2. Attempt to access remote private network.
5. Tunneling Server Sending Data Through the VPN Tunnel Intranet A tunnel establishes a secure connection between two private networks over a public medium like the Internet. Secure VPN Tunnel
6.
7.
8.
9.
10. VPN Applications Remote Locations Mobile Users Telecommuter Corporate LAN Corporate LAN Corporate LAN SonicWALL TELE2 SonicWALL SOHO2 /50 VPN Client Software
11. SonicWALL VPN Internet Corporate Headquarters Remote Location Nashville Atlanta Remote User Florida
12. Rader Solutions 105 Antoinette Street Lafayette, LA 70503 Tel: 337-205-4652 Efax: 772-382-7694 [email_address] www.radersolutions.com
13.
Notas del editor
33778 SonicWall.ppt # Welcome to the SonicWALL VPN Sales presentation
33778 SonicWall.ppt # In the traditional networking model, companies purchased dedicated leased lines to link corporate sites. For remote employees, companies purchased 800 numbers and large modem banks. This solution often made it impossible to justify connecting small remote offices to the corporate network. Furthermore, connecting suppliers, contractors and business partners was simply too time consuming and too expensive to even consider. Due to the growing demand of virtual networking, it became obvious that this solution was not scalable.
33778 SonicWall.ppt # A Virtual Private Network (VPN) is an umbrella term that refers to all technologies enabling secure communications over the public Internet. VPNs allow organizations to securely extend a LAN over the Internet to remote networks and remote clients by encrypting the data traffic. With the advent of VPN technology, it is now possible to use public networks to cost-effectively broaden the reach of Intranet applications. VPNs constitute the ideal infrastructure for creating extranets, making them practical and affordable. Companies can now provide a secure method for the exchange of data and other resources with trusted partners, suppliers, and key business associates.
33778 SonicWall.ppt # Step 1: Connect to the Internet The first step is for the user to establish an Internet connection via their Internet Service Provider (ISP) or broadband service. Step 2: Attempt to Access Remote, Private Network The second step is to access the remote private network (i.e. network protected by the firewall) Step 3: Initiate Secure Connection to Remote VPN Gateway The VPN device (client or gateway) automatically initiates the secure connection to the private network. Step 4: Authenticate Connection The fourth step is to check the authentication of the user. If the user is not known, the connection is terminated. If the user is known, the user proceeds to step 5. Step 5: VPN Tunnel is Complete The user is now connected to the protected network and can now access company resources such as email or databases.
33778 SonicWall.ppt # A VPN tunnel refers to a secure VPN connection between two VPN gateways. Tunneling is the process of encapsulating private IP packets in a public IPSec packet. In order for data to be transported across the Internet, the data must be tunneled. To create a tunnel, the source encapsulates its packet in IP packets for transit across the Internet. Once the authentication and authorization steps are complete, the VPN tunnel is established. The user can then send data across the Internet through the VPN tunnel.
33778 SonicWall.ppt # In addition to being the cost-effective solution, VPN offers a variety of benefits over leased lines: Opening the door to limitless opportunities, VPN increases productivity though flexibility. Working in a virtual network allows employees and business partners to communicate at leisure. VPNs are a scalable solution. As the network grows, VPNs easily adjust to include new users and locations without the hassle of leasing another phone line. VPNs allow for the centralization of key data. Access to important information now becomes accessible in seconds. Mission critical business applications, such as file sharing, can be executed across continents. VPNs allow administrators to centrally enforce security policies. Administrators no longer have to travel to remote locations to install costly and time consuming security policies; everything can be done from one central location. Because ISPs maintain their own remote access equipment, companies no longer have to pay LAN administrators to do it.
33778 SonicWall.ppt # IPSec defines a set of protocols and cryptographic algorithms for creating secure IP traffic sessions between IPSec gateways. It is a framework of open standards for ensuring secure private communications over the Internet. Based on standards developed by the Internet Engineering Task Force (IETF), IPSec ensures confidentiality, integrity, and authenticity of data communications across a public network. IPSec provides a necessary component of a standards-based, flexible solution for deploying a network-wide security policy
33778 SonicWall.ppt # A security association is a group of settings that define the type of security and encryption method used between two VPN gateways. Information specified in the security association includes the public IP address of the remote VPN gateway and remote private network range.
33778 SonicWall.ppt # Authentication allows the network administrator to establish the identity of a remote VPN user, eliminating the possibility of another VPN device comprising the security of the VPN tunnel. A Digital Certificate is a small file used to establish the digital identity of a person. It establishes a user’s credentials when doing business or other transactions across the Internet. It contains the user’s name, a serial number, expiration dates, a copy of the certificate holder’s public key, and the digital signature of the certificate-issuing authority. Digital Certificates and VPN is analogous to signing and sealing an envelope. The signing provides authentication and the envelope provides confidentiality. The Public Key Infrastructure (PKI) is an infrastructure that enables the enrollment, issuing, maintenance, publication and revocation of Digital Certificates.
33778 SonicWall.ppt # VPN allows traveling employees to securely access the corporate LAN. As viewed in the first illustration, the man on the beach can use his cell phone to dial-up though a local ISP and connect to the corporate LAN. With VPN Client installed on his laptop, this employee is able to access information and get a tan at the same time. The most common use for VPN is referred to as Box to Box VPN. The second and third illustrations depict this. In the second illustration, an at home employee with broadband Internet access is securely connecting to the corporate LAN. This employee is able to access information and resources as if he was at work. Furthermore, the firewall is protecting him from any hackers or vandals on the Internet. The third illustration depicts a branch office with broadband access connecting to the corporate LAN via the VPN device. Every desktop and laptop behind the device is able to securely access the resources on the corporate network. Not only are companies able to affordably communicate and share resources, the firewalls are securing the entire network from hackers and vandals on the Internet.
33778 SonicWall.ppt # SonicWALL VPN offers businesses the ability to securely connect physically separated networks over the Internet without exposing critical data to danger. Whenever data is intended for a remote site, SonicWALL VPN automatically encrypts the data and sends it to the remote site over the Internet, where it is automatically decrypted and forwarded to the intended destination. SonicWALL offers the ability to carry out mission-critical Internet applications through secure remote access. VPN is available in each of SonicWALL’s products. While the SonicWALL SOHO2 and SonicWALL XPRS2 offer LAN-to-LAN VPN as an option, it is included as a key feature in the SonicWALL PRO, SonicWALL PRO-VX, and SonicWALL TELE2. VPN is the perfect way to connect branch offices and business partners to the primary business location. Using VPN offers significant cost savings and improved performance over leased site-to-site lines. Through the use of VPN Remote Client Software, mobile employees can securely access information from the corporate network, saving time and money while increasing productivity. Traveling employees can now access the network from just about anywhere. While VPN Client support is an available option with all SonicWALL products, the SonicWALL PRO and SonicWALL PRO-VX are specifically designed to support VPN Clients.
33778 SonicWall.ppt # Welcome to the SonicWALL VPN Sales presentation