excellentfor.blogg.se - Cisco easy vpn

This is illustrated with a small modification to the reference network layout that was first introduced in Figure 5.1 of Chapter 5, “Using Cisco IOS Firewalls to Implement a Network Security Policy.” In Figure 7.1, all traffic between the A and B networks is protected inside a siteto-site VPN between router A and router B.Ī device inside network A’-the system administrator PC, for example-would already have router A as its default gateway. The host’s own VPN router would recognize that this site-to-site traffic from the local site to the remote site needs to be protected by the VPN and it would launch a tunnel (that is, the VPN) to its peer if one doesn’t already exist. The host devices do not need any special software because the fact that there is a VPN between sites is immaterial to them, as the VPN is established between other devices, possibly their own default gateway in the simplest case.įor example, if we configure IOS routers to be VPN gateways, the IP hosts in the production network behind the router would only have to attempt to establish a connection with a device on the inside of a peer network’s router. With a site-to-site VPN, host devices operate behind network devices, such as IOS routers, which act as VPN gateways. VPN technology is largely independent of the underlying infrastructure, meaning that organizations can leverage on the most convenient broadband technology for the greatest flexibility.

Compatibility with Broadband Technology.

VPNs can grow seamlessly without the need to add extra infrastructure, particularly when using the Internet. Advanced encryption, integrity, and authentication protocols provide for the highest protection against unauthorized access and data loss. The use of cost-effective, high-speed Internet technologies versus dedicated WAN links makes VPNs attractive. VPNs have many benefits, including the following: Table 7.1 lists the primary products in the Cisco product portfolio that can be used to deploy VPNs. Even on the inside of an organization’s perimeter, thereĪre often places where a VPN is required to create a secure channel between network devices, as well as between people and network devices. With such a loose definition, technologies that don’t provide encryption, such as Generic Routing Encapsulation (GRE) and IPsec tunnels using Authentication Header (AH), are still considered VPNs.Īny kind of network connection over a hostile network could benefit from implementing a VPN. Historically, anything that created an IP tunnel was called a VPN. This is the definition that we use in this Exam Cram although there are a number of other technologies that are called VPNs, they don’t provide for encryption and are thus hardl private.