Protocols For Tunneling
The major tunneling protocols are:
- GRE, L2TP often replaced by, developed by Cisco.
- PPTP (Point-to-Point Tunneling Protocol) is a layer 2 protocol developed by Microsoft, 3Com, Ascend, U.S. Robotics and ECI Telematics.
- L2F (Layer Two Forwarding) is a layer 2 protocol developed by Cisco Systems, Nortel and Shiva. It is now almost obsolete.
- L2TP (Layer Two Tunneling Protocol) is the culmination of the IETF (RFC 3931) to converge the features of PPTP and L2F. It is thus a layer 2 protocol based on PPP.
- IPsec is a layer 3 protocol, based on the work of the IETF, to transport encrypted data to IP networks.
- SSL / TLS provides a very good solution for tunneling. The advantage of this solution is to use a Web browser as a client VPN.
- SSH, initially known as a secure replacement for telnet, offers the possibility of tunneling TCP connections, thus allowing access to safe services available on a secure network, without creating a virtual private network in the full sense. However, since version 4.3, OpenSSH software used to create tunnels between two virtual network interfaces to Level 3 (IP routing traffic alone, interfaces TUN) or Level 2 (all Ethernet traffic interfaces TAP). However, OpenSSH only supports the creation of these tunnels, management (routing, addressing, bridging, etc.), that is to say, the creation of VPN tunnels using these, remaining the responsibility of the user.
- VPN-Q Quarantine connections allow an authenticated user to isolate and inspect its configuration to see if it presents no risk (if necessary to achieve compliance – patches, antivirus, firewall etc.). Then, and only if it complies it will have access to the internal network of the company. The addition of the inspection station can significantly reduce the risk of attacks against the VPN. On the walkway Microsoft ISA Server, the technology is called VPN Quarantine (VPN-Q). Automation is achieved through software QSS (Quarantine Security Suite). Microsoft provides the NAP service that allows it to do the same thing also on the cable networks (switches, etc.) and Secure Wi-Fi.
Open Virtual Private Network – OpenVPN
OpenVPN is a free software to create a virtual private network (VPN). It was written by James Yonan. OpenVPN allows peers to authenticate with each other using a private key shared in advance, certificates or couples of usernames / password. It makes intensive use of the library and OpenSSL authentication protocol SSLv3/TLSv1. Available on Solaris, Linux, OpenBSD, FreeBSD, NetBSD, Mac OS X, Windows 2000, XP and Vista; it also offers many security features and control.
OpenVPN is not compatible with IPsec or other VPN software. The entire packet contains a binary for client connections and server, an optional configuration file and one or more keys after the authentication method chosen.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
- Cloud Computing: The Concept and Examples of its Virtual Services | Part 1 - July 23, 2012
- Why Rapidly Growing Companies Need Cloud Computing | Part 1 - July 22, 2012
- Web Designing Process | Strategic Planning | Part 1 - August 7, 2011