© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.04-1 Secured Connectivity Examining Cisco IOS VPNs.

Презентация:



Advertisements
Похожие презентации
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Module Summary IPsec is designed to provide interoperable, high-quality, cryptographically.
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing VPNs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Categorizing VPNs.
© 2006 Cisco Systems, Inc. All rights reserved.ONT v Implement the DiffServ QoS Model Implementing QoS Preclassify.
Designing Virtual Private Networks © 2004 Cisco Systems, Inc. All rights reserved. Designing Site-to-Site VPNs ARCH v
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Module Summary The IKE protocol is a key management protocol standard used in conjunction with.
© 2004 Cisco Systems, Inc. All rights reserved. ARCH v Module Summary VPNs enable network connectivity for an organization, its business partners,
Designing Virtual Private Networks © 2004 Cisco Systems, Inc. All rights reserved. Designing Remote- Access VPNs ARCH v
© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Remote Connectivity Design Review Analyze network requirements: –Type of applications, the.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v Module Summary Service providers use an IGP to carry internal routes and to provide optimal.
© 2006 Cisco Systems, Inc. All rights reserved. SND v Module Summary An IPsec VPN is a collection of protocols that help you to hook up your company.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Building a Simple Ethernet Network Defining a LAN.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Network Requirements Describing Network Requirements.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Connecting to Remote Networks Using Packet Switching in WANs.
© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Designing Remote Connectivity Designing the Enterprise Branch.
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Adaptive Threat Defense Examining Company ABC Secured.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v IPsec VPNs Cisco High Availability Options.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Introducing Central Services VPNs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Integrating Internet Access with MPLS VPNs Implementing Separate Internet Access and VPN Services.
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Secured Connectivity Configuring GRE Tunnels.
Транксрипт:

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Secured Connectivity Examining Cisco IOS VPNs

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v IPsec VPN Deployment Site-to-site VPNs –Fully meshed (static) –Hub (static) and spoke (dynamic) –Fully meshed on demand (dynamic) –DMVPN Remote-access VPNs –Cisco Easy VPN –WebVPN (Cisco IOS SSL VPN)

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Virtual Private Networks Cisco IOS Router Telecommuters Extranet Branch Offices Workplace Resources Site-to-Site VPNs Remote- Access VPNs Partner Headquarters DSL/Cable Frame Relay T1 ATM

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Fully Meshed VPNs IPsec Tunnel Static IP Addresses There are static public addresses between peers. Local LAN addresses can be private or public.

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Hub-and-Spoke VPNs Static IP Addresses IPsec Tunnel Dynamic IP Addresses Static public address needed at the hub only. Spoke addresses can be dynamically applied using DHCP.

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Dynamic Multipoint VPNs IPsec Tunnel Static IP Addresses Dynamic IP Addresses Dynamic Spoke-to-Spoke IPsec Tunnels Local LAN addresses can be private.

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Easy VPN Clients Cisco Easy VPN Workplace Resources Internet Cisco IOS Router and Easy VPN Server Cisco Unity is the common VPN language between Cisco devices. Remote Office Home Office Headquarters

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Cisco IOS WebVPN Workplace Resources Internet WebVPN Integrated security and routing Clientless and full network SSL VPN access SSL VPN Tunnel Headquarters

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Summary An IPsec VPN is a VPN deployed on a shared infrastructure using IPsec encryption technology. For any-to-any connectivity, a full mesh of tunnels is required to provide a path between all of the sites. In a hub-and-spoke network configurations, the spoke sites connect with IPsec tunnels to a hub site to establish connectivity to the network.

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v Summary (Cont.) DMVPNs provide for a combination of static and dynamic on-demand tunnels. Cisco Easy VPN makes it easier than ever to deploy VPNs as part of small and medium businesses or large enterprise networks. Cisco IOS SSL-based VPN (WebVPN) is an emerging technology that provides remote-access connectivity from almost any Internet-enabled location using a web browser and its native SSL encryption.

© 2007 Cisco Systems, Inc. All rights reserved.SNRS v