ccna 4 ch7
DESCRIPTION
ccna 4 chapter 7TRANSCRIPT
-
CH7 SecuringSitetoSiteConnectivitySecurityisaconcernwhenusingthepublicInternettoconductbusiness.VirtualPrivateNetworks(VPNs)areusedtoensurethesecurityofdataacrosstheInternet.AVPNisusedtocreateaprivatetunneloverapublicnetwork.DatacanbesecuredbyusingencryptioninthistunnelthroughtheInternetandbyusingauthenticationtoprotectdatafromunauthorizedaccess.
ThischapterexplainstheconceptsandprocessesrelatedtoVPNs,aswellasthebenefitsofVPNimplementationsandtheunderlyingprotocolsrequiredtoconfigureVPNs.
VPNsataGlance
Asmalltomediumsizedbusinessisgrowingandneedscustomers,teleworkers,andwired/wirelessemployeestobeabletoaccessthemainnetworkfromanylocation.Asthenetworkadministratorforthebusiness,youhavedecidedtoimplementVPNsforsecurity,networkaccessease,andcostsavings.
ItisyourjobtoensurethatallofthenetworkadministratorsstarttheVPNplanningprocesswiththesameknowledgeset.
FourbasicVPNinformationalareasneedtoberesearchedandpresentedtothenetworkadministrativeteam:
ConcisedefinitionofVPNs SomegeneralVPNfacts IPsecasaVPNsecurityoption WaysVPNsusetunneling
FundamentalsofVPNsOrganizationsneedsecure,reliable,andcosteffectivewaystointerconnectmultiplenetworks,suchasallowingbranchofficesandsupplierstoconnecttoacorporationsheadquarternetwork.Additionally,withthegrowingnumberofteleworkers,enterpriseshaveanincreasingneedforsecure,reliable,andcosteffectivewaystoconnectemployeesworkinginsmalloffice/homeoffice(SOHO)andotherremotelocations,withresourcesoncorporatesites.
Thefigureillustratesthetopologiesthatmodernnetworksusetoconnectremotelocations.Insomecases,theremotelocationsconnectonlytotheheadquarterslocation,whileinothercases,remotelocationsconnecttoadditionalsites.
OrganizationsuseVPNstocreateanendtoendprivatenetworkconnectionoverthirdpartynetworkssuchastheInternetorextranets.Thetunneleliminatesthedistancebarrierandenablesremoteuserstoaccesscentralsitenetworkresources.AVPNisaprivatenetworkcreatedviatunnelingoverapublicnetwork,usuallytheInternet.AVPNisacommunicationsenvironmentinwhichaccessisstrictlycontrolledtopermitpeerconnectionswithinadefinedcommunityofinterest.
ThefirstVPNswerestrictlyIPtunnelsthatdidnotincludeauthenticationorencryptionofthedata.Forexample,GenericRoutingEncapsulation(GRE)isatunnelingprotocoldevelopedbyCiscothatcanencapsulateawidevarietyofnetworklayerprotocolpackettypesinsideIPtunnels.ThiscreatesavirtualpointtopointlinktoCiscoroutersatremotepointsoveranIPinternetwork.
-
Today,asecureimplementationofVPNwithencryption,suchasIPsecVPNs,iswhatisusuallymeantbyvirtualprivatenetworking.
ToimplementVPNs,aVPNgatewayisnecessary.TheVPNgatewaycouldbearouter,afirewall,oraCiscoAdaptiveSecurityAppliance(ASA).AnASAisastandalonefirewalldevicethatcombinesfirewall,VPNconcentrator,andintrusionpreventionfunctionalityintoonesoftwareimage.
Asshowninthefigure,aVPNusesvirtualconnectionsthatareroutedthroughtheInternetfromtheprivatenetworkofanorganizationtotheremotesiteoremployeehost.Theinformationfromaprivatenetworkissecurelytransportedoverthepublicnetwork,toformavirtualnetwork.
ThebenefitsofaVPNincludethefollowing:
CostsavingsVPNsenableorganizationstousecosteffective,thirdpartyInternettransporttoconnectremoteofficesandremoteuserstothemainsitetherefore,eliminatingexpensive,dedicatedWANlinksandmodembanks.Furthermore,withtheadventofcosteffective,highbandwidthtechnologies,suchasDSL,organizationscanuseVPNstoreducetheirconnectivitycostswhilesimultaneouslyincreasingremoteconnectionbandwidth.
ScalabilityVPNsenableorganizationstousetheInternetinfrastructurewithinISPsanddevices,whichmakesiteasytoaddnewusers.Therefore,organizationsareabletoaddlargeamountsofcapacitywithoutaddingsignificantinfrastructure.
CompatibilitywithbroadbandtechnologyVPNsallowmobileworkersandtelecommuterstotakeadvantageofhighspeed,broadbandconnectivity,suchasDSLandcable,toaccesstotheirorganizationsnetworks.Broadbandconnectivityprovidesflexibilityandefficiency.Highspeed,broadbandconnectionsalsoprovideacosteffectivesolutionforconnectingremoteoffices.
SecurityVPNscanincludesecuritymechanismsthatprovidethehighestlevelofsecuritybyusingadvancedencryptionandauthenticationprotocolsthatprotectdatafromunauthorizedaccess.
TherearetwotypesofVPNnetworks:
Sitetosite Remoteaccess
SitetoSiteVPN
AsitetositeVPNiscreatedwhendevicesonbothsidesoftheVPNconnectionareawareoftheVPNconfigurationinadvance,asshowninthefigure.TheVPNremainsstatic,andinternalhostshavenoknowledgethataVPNexists.InasitetositeVPN,endhostssendandreceivenormalTCP/IPtrafficthroughaVPNgateway.TheVPNgatewayisresponsibleforencapsulatingandencryptingoutboundtrafficforalltrafficfromaparticularsite.TheVPNgatewaythensendsitthroughaVPNtunnelovertheInternettoapeerVPNgatewayatthetargetsite.Uponreceipt,thepeerVPNgatewaystripstheheaders,decryptsthecontent,andrelaysthepackettowardthetargethostinsideitsprivatenetwork.
AsitetositeVPNisanextensionofaclassicWANnetwork.SitetositeVPNsconnectentirenetworkstoeachother,forexample,theycanconnectabranchofficenetworktoacompanyheadquartersnetwork.Inthepast,aleasedlineorFrameRelayconnectionwasrequiredtoconnectsites,butbecausemostcorporationsnowhaveInternetaccess,theseconnectionscanbereplacedwithsitetositeVPNs.
RemoteaccessVPNs
-
WhereasitetositeVPNisusedtoconnectentirenetworks,aremoteaccessVPNsupportstheneedsoftelecommuters,mobileusers,andextranet,consumertobusinesstraffic.AremoteaccessVPNiscreatedwhenVPNinformationisnotstaticallysetup,butinsteadallowsfordynamicallychanginginformation,andcanbeenabledanddisabled.RemoteaccessVPNssupportaclient/serverarchitecture,wheretheVPNclient(remotehost)gainssecureaccesstotheenterprisenetworkviaaVPNserverdeviceatthenetworkedge.
RemoteaccessVPNsareusedtoconnectindividualhoststhatmustaccesstheircompanynetworksecurelyovertheInternet.Internetconnectivityusedbytelecommutersistypicallyabroadband,DSL,wireless,orcableconnection,asindicatedinthefigure.
VPNclientsoftwaremayneedtobeinstalledonthemobileusersenddeviceforexample,eachhostmayhaveCiscoAnyConnectSecureMobilityClientsoftwareinstalled.Whenthehosttriestosendanytraffic,theCiscoAnyConnectVPNClientsoftwareencapsulatesandencryptsthistraffic.TheencrypteddataisthensentovertheInternettotheVPNgatewayattheedgeofthetargetnetwork.Uponreceipt,theVPNgatewaybehavesasitdoesforsitetositeVPNs.
Note:TheCiscoAnyConnectSecureMobilityClientsoftwarebuildsonpriorCiscoAnyConnectVPNClientandCiscoVPNClientofferingstoimprovethealwaysonVPNexperienceacrossmorelaptopandsmartphonebasedmobiledevices.ThisclientsupportsIPv6.
FundamentalsofGenericRoutingEncapsulationGenericRoutingEncapsulation(GRE)isoneexampleofabasic,nonsecure,sitetositeVPNtunnelingprotocol.GREisatunnelingprotocoldevelopedbyCiscothatcanencapsulateawidevarietyofprotocolpackettypesinsideIPtunnels.GREcreatesavirtualpointtopointlinktoCiscoroutersatremotepoints,overanIPinternetwork.
GREisdesignedtomanagethetransportationofmultiprotocolandIPmulticasttrafficbetweentwoormoresites,thatmayonlyhaveIPconnectivity.ItcanencapsulatemultipleprotocolpackettypesinsideanIPtunnel.
Asshowninthefigure,atunnelinterfacesupportsaheaderforeachofthefollowing:
Anencapsulatedprotocol(orpassengerprotocol),suchasIPv4,IPv6,AppleTalk,DECnet,orIPX Anencapsulationprotocol(orcarrier),suchasGRE Atransportdeliveryprotocol,suchasIP,whichistheprotocolthatcarriestheencapsulatedprotocol
-
GREisatunnelingprotocoldevelopedbyCiscothatcanencapsulateawidevarietyofprotocolpackettypesinsideIPtunnels,creatingavirtualpointtopointlinktoCiscoroutersatremotepointsoveranIPinternetwork.IPtunnelingusingGREenablesnetworkexpansionacrossasingleprotocolbackboneenvironment.Itdoesthisbyconnectingmultiprotocolsubnetworksinasingleprotocolbackboneenvironment.
GREhasthesecharacteristics:
GREisdefinedasanIETFstandard(RFC2784). IntheouterIPheader,47isusedintheprotocolfieldtoindicatethataGREheaderwillfollow. GREencapsulationusesaprotocoltypefieldintheGREheadertosupporttheencapsulationofanyOSILayer3
protocol.ProtocolTypesaredefinedinRFC1700as"EtherTypes". GREitselfisstatelessbydefaultitdoesnotincludeanyflowcontrolmechanisms. GREdoesnotincludeanystrongsecuritymechanismstoprotectitspayload. TheGREheader,togetherwiththetunnelingIPheaderindicatedinthefigure,createsatleast24bytesofadditional
overheadfortunneledpackets.
GREisusedtocreateaVPNtunnelbetweentwosites,asshowninFigure1.ToimplementaGREtunnel,thenetworkadministratormustfirstlearntheIPaddressesoftheendpoints.Afterthat,therearefivestepstoconfiguringaGREtunnel:
Step1.Createatunnelinterfaceusingtheinterfacetunnelnumbercommand.
Step2.SpecifythetunnelsourceIPaddress.
Step3.SpecifythetunneldestinationIPaddress.
Step4.ConfigureanIPaddressforthetunnelinterface.
Step5.(Optional)SpecifyGREtunnelmodeasthetunnelinterfacemode.GREtunnelmodeisthedefaulttunnelinterfacemodeforCiscoIOSsoftware.
ThesampleconfigurationinFigure2illustratesabasicGREtunnelconfigurationforrouterR1.
-
TheconfigurationofR2inFigure3mirrorstheconfigurationofR1.
Theminimumconfigurationrequiresspecificationofthetunnelsourceanddestinationaddresses.TheIPsubnetmustalsobeconfiguredtoprovideIPconnectivityacrossthetunnellink.BothtunnelinterfaceshavethetunnelsourcesetasthelocalserialS0/0/0interfaceandthetunneldestinationsetasthepeerrouterserialS0/0/0interface.TheIPaddressisassignedtothetunnelinterfacesonbothrouters.OSPFhasalsobeenconfiguredtoexchangeroutesovertheGREtunnel.
TheindividualGREtunnelcommanddescriptionsaredisplayedinFigure4.
Note:WhenconfiguringGREtunnels,itcanbedifficulttorememberwhichIPnetworksareassociatedwiththephysicalinterfacesandwhichIPnetworksareassociatedwiththetunnelinterfaces.RememberthatbeforeaGREtunneliscreated,thephysicalinterfaceshavealreadybeenconfigured.ThetunnelsourceandtunneldestinationcommandsreferencetheIPaddressesofthepreconfiguredphysicalinterfaces.TheipaddresscommandonthetunnelinterfacesreferstoanIPnetworkspecificallymanufacturedforthepurposesoftheGREtunnel.
ThereareseveralcommandsthatcanbeusedtomonitorandtroubleshootGREtunnels.Todeterminewhetherthetunnelinterfaceisupordown,usetheshowipinterfacebriefcommand,asshowninFigure1.
ToverifythestateofaGREtunnel,usetheshowinterfacetunnelcommand.ThelineprotocolonaGREtunnelinterfaceisupaslongasthereisaroutetothetunneldestination.BeforeimplementingaGREtunnel,IPconnectivitymustalreadybeineffectbetweentheIPaddressesofthephysicalinterfacesonoppositeendsofthepotentialGREtunnel.Thetunneltransportprotocolisdisplayedintheoutput,alsoshowninFigure1.
IfOSPFhasalsobeenconfiguredtoexchangeroutesovertheGREtunnel,verifythatanOSPFadjacencyhasbeenestablishedoverthetunnelinterfaceusingtheshowipospfneighborcommand.InFigure2,notethatthepeeringaddressfortheOSPFneighborisontheIPnetworkcreatedfortheGREtunnel.
-
InFigure3,usetheSyntaxCheckertoconfigureandverifyaGREtunnelonR2followedbyR1.
GREisconsideredaVPNbecauseitisaprivatenetworkthatiscreatedbytunnelingoverapublicnetwork.Usingencapsulation,aGREtunnelcreatesavirtualpointtopointlinktoCiscoroutersatremotepointsoveranIPinternetwork.TheadvantagesofGREarethatitcanbeusedtotunnelnonIPtrafficoveranIPnetwork,allowingfornetworkexpansionbyconnectingmultiprotocolsubnetworksacrossasingleprotocolbackboneenvironment.GREalsosupportsIPmulticasttunneling.Thismeansthatroutingprotocolscanbeusedacrossthetunnel,enablingdynamicexchangeofroutinginformationinthevirtualnetwork.Finally,itiscommonpracticetocreateIPv6overIPv4GREtunnels,whereIPv6istheencapsulatedprotocolandIPv4isthetransportprotocol.Inthefuture,theseroleswilllikelybereversedasIPv6takesoverasthestandardIPprotocol.
However,GREdoesnotprovideencryptionoranyothersecuritymechanisms.Therefore,datasentacrossaGREtunnelisnotsecure.Ifsecuredatacommunicationisneeded,IPsecorSSLVPNsshouldbeconfigured.
IPsecVPNsofferflexibleandscalableconnectivity.Sitetositeconnectionscanprovideasecure,fast,andreliableremoteconnection.WithanIPsecVPN,theinformationfromaprivatenetworkissecurelytransportedoverapublicnetwork.ThisformsavirtualnetworkinsteadofusingadedicatedLayer2connection,asshowninthefigure.Toremainprivate,thetrafficisencryptedtokeepthedataconfidential.
IPsecisanIETFstandardthatdefineshowaVPNcanbeconfiguredinasecuremannerusingtheInternetProtocol.
IPsecisaframeworkofopenstandardsthatspellsouttherulesforsecurecommunications.IPsecisnotboundtoanyspecificencryption,authentication,securityalgorithms,orkeyingtechnology.Rather,IPsecreliesonexistingalgorithmstoimplementsecurecommunications.IPsecallowsnewerandbetteralgorithmstobeimplementedwithoutamendingtheexistingIPsecstandards.
IPsecworksatthenetworklayer,protectingandauthenticatingIPpacketsbetweenparticipatingIPsecdevices,alsoknownaspeers.IPsecsecuresapathbetweenapairofgateways,apairofhosts,oragatewayandhost.Asaresult,IPseccanprotectvirtuallyallapplicationtrafficbecausetheprotectioncanbeimplementedfromLayer4toLayer7.
AllimplementationsofIPsechaveaplaintextLayer3header,sotherearenoissueswithrouting.IPsecfunctionsoverallLayer2protocols,suchasEthernet,ATM,orFrameRelay.
IPseccharacteristicscanbesummarizedasfollows:
IPsecisaframeworkofopenstandardsthatisalgorithmindependent. IPsecprovidesdataconfidentiality,dataintegrity,andoriginauthentication. IPsecactsatthenetworklayer,protectingandauthenticatingIPpackets.
IPsecsecurityservicesprovidefourcriticalfunctions,asshowninthefigure:
Confidentiality(encryption)InaVPNimplementation,privatedatatravelsoverapublicnetwork.Forthisreason,dataconfidentialityisvital.Itcanbeattainedbyencryptingthedatabeforetransmittingitacrossthenetwork.Thisistheprocessoftakingallthedatathatonecomputerissendingtoanotherandencodingitintoaformthatonlytheothercomputerwillbeabletodecode.Ifthecommunicationisintercepted,itcannotbereadbyahacker.IPsecprovidesenhancedsecurityfeatures,suchasstrongencryptionalgorithms.
DataIntegrityThereceivercanverifythatthedatawastransmittedthroughtheInternetwithoutbeingchangedoralteredinanyway.Whileitisimportantthatdataisencryptedoverapublicnetwork,itisjustasimportanttoverifythatithasnotbeenchangedwhileintransit.IPsechasamechanismtoensurethattheencryptedportionofthe
-
packet,ortheentireheaderanddataportionofthepacket,hasnotbeenchanged.IPsecensuresdataintegritybyusingchecksums,whichisasimpleredundancycheck.Iftamperingisdetected,thepacketisdropped.
AuthenticationVerifytheidentityofthesourceofthedatathatissent.Thisisnecessarytoguardagainstanumberofattacksthatdependonspoofingtheidentityofthesender.Authenticationensuresthattheconnectionismadewiththedesiredcommunicationpartner.Thereceivercanauthenticatethesourceofthepacketbycertifyingthesourceoftheinformation.IPsecusesInternetKeyExchange(IKE)toauthenticateusersanddevicesthatcancarryoutcommunicationindependently.IKEusesseveraltypesofauthentication,includingusernameandpassword,onetimepassword,biometrics,presharedkey(PSK),anddigitalcertificates.
AntiReplayProtectionThisistheabilitytodetectandrejectreplayedpacketsandhelpspreventspoofing.Antireplayprotectionverifiesthateachpacketisuniqueandnotduplicated.IPsecpacketsareprotectedbycomparingthesequencenumberofthereceivedpacketswithaslidingwindowonthedestinationhostorsecuritygateway.Apacketthathasasequencenumberthatisbeforetheslidingwindowisconsideredtobelateoraduplicatepacket.Lateandduplicatepacketsaredropped.
TheacronymCIAisoftenusedtohelprememberthefirstthreeofthesefunctions:confidentiality,integrity,andauthentication.
Confidentiality
VPNtrafficiskeptconfidentialwithencryption.PlaintextdatathatistransportedovertheInternetcanbeinterceptedandread.Encryptthedatetokeepitprivate.Digitallyencryptingthedatarendersitunreadableuntilitisunencryptedbytheauthorizedreceiver.
Forencryptedcommunicationtowork,boththesenderandthereceivermustknowtherulesthatareusedtotransformtheoriginalmessageintoitscodedform.Rulesarebasedonalgorithmsandassociatedkeys.Inthecontextofencryption,analgorithmisamathematicalsequenceofstepsthatcombinesamessage,text,digits,orallthreewithastringofdigitsthatarecalledakey.Theoutputisanunreadablecipherstring.Theencryptionalgorithmalsospecifieshowanencryptedmessageisdecrypted.Decryptionisextremelydifficultorimpossiblewithoutthecorrectkey.
Inthefigure,Gailwantstosendanelectronicfundstransfer(EFT)acrosstheInternettoJeremy.Atthelocalend,thedocumentiscombinedwithakeyandrunthroughanencryptionalgorithm.Theoutputisencryptedciphertext.TheciphertextisthensentthroughtheInternet.Attheremoteend,themessageisrecombinedwithakeyandsentbackthroughtheencryptionalgorithm.Theoutputistheoriginalfinancialdocument.
ConfidentialityisachievedthroughtheencryptionoftrafficasittravelsthroughaVPN.Thedegreeofsecuritydependsonthekeylengthoftheencryptionalgorithmandthesophisticationofthealgorithm.Ifahackertriestohackthekeythroughabruteforceattack,thenumberofpossibilitiestotryisafunctionofthekeylength.Thetimetoprocessallofthepossibilitiesisafunctionofthecomputerpoweroftheattackingdevice.Theshorterthekey,theeasieritistobreak.Forexample,wherearelativelysophisticatedcomputermaytakeapproximatelyoneyeartobreaka64bitlongkey,thesamecomputermaytakeanywherefrom10to19yearstodecrypta128bitlongkey.
Thedegreeofsecuritydependsonthekeylengthoftheencryptionalgorithm.Askeylengthincreases,itbecomesmoredifficulttobreaktheencryption.However,alongerkeyrequiresmoreprocessorresourceswhenencryptinganddecryptingdata.
DESand3DESarenolongerconsideredsecuretherefore,itisrecommendedthatAESbeusedforIPsecencryption.ThegreatestsecurityforIPsecencryptionofVPNsbetweenCiscodevicesisprovidedbythe256bitoptionofAES.Inaddition,
-
512bitand768bitRivestShamirAdleman(RSA)keyshavebeencrackedandCiscorecommendsusing2048bitkeyswiththeRSAoption,ifusedduringtheauthenticationphaseofIKE.
SymmetricEncryption
Encryptionalgorithms,suchasAES,requireasharedsecretkeytoperformencryptionanddecryption.Eachofthetwonetworkingdevicesmustknowthekeytodecodetheinformation.Withsymmetrickeyencryption,alsocalledsecretkeyencryption,eachdeviceencryptstheinformationbeforesendingitoverthenetworktotheotherdevice.Symmetrickeyencryptionrequiresknowledgeofwhichdevicestalktoeachothersothatthesamekeycanbeconfiguredoneachdevice,asdepictedinFigure1.
Forexample,asendercreatesacodedmessagewhereeachletterissubstitutedwiththeletterthatistwolettersdowninthealphabetAbecomesC,BbecomesD,andsoon.Inthiscase,thewordSECRETbecomesUGETGV.Thesenderhasalreadytoldtherecipientthatthesecretkeyisshiftby2.WhentherecipientreceivesthemessageUGETGV,therecipientcomputerdecodesthemessagebyshiftingbacktwolettersandcalculatingSECRET.Anyoneelsewhoseesthemessageseesonlytheencryptedmessage,whichlookslikenonsense,unlessthepersonknowsthesecretkey.
Hereisasynopsisforsymmetricalgorithms:
Usessymmetrickeycryptography Encryptionanddecryptionusethesamekey Typicallyusedtoencryptthecontentofthemessage Examples:DES,3DES,andAES
Howdotheencryptinganddecryptingdevicesbothhaveasharedsecretkey?Onecoulduseemail,courier,orovernightexpresstosendthesharedsecretkeystotheadministratorsofthedevices.Another,moresecuremethodisasymmetricencryption.
AsymmetricEncryption
Asymmetricencryptionusesdifferentkeysforencryptionanddecryption.Knowingoneofthekeysdoesnotallowahackertodeducethesecondkeyanddecodetheinformation.Onekeyencryptsthemessage,whileasecondkeydecryptsthemessage,asdepictedinFigure2.Itisnotpossibletoencryptanddecryptwiththesamekey.
Publickeyencryptionisavariantofasymmetricencryptionthatusesacombinationofaprivatekeyandapublickey.Therecipientgivesapublickeytoanysenderwithwhomtherecipientwantstocommunicate.Thesenderusesaprivatekeythatiscombinedwiththepublickeyoftherecipienttoencryptthemessage.Also,thesendermustshareitspublickeywiththerecipient.Todecryptamessage,therecipientwillusethepublickeyofthesenderwithitsownprivatekey.
Hereisasynopsisforasymmetricalgorithms:
Usespublickeycryptography Encryptionanddecryptionuseadifferentkey Typicallyusedindigitalcertificationandkeymanagement Examples:RSA
DataIntegrity
-
DiffieHellman(DH)isnotanencryptionmechanismandisnottypicallyusedtoencryptdata.Instead,itisamethodtosecurelyexchangethekeysthatencryptdata.(DH)algorithmsallowtwopartiestoestablishasharedsecretkeythatisusedbyencryptionandhashalgorithms.
IntroducedbyWhitfieldDiffieandMartinHellmanin1976,DHwasthefirstsystemtoutilizepublickeyorasymmetriccryptographickeys.Today,DHispartoftheIPsecstandard.Also,aprotocolknownasOAKLEYusesaDHalgorithm.OAKLEYisusedbytheIKEprotocol,whichispartoftheoverallframeworkcalledInternetSecurityAssociationandKeyManagementProtocol.
EncryptionalgorithmssuchasDES,3DES,andAES,aswellastheMD5andSHA1hashingalgorithmsrequireasymmetric,sharedsecretkeytoperformencryptionanddecryption.Howdotheencryptinganddecryptingdevicesgetthesharedsecretkey?Theeasiestkeyexchangemethodisapublickeyexchangemethodbetweentheencryptinganddecryptingdevices.
TheDHalgorithmspecifiesapublickeyexchangemethodthatprovidesawayfortwopeerstoestablishasharedsecretkeythatonlytheyknow,althoughtheyarecommunicatingoveraninsecurechannel.Likeallcryptographicalgorithms,DHkeyexchangeisbasedonamathematicalsequenceofsteps.
TheintegrityandauthenticationofVPNtrafficishandledbyhashalgorithms.Hashesprovidedataintegrityandauthenticationbyensuringthatunauthorizedpersonsdonottamperwithtransmittedmessages.Ahash,alsocalledamessagedigest,isanumberthatisgeneratedfromastringoftext.Thehashissmallerthanthetextitself.Itisgeneratedbyusingaformulainsuchawaythatitisextremelyunlikelythatsomeothertextwillproducethesamehashvalue.
Theoriginalsendergeneratesahashofthemessageandsendsitwiththemessageitself.Therecipientparsesthemessageandthehash,producesanotherhashfromthereceivedmessage,andcomparesthetwohashes.Iftheyarethesame,therecipientcanbereasonablysureoftheintegrityoftheoriginalmessage.
Inthefigure,GailsentAlexanEFTof$100.JeremyhasinterceptedandalteredthisEFTtoshowhimselfastherecipientandtheamountas$1000.Inthiscase,ifadataintegrityalgorithmwereused,thehasheswouldnotmatch,andthetransactionwouldbeinvalid.
VPNdataistransportedoverthepublicInternet.Asshown,thereispotentialforthisdatatobeinterceptedandmodified.Toguardagainstthisthreat,hostscanaddahashtothemessage.Ifthetransmittedhashmatchesthereceivedhash,theintegrityofthemessagehasbeenpreserved.However,ifthereisnomatch,themessagewasaltered.
VPNsuseamessageauthenticationcodetoverifytheintegrityandtheauthenticityofamessage,withoutusinganyadditionalmechanisms.
HashbasedMessageAuthenticationCode(HMAC)isamechanismformessageauthenticationusinghashfunctions.AkeyedHMACisadataintegrityalgorithmthatguaranteestheintegrityofamessage.AnHMAChastwoparameters,amessageinputandasecretkeythatisknownonlytothemessageoriginatorandintendedreceivers.ThemessagesenderusesanHMACfunctiontoproduceavalue(themessageauthenticationcode)thatisformedbycondensingthesecretkeyandthemessageinput.Themessageauthenticationcodeissentalongwiththemessage.ThereceivercomputesthemessageauthenticationcodeonthereceivedmessageusingthesamekeyandHMACfunctionasthesenderused.Thenthereceivercomparestheresultthatiscomputedwiththereceivedmessageauthenticationcode.Ifthetwovaluesmatch,themessagehasbeencorrectlyreceivedandthereceiverisassuredthatthesenderisamemberofthecommunityofusersthatsharethekey.ThecryptographicstrengthoftheHMACdependsuponthecryptographicstrengthoftheunderlyinghashfunction,onthesizeandqualityofthekey,andonthesizeofthehashoutputlengthinbits.
-
TherearetwocommonHMACalgorithms:
MD5Usesa128bitsharedsecretkey.Thevariablelengthmessageand128bitsharedsecretkeyarecombinedandrunthroughtheHMACMD5hashalgorithm.Theoutputisa128bithash.Thehashisappendedtotheoriginalmessageandforwardedtotheremoteend.
SHASHA1usesa160bitsecretkey.Thevariablelengthmessageandthe160bitsharedsecretkeyarecombinedandrunthroughtheHMACSHA1hashalgorithm.Theoutputisa160bithash.Thehashisappendedtotheoriginalmessageandforwardedtotheremoteend.
Note:CiscoIOSalsosupports,256bit,384bit,and512bitSHAimplementations.
Authentication
IPsecVPNssupportauthentication.Whenconductingbusinesslongdistance,itisnecessarytoknowwhoisattheotherendofthephone,email,orfax.ThesameistrueofVPNnetworks.ThedeviceontheotherendoftheVPNtunnelmustbeauthenticatedbeforethecommunicationpathisconsideredsecure,asindicatedinthefigure.Therearetwopeerauthenticationmethods:
PSKAsecretkeythatissharedbetweenthetwopartiesusingasecurechannelbeforeitneedstobeused.Presharedkeys(PSKs)usesymmetrickeycryptographicalgorithms.APSKisenteredintoeachpeermanuallyandisusedtoauthenticatethepeer.Ateachend,thePSKiscombinedwithotherinformationtoformtheauthenticationkey.
RSAsignaturesDigitalcertificatesareexchangedtoauthenticatepeers.Thelocaldevicederivesahashandencryptsitwithitsprivatekey.Theencryptedhash,ordigitalsignature,isattachedtothemessageandforwardedtotheremoteend.Attheremoteend,theencryptedhashisdecryptedusingthepublickeyofthelocalend.Ifthedecryptedhashmatchestherecomputedhash,thesignatureisgenuine.
IPsecusesRSA(publickeycryptosystem)forauthenticationinthecontextofIKE.TheRSAsignaturemethodusesadigitalsignaturesetupinwhicheachdevicedigitallysignsasetofdataandsendsittotheotherparty.RSAsignaturesuseacertificateauthority(CA)togenerateauniqueidentitydigitalcertificatethatisassignedtoeachpeerforauthentication.TheidentitydigitalcertificateissimilarinfunctiontoaPSK,butprovidesmuchstrongersecurity.EachinitiatorandrespondertoanIKEsessionusingRSAsignaturessendsitsownIDvalue,itsidentitydigitalcertificate,andanRSAsignaturevalueconsistingofavarietyofIKEvalues,allencryptedbythenegotiatedIKEencryptionmethod(suchasAES).
TheDigitalSignatureAlgorithm(DSA)isanotheroptionforauthentication.
Asstatedearlier,theIPsecprotocolframeworkdescribesthemessagingtosecurethecommunications,butitreliesonexistingalgorithms.
TherearetwomainIPsecprotocolsdepictedinFigure1:
AuthenticationHeader(AH)AHistheappropriateprotocoltousewhenconfidentialityisnotrequiredorpermitted.ItprovidesdataauthenticationandintegrityforIPpacketsthatarepassedbetweentwosystems.However,AHdoesnotprovidedataconfidentiality(encryption)ofpackets.Alltextistransportedinplaintext.Usedalone,theAHprotocolprovidesweakprotection.
EncapsulatingSecurityPayload(ESP)AsecurityprotocolthatprovidesconfidentialityandauthenticationbyencryptingtheIPpacket.IPpacketencryptionconcealsthedataandtheidentitiesofthesourceanddestination.ESPauthenticatestheinnerIPpacketandESPheader.Authenticationprovidesdataoriginauthenticationanddata
-
integrity.AlthoughbothencryptionandauthenticationareoptionalinESP,ataminimum,oneofthemmustbeselected.
Figure2illustratesthecomponentsofIPsecconfiguration.TherearefourbasicbuildingblocksoftheIPsecframeworkthatmustbeselected.
IPsecframeworkprotocolWhenconfiguringanIPsecgatewaytoprovidesecurityservices,anIPsecprotocolmustbeselected.ThechoicesaresomecombinationofESPandAH.Realistically,theESPorESP+AHoptionsarealmostalwaysselectedbecauseAHitselfdoesnotprovideencryption,asshowninFigure3.
Confidentiality(IfIPsecisimplementedwithESP)Theencryptionalgorithmchosenshouldbestmeetthedesiredlevelofsecurity:DES,3DES,orAES.AESisstronglyrecommended,withAESGCMprovidingthegreatestsecurity.
IntegrityGuaranteesthatthecontenthasnotbeenalteredintransit.Implementedthroughtheuseofhashalgorithms.ChoicesincludeMD5andSHA.
AuthenticationRepresentshowdevicesoneitherendoftheVPNtunnelareauthenticated.ThetwomethodsarePSKorRSA.
DHalgorithmgroupRepresentshowasharedsecretkeyisestablishedbetweenpeers.Thereareseveraloptions,butDH24providesthegreatestsecurity.
Itisthecombinationofthesebuildingblocksthatprovidestheconfidentiality,integrity,andauthenticationoptionsforIPsecVPNs.
Note:ThissectionintroducedIPsectoprovideanunderstandingofhowIPsecsecuresVPNtunnels.ConfiguringIPsecVPNsarebeyondthescopeofthiscourse.
RemoteaccessVPNSolutionsVPNshavebecomethelogicalsolutionforremoteaccessconnectivityformanyreasons.VPNsprovidesecurecommunicationswithaccessrightstailoredtoindividualusers,suchasemployees,contractors,andpartners.Theyalsoenhanceproductivitybyextendingthecorporatenetworkandapplicationssecurelywhilereducingcommunicationcostsandincreasingflexibility.
UsingVPNtechnology,employeescanessentiallytaketheirofficewiththem,includingaccesstoemailsandnetworkapplications.VPNscanalsoallowcontractorsandpartnerstohavelimitedaccesstothespecificservers,webpages,orfilesrequired.Thisnetworkaccessallowsthemtocontributetobusinessproductivitywithoutcompromisingnetworksecurity.
TherearetwoprimarymethodsfordeployingremoteaccessVPNs:
SecureSocketsLayer(SSL) IPSecurity(IPsec)
ThetypeofVPNmethodimplementedisbasedontheaccessrequirementsoftheusersandtheorganizationsITprocesses.
-
BothIPsecandSSLVPNtechnologiesofferaccesstovirtuallyanynetworkapplicationorresource.SSLVPNsoffersuchfeaturesaseasyconnectivityfromnoncompanymanageddesktops,littleornodesktopsoftwaremaintenance,andusercustomizedwebportalsuponlogin.
CiscoIOSSSLVPNistheindustrysfirstrouterbasedSSLVPNsolution.Itoffersanywhereconnectivitynotonlyfromcompanymanagedresource,butalsofromemployeeownedPCs,contractororbusinesspartnerdesktops,andInternetkiosks.
TheSSLprotocolsupportsvariouscryptographicalgorithmsforoperations,suchasauthenticatingtheserverandclienttoeachother,transmittingcertificates,andestablishingsessionkeys.CiscoSSLVPNsolutionscanbecustomizedforbusinessesofanysize.Thesesolutionsdelivermanyremoteaccessconnectivityfeaturesandbenefits,including:
Webbased,clientlessaccessandcompletenetworkaccesswithoutpreinstalleddesktopsoftware.Thisfacilitatescustomizedremoteaccessbasedonuserandsecurityrequirements,anditminimizesdesktopsupportcosts.
Protectionagainstviruses,worms,spyware,andhackersonaVPNconnectionbyintegratingnetworkandendpointsecurityintheCiscoSSLVPNplatform.Thisreducescostandmanagementcomplexitybyeliminatingtheneedforadditionalsecurityequipmentandmanagementinfrastructure.
UseofasingledeviceforbothSSLVPNandIPsecVPN.ThisreducescostandmanagementcomplexitybyfacilitatingrobustremoteaccessandsitetositeVPNservicesfromasingleplatformwithunifiedmanagement.
CiscoIOSSSLVPNisatechnologythatprovidesremoteaccessbyusingawebbrowserandthewebbrowsersnativeSSLencryption.Alternatively,itcanprovideremoteaccessusingtheCiscoAnyConnectSecureMobilityClientsoftware.
TheCiscoASAprovidestwomaindeploymentmodesthatarefoundinCiscoSSLVPNsolutions,asshowninthefigure:
CiscoAnyConnectSecureMobilityClientwithSSLRequirestheCiscoAnyConnectClient CiscoSecureMobilityClientlessSSLVPNRequiresaninternetbrowser
TheCiscoASAmustbeconfiguredtosupporttheSSLVPNconnection.
-
CiscoAnyConnectSecureMobilityClientwithSSL
ClientBasedSSLVPNsprovideauthenticateduserswithLANlike,fullnetworkaccesstocorporateresources.However,theremotedevicesrequireaclientapplication,suchastheCiscoVPNClientorthenewerAnyConnectclienttobeinstalledontheenduserdevice.
InabasicCiscoASAconfiguredforfulltunnelingandaremoteaccessSSLVPNsolution,remoteusersusetheCiscoAnyConnectSecureMobilityClient,showninFigure1,toestablishanSSLtunnelwiththeCiscoASA.AftertheCiscoASAestablishestheVPNwiththeremoteuser,theremoteusercanforwardIPtrafficintotheSSLtunnel.TheCiscoAnyConnectSecureMobilityClientcreatesavirtualnetworkinterfacetoprovidethisfunctionality.Theclientcanuseanyapplicationtoaccessanyresource,subjecttoaccessrules,behindtheCiscoASAVPNgateway.
CiscoSecureMobilityClientlessSSLVPN
TheclientlessSSLVPNdeploymentmodelenablescorporationstoprovideaccesstocorporateresourcesevenwhentheremotedeviceisnotcorporatelymanaged.Inthisdeploymentmodel,theCiscoASAisusedasaproxydevicetonetworkresources.Itprovidesawebportalinterfaceforremotedevicestonavigatethenetworkusingportforwardingcapabilities.
InabasicCiscoASAclientlessSSLVPNsolution,remoteusersemployastandardwebbrowsertoestablishanSSLsessionwiththeCiscoASA,asshowninFigure2.TheCiscoASApresentstheuserwithawebportaloverwhichtheusercanaccessinternalresources.Inthebasicclientlesssolution,theusercanaccessonlysomeservices,suchasinternalwebapplications,andbrowserbased,filesharingresources,asshowninFigure3.
ManyapplicationsrequirethesecurityofanIPsecremoteaccessVPNconnectionforauthenticationandencryptionofdata.WhendeployingVPNsfortelecommutersandsmallbranchoffices,easeofdeploymentiscriticaliftechnicalresourcesarenotavailableforVPNconfigurationonaremotesiterouter.
TheCiscoEasyVPNsolutionfeatureoffersflexibility,scalability,andeaseofuseforbothsitetositeandremoteaccessIPsecVPNs.TheCiscoEasyVPNsolutionconsistsofthreecomponents:
CiscoEasyVPNServerACiscoIOSrouterorCiscoASAFirewallactingastheVPNheadenddeviceinsitetositeorremoteaccessVPNs.
CiscoEasyVPNRemoteACiscoIOSrouterorCiscoASAFirewallactingasaremoteVPNclient. CiscoVPNClientAnapplicationsupportedonaPCusedtoaccessaCiscoVPNserver.
UsingtheCiscoEasyVPNservermakesitpossibleformobileandremoteworkersusingaVPNClientontheirPCs,orusingCiscoEasyVPNRemoteonanedgerouter,tocreatesecureIPsectunnelstoaccesstheirheadquarters'intranet,asshowninthefigure.
CiscoEasyVPNServer
TheCiscoEasyVPNServermakesitpossibleformobileandremoteworkersusingVPNClientsoftwareontheirPCstocreatesecureIPsectunnelstoaccesstheirheadquarters'intranetwherecriticaldataandapplicationsexist.ItenablesCiscoIOSroutersandCiscoASAFirewallstoactasVPNheadenddevicesinsitetositeorremoteaccessVPNs.RemoteofficedevicesusetheCiscoEasyVPNRemotefeatureortheCiscoVPNClientapplicationtoconnecttotheserver,whichthenpushesdefinedsecuritypoliciestotheremoteVPNdevice.Thisensuresthatthoseconnectionshaveuptodatepoliciesinplacebeforetheconnectionisestablished.
-
CiscoEasyVPNRemote
TheCiscoEasyVPNRemoteenablesCiscoIOSroutersorsoftwareclientstoactasremoteVPNclients.ThesedevicescanreceivesecuritypoliciesfromaCiscoEasyVPNServer,minimizingVPNconfigurationrequirementsattheremotelocation.ThiscosteffectivesolutionisidealforremoteofficeswithlittleITsupportorforlargecustomerpremisesequipment(CPE)deploymentswhereitisimpracticaltoindividuallyconfiguremultipleremotedevices.
ThefigureshowsthreenetworkdeviceswithEasyVPNRemoteenabled,allconnectingtoanEasyVPNserverforconfigurationparameters.
CiscoVPNClient
TheCiscoVPNClientissimpletodeployandoperate.Itallowsorganizationstoestablishendtoend,encryptedVPNtunnelsforsecureconnectivityformobileemployeesortelecommuters.
ToinitiateanIPsecconnectionusingtheCiscoVPNclient,alltheusermustdoisopentheCiscoVPNclientwindow,asshowninFigure1.TheCiscoVPNclientapplicationliststheavailablepreconfiguredsites.TheuserdoubleclicksasitetoselectitandtheVPNclientinitiatestheIPsecconnection.Intheuserauthenticationdialogbox,theuserisauthenticatedwithausernameandpassword,asshowninFigure2.Afterauthentication,theCiscoVPNClientdisplaysaconnectedstatus.
MostoftheVPNparametersaredefinedontheCiscoIOSEasyVPNServertosimplifydeployment.AfteraremoteclientinitiatesaVPNtunnelconnection,theCiscoEasyVPNServerpushestheIPsecpoliciestotheclient,minimizingconfigurationrequirementsattheremotelocation.
ThissimpleandhighlyscalablesolutionisidealforlargeremoteaccessdeploymentswhereitisimpracticaltoconfigurepoliciesindividuallyformultipleremotePCs.Thisarchitecturealsoensuresthatthoseconnectionsareusinguptodatesecuritypoliciesandeliminatestheoperationalcostsassociatedwithmaintainingaconsistentpolicyandkeymanagementmethod.
Note:ConfiguringtheCiscoVPNclientisbeyondthescopeofthiscourse.Checkwww.cisco.comformoreinformation.
BothIPsecandSSLVPNtechnologiesofferaccesstovirtuallyanynetworkapplicationorresource,asshowninthefigure.SSLVPNsoffersuchfeaturesaseasyconnectivityfromnoncompanymanageddesktops,littleornodesktopsoftwaremaintenance,andusercustomizedwebportalsuponlogin.
IPsecexceedsSSLinmanysignificantways:
Numberofapplicationsthataresupported Strengthofencryption Strengthofauthentication Overallsecurity
Whensecurityisanissue,IPsecisthesuperiorchoice.Ifsupportandeaseofdeploymentaretheprimaryissues,considerSSL.
IPsecandSSLVPNarecomplementarybecausetheysolvedifferentproblems.Dependingonitsneeds,anorganizationcanimplementoneorboth.ThiscomplementaryapproachallowsasingledevicesuchasanISRrouteroranASAfirewallappliancetoaddressallremoteaccessuserrequirements.WhilemanysolutionsoffereitherIPsecorSSL,Cisco
-
remoteaccessVPNsolutionsofferbothtechnologiesintegratedonasingleplatformwithunifiedmanagement.OfferingbothIPsecandSSLtechnologiesenablesorganizationstocustomizetheirremoteaccessVPNwithoutanyadditionalhardwareormanagementcomplexity.
VPNsareusedtocreateasecureendtoendprivatenetworkconnectionoverathirdpartynetwork,suchastheInternet.AsitetositeVPNusesaVPNgatewaydeviceattheedgeofbothsites.TheendhostsareunawareoftheVPNandhavenoadditionalsupportingsoftware.
AremoteaccessVPNrequiressoftwaretobeinstalledontheindividualhostdevicethataccessesthenetworkfromaremotelocation.ThetwotypesofremoteaccessVPNsareSSLandIPsec.SSLtechnologycanprovideremoteaccessusingaclientswebbrowserandthebrowsersnativeSSLencryption.UsingCiscoAnyConnectsoftwareontheclient,userscanhaveLANlike,fullnetworkaccessusingSSL.
GREisabasic,nonsecuresitetositeVPNtunnelingprotocolthatcanencapsulateawidevarietyofprotocolpackettypesinsideIPtunnels,thusallowinganorganizationtodeliverotherprotocolsthroughanIPbasedWAN.TodayitisprimarilyusedtodeliverIPmulticasttrafficorIPv6trafficoveranIPv4unicastonlyconnection.
IPsec,anIETFstandard,isasecuretunneloperatingatLayer3oftheOSImodelthatcanprotectandauthenticateIPpacketsbetweenIPsecpeers.Itcanprovideconfidentialitybyusingencryption,dataintegrity,authentication,andantireplayprotection.Dataintegrityisprovidedbyusingahashalgorithm,suchasMD5orSHA.AuthenticationisprovidedbythePSKorRSApeerauthenticationmethod.
Thelevelofconfidentialityprovidedbyencryptiondependsonthealgorithmusedandthekeylength.Encryptioncanbesymmetricalorasymmetrical.DHisamethodusedtosecurelyexchangethekeystoencryptdata.