Types Of Vpn; Managing Vpn In Ws5100 - Motorola WS5100 Series Migration Giude

11-2 WS5100 Series Switch Migration Guide

11.1.1 Types of VPN

VPNs can be broadly classified as:
• Secured VPNs – This uses cryptographic tunneling protocols to provide:
• Intended confidentiality – blocks snooping and thus preventing packet sniffing.
• Sender authentication – blocks identity spoofing.
• Message integrity – Blocks message alteration to achieve privacy.
Secure VPN protocols include the following:
• IPSec (IP security) , supported in WS5100.
• SSL
• PPTP (point-to-point tunneling protocol).
• L2TP (Layer 2 Tunnelling Protocol), supported in WS5100.
• L2TPv3 (Layer 2 Tunnelling Protocol version 3).
• VPN-Q
• Trusted VPNs – This type of VPN does not use cryptographic tunneling, and instead rely on the security
of a single provider's network to protect the traffic.
Trusted VPN protocols include the following:
• Multi-protocol label switching (MPLS).
• L2F (Layer 2 Forwarding).

11.2 Managing VPN in WS5100

The WS5100 switch uses IPSec types of VPN, which provides secure tunnels between two peers. You can
define:
• Packets that are considered sensitive and must be sent through these secure tunnels.
• The parameters which should be used to protect these sensitive packets, by specifying characteristics of
these tunnels.
When the IPSec peer encounters such a sensitive packet, it sets up the appropriate secure tunnel and sends
the packet through the tunnel to the remote peer.
Figure 11.1 Creating a Secure Tunnel
These tunnels are sets of Security Associations (SA) that are established between two IPSec peers. The SA's
define which protocols and algorithms to apply to sensitive packets, and also specify the key to be used by
the two peers. Security associations are uni-directional and are established per security protocol (AH or ESP).