1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. DFL-210 - NetDefend - Security Appliance
  6. User manual

Vpn; Overview; The Need For Vpns; Vpn Encryption - D-Link NetDefend DFL-210 User Manual

Network security firewall
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

Chapter 9. VPN
This chapter describes VPN usage with NetDefendOS.
• Overview, page 229
• VPN Quickstart Guide, page 231
• IPsec, page 240
• IPsec Tunnels, page 253
• PPTP/L2TP, page 260

9.1. Overview

9.1.1. The Need for VPNs

Most networks are connected to each other through the Internet. Business increasingly utilizes the
Internet since it offers efficient and inexpensive communication. A means is needed for data to
travel across the Internet to its intended recipient without another party being able to read or alter it.
It is equally important that the recipient can verify that no one is falsifying information, in other
words, pretending to be someone else. Virtual Private Networks (VPNs) meet this need, providing a
highly cost effective means of establishing secure links so that data can be exchanged in a secure
manner.

9.1.2. VPN Encryption

Cryptography provides the means to create VPNs across the Internet with no additional investments
in connectivity. Cryptography is an umbrella expression covering 3 techniques and benefits:
Confidentiality
Authentication and Integrity
Non-repudiation
VPNs are normally only concerned with confidentiality and authentication. Non-repudiation is
normally not handled at the network level but rather on a transaction (document-by-document)
basis.

9.1.3. VPN Planning

An attacker targeting a VPN connection will typically not attempt to crack the VPN encryption
since this requires enormous work. Rather, they will see VPN traffic as an indication that there is
something worth targeting at the other end of the connection. Typically, mobile clients and branch
offices are far more attractive targets than the main corporate networks. Once inside those, getting to
the corporate network becomes easier.
In designing a VPN there are many non-obvious issues that need to be addressed. This includes:
No one but the intended recipients is able to receive and
understand
the
communication.
accomplished by encryption.
Proof for the recipient that the communication was actually
sent by the expected sender, and that the data has not been
modified in transit. This is accomplished by authentication,
often by use of cryptographic keyed hashes.
Proof that the sender actually sent the data; the sender cannot
later deny having sent it. Non-repudiation is usually a
side-effect of authentication.
229
Confidentiality
is

Advertisement

Table of Contents
loading

Related Manuals for D-Link NetDefend DFL-210

Related Content for D-Link NetDefend DFL-210

This manual is also suitable for:

Dfl-800Netdefend dfl-2500Dfl-1600Netdefend dfl-860Netdefend dfl-260Netdefend dfl-800 ... Show all

Table of Contents