Details

Virtual Private Networking

Virtual Private Networking

A Construction, Operation and Utilization Guide
1. Aufl.

von: Gilbert Held

107,99 €

Verlag: Wiley
Format: PDF
Veröffentl.: 28.01.2005
ISBN/EAN: 9780470020333
Sprache: englisch
Anzahl Seiten: 320

In den Warenkorb
Als Gutschein
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

Titelbeschreibung

This book provides network managers, LAN administrators and small business operators with all they need to know to "interconnect" multiple locations or travelling employees that need to access a single location. The operation and utilization of virtual private networks is discussed both in theory and practicality, covering the technical aspects associated with encryption and digital certificates as well as the manner by which readers can create VPNs using readily available products from Microsoft, Cisco, Checkpoint and possibly other vendors.<br /> <br /> The author was among the first to write about the concept of virtual private networking in a series of articles published over five years ago, and in the intervening years this has become a very hot topic - with the technology being increasing deployed by companies.<br /> <br /> Virtual Private Networking, by Gilbert Held, covers the technology and the theory, but also shows readers, through numerous examples, 'how to use ' the technology.

Inhaltsverzeichnis

<p>Preface xiii</p> <p>Acknowledgements xv</p> <p><b>Chapter 1 Introduction to Virtual Private Networking 1</b></p> <p>1.1 THE VPN CONCEPT 1</p> <p>1.1.1 DEFINITION 1</p> <p>1.1.2 TYPES OF VPNS 2</p> <p>1.1.3 CATEGORIES OF VPNS 4</p> <p>1.1.4 INFRASTRUCTURE 8</p> <p>1.1.5 BENEFITS OF USE 9</p> <p>1.1.6 DISADVANTAGES OF VPNS 12</p> <p>1.1.7 VPN PROTOCOLS 14</p> <p>1.1.8 SUMMARY 17</p> <p>1.1.9 ALTERNATIVES TO VPNS 18</p> <p>1.1.10 ECONOMIC ISSUES 19</p> <p>1.1.11 OTHER ALTERNATIVES 20</p> <p>1.2 BOOK PREVIEW 20</p> <p>1.2.1 UNDERSTANDING AUTHENTICATION AND CRYPTOLOGY 21</p> <p>1.2.2 UNDERSTANDING THE TCP/IP PROTOCOL SUITE 21</p> <p>1.2.3 LAYER 2 VPN TECHNIQUES 21</p> <p>1.2.4 HIGHER LAYER VPNS 22</p> <p>1.2.5 VPN HARDWARE AND SOFTWARE 22</p> <p>1.2.6 SERVICE PROVIDER-BASED VPNS 22</p> <p><b>Chapter 2 Understanding Authentication and Encryption 23</b></p> <p>2.1 AUTHENTICATION 23</p> <p>2.1.1 PASSWORD AUTHENTICATION PROTOCOL 24</p> <p>2.1.2 CHALLENGE-HANDSHAKE AUTHENTICATION PROTOCOL 27</p> <p>2.1.3 EXTENSIBLE AUTHENTICATION PROTOCOL – TRANSPORT LEVEL SECURITY 30</p> <p>2.1.4 TOKEN AUTHENTICATION 30</p> <p>2.2 ENCRYPTION 31</p> <p>2.2.1 GENERALMETHOD OF OPERATION 31</p> <p>2.2.2 PRIVATE VERSUS PUBLIC KEY SYSTEMS 33</p> <p>2.2.3 PUBLIC KEY ENCRYPTION 34</p> <p>2.2.4 THE RSA ALGORITHM 35</p> <p>2.2.5 DIGITAL CERTIFICATES 40</p> <p>2.2.6 HASHING AND DIGITAL SIGNATURES 49</p> <p><b>Chapter 3 Understanding the TCP/IP Protocol Suite 53</b></p> <p>3.1 FRAME FORMATION 53</p> <p>3.1.1 HEADER SEQUENCING 54</p> <p>3.1.2 SEGMENTS AND DATAGRAMS 54</p> <p>3.1.3 ICMP MESSAGES 55</p> <p>3.1.4 ON THE LAN 56</p> <p>3.1.5 DATAFLOW CONTROL FIELDS 56</p> <p>3.2 THE NETWORK LAYER 57</p> <p>3.2.1 THE IPV4 HEADER 57</p> <p>3.2.2 SUBNETTING 61</p> <p>3.2.3 THE SUBNETMASK 63</p> <p>3.2.4 THEWILDCARDMASK 63</p> <p>3.2.5 ICMP 65</p> <p>3.3 THE TRANSPORT LAYER 69</p> <p>3.3.1 TRANSPORT LAYER PROTOCOLS 69</p> <p>3.3.2 THE TCP HEADER 69</p> <p>3.3.3 THE UDP HEADER 70</p> <p>3.3.4 SOURCE AND DESTINATION PORT FIELDS 71</p> <p>3.4 PROXY SERVICES AND NETWORK ADDRESS TRANSLATION 73</p> <p>3.4.1 PROXY SERVICE 73</p> <p>3.4.2 NETWORK ADDRESS TRANSLATION 74</p> <p>3.4.3 TYPES OF ADDRESS TRANSLATION 75</p> <p>3.4.4 VPN CONSIDERATIONS 76</p> <p><b>Chapter 4 Layer 2 Operations 79</b></p> <p>4.1 THE POINT-TO-POINT PROTOCOL 79</p> <p>4.1.1 COMPONENTS 79</p> <p>4.1.2 PPP ENCAPSULATION 80</p> <p>4.1.3 LINK CONTROL PROTOCOL OPERATIONS 83</p> <p>4.1.4 MULTILINK PPP 89</p> <p>4.2 POINT-TO-POINT TUNNELING PROTOCOL 90</p> <p>4.2.1 IMPLEMENTATIONMODELS 90</p> <p>4.2.2 NETWORKING FUNCTIONS 93</p> <p>4.2.3 ESTABLISHING THE PPTP TUNNEL 95</p> <p>4.2.4 PPTP ENCAPSULATED PACKETS 95</p> <p>4.2.5 THE PPTP CONTROL CONNECTION PACKET 96</p> <p>4.2.6 CONTROL CONNECTION PROTOCOL OPERATION 111</p> <p>4.2.7 PPTP DATA TUNNELING 112</p> <p>4.3 LAYER TWO FORWARDING 115</p> <p>4.3.1 EVOLUTION 115</p> <p>4.3.2 OPERATION 115</p> <p>4.3.3 THE L2F PACKET FORMAT 116</p> <p>4.3.4 TUNNEL OPERATIONS 118</p> <p>4.3.5 MANAGEMENTMESSAGES 119</p> <p>4.4 LAYER TWO TUNNELING PROTOCOL 119</p> <p>4.4.1 OVERVIEW 120</p> <p>4.4.2 ARCHITECTURALMODELS 120</p> <p>4.4.3 THE L2TP PACKET FORMAT 121</p> <p>4.4.4 CONTROLMESSAGES 124</p> <p>4.4.5 PROTOCOL OPERATIONS 127</p> <p><b>Chapter 5 Higher Layer VPNs 133</b></p> <p>5.1 UNDERSTANDING IPSEC 133</p> <p>5.1.1 OVERVIEW 134</p> <p>5.1.2 TOPOLOGIES SUPPORTED 134</p> <p>5.1.3 SPECIFYING SESSION PARAMETERS 135</p> <p>5.1.4 THE SPI 137</p> <p>5.1.5 PROTOCOLS 137</p> <p>5.1.6 AUTHENTICATION HEADER 139</p> <p>5.1.7 ENCAPSULATING SECURITY PAYLOAD 142</p> <p>5.1.8 OPERATIONS 146</p> <p>5.1.9 KEYMANAGEMENT 152</p> <p>5.2 WORKING WITH IPSEC 157</p> <p>5.2.1 CONFIGURING IPSEC POLICIES 157</p> <p>5.2.2 ADDING THE IPSEC SNAP-IN 158</p> <p>5.2.3 CREATING AN IPSEC POLICY 161</p> <p>5.2.4 WORKING WITH IPSEC FILTERS 172</p> <p>5.3 SSL AND TLS 187</p> <p>5.3.1 RATIONALE FOR SSL 187</p> <p>5.3.2 OVERVIEW OF SSL 188</p> <p>5.3.3 SSL OPERATION 190</p> <p>5.3.4 MESSAGE EXCHANGE 190</p> <p>5.3.5 CIPHER SUITES 194</p> <p>5.3.6 THE NETILLA SECURITY PLATFORM 197</p> <p>5.3.7 SUMMARY 201</p> <p><b>Chapter 6 VPN Hardware and Software 203</b></p> <p>6.1 USING THE ASANTE VPN SECURITY ROUTER 203</p> <p>6.1.1 OVERVIEW 204</p> <p>6.1.2 CONFIGURATION ACCESS 204</p> <p>6.1.3 WIRELESS CONSIDERATIONS 205</p> <p>6.1.4 VPN OPERATIONS 209</p> <p>6.1.5 CLIENT-TO-NETWORK 215</p> <p>6.2 WINDOWS VPN SOFTWARE 216</p> <p>6.2.1 USING AWINDOWS XP CLIENT 217</p> <p>6.2.2 CREATING THE VPN 217</p> <p>6.3 WORKING WITHWINDOWS 2000 SERVER 233</p> <p>6.3.1 INSTALLING RRAS 234</p> <p>6.3.2 ENABLING RRAS 234</p> <p>6.3.3 CONFIGURING RRAS 239</p> <p>6.3.4 CREATING A TEST ACCOUNT 254</p> <p>6.3.5 TESTING THE CONNECTION 256</p> <p><b>Chapter 7 Service Provider-Based VPNs 261</b></p> <p>7.1 RATIONALE FOR USE 262</p> <p>7.1.1 ECONOMICS 262</p> <p>7.1.2 PERSONNEL LIMITATIONS 263</p> <p>7.1.3 RELIABILITY 264</p> <p>7.1.4 COMMUNICATIONS UNITY 265</p> <p>7.1.5 MANAGEMENT 266</p> <p>7.1.6 INSTALLATION AND SUPPORT 266</p> <p>7.1.7 PACKAGED SECURITY 267</p> <p>7.2 TRANSPORT FACILITIES AND VPN OPERATION 267</p> <p>7.2.1 HARDWARE-BASED SWITCHING 268</p> <p>7.2.2 SOFTWARE-BASED SWITCHING 269</p> <p>7.3 SERVICE LEVEL AGREEMENTS 271</p> <p>7.3.1 SLAMETRICS 271</p> <p>7.3.2 SLA LIMITATIONS 275</p> <p>7.4 VPN SERVICE PROVIDER OVERVIEW 276</p> <p>7.4.1 AT&T CORPORATION 277</p> <p>7.4.2 LEVEL 3 COMMUNICATIONS 279</p> <p>7.4.3 SPRINT 279</p> <p>7.4.4 VERIZON 280</p> <p>Appendix A VPN Checklist 283</p> <p>Index 287</p>

Autorenportrait

<b>Gilbert Held</b> is an award winning author and lecturer. Gil has written over 50 technical books and 400 articles over the past 30 years. In addition, Gil has earned many accolades and has been presented with an award from the Association of American Publishers. He has also been selected by <i>Federal Computer Week</i> to join the Federal 100, a list of the top 100 persons in academia, industry and the Federal Government that have made a significant impact upon the equipment acquisition process.

Back cover copy

<b>A guide to delivering secure remote access to private enterprise networks.</b> <p>Using the public communications infrastructure to connect remoteusers to an organization's network is a cost-effective and efficient way to provide communication and collaboration opportunities across large distances.  But how is private information kept private in a public network? And how may access be restricted to authorized individuals? Virtual Private networks (VPNs) hold the answer.</p> <p>In <i>Virtual Private Networking,</i> Gil Held gives a detailed overview of the various VPN solutions available, how they are constructed, the rationale for their use, and which solutions satisfy which operational requirements.  Detailed information on specific products available from vendors such as Cisco<sup>®</sup> and Checkpoint<sup>®</sup> together with hands-on examples on how to configure client and server in a Microsoft<sup>®</sup> Windows<sup>®</sup> operating environment, make this a supremely practical tutorial for practicing network managers and administrators</p> <p>Read on for:</p> <ul> <li>Information on appropria te authenication and encryption techniques</li> <li>A tutorial on TCP/IP focused specifically at creating and operating VPNs</li> <li>In-depth discussion on tunneling protocols PPTP and L2TP</li> <li>A comparison of commonly used security protocols IPSec and SSL</li> <li>The rationale for service provider-based VPNs and advice on service level agreement parameters to consider when using a VPN service provider</li> </ul> Concluding this book  is a comprehensive checklist of VPN features and operational techniques that may be used for 'build it yourself' applications as well as comparing the features and capabilities of third parties that provide VPN solutions.

Country of final manufacture

GB

Diese Produkte könnten Sie auch interessieren:

Bandwidth Efficient Coding
Bandwidth Efficient Coding
von: John B. Anderson
EPUB ebook
114,99 €
Digital Communications with Emphasis on Data Modems
Digital Communications with Emphasis on Data Modems
von: Richard W. Middlestead
PDF ebook
171,99 €
Bandwidth Efficient Coding
Bandwidth Efficient Coding
von: John B. Anderson
PDF ebook
114,99 €