Module 10: Providing Secure Access to Remote

Offices

Overview

Defining Private and Public Networks

Securing Connections Using Routers

Securing VPN Connections Between Remote Offices

Identifying Security Requirements

Defining Private and Public Networks

Seattle

Public Networks

Tokyo

Private NetworksSeattle

Private Networks

Tokyo

Dedicated Connection

InternetInternet

Securing Connections Using Routers

Introducing Router Security

Using a Windows 2000–based Router

Introducing Router Security

Router

Seattle

Router

Tokyo

Packet FilteringMutual Authentication

Packet FilteringMutual Authentication

EncryptionEncryption

Using a Windows 2000–based Router

Network Address Translation

IP Packet Filtering

Virtual Private Network

CorporateOffice

RemoteOffices

Windows 2000-basedRouter

Windows 2000-based Router

Windows 2000-basedRouter

InternetInternet

Securing VPN Connections Between Remote Offices

Connecting Remote Offices over Private Networks

Connecting Remote Offices over Public Networks

Selecting a Tunneling Protocol

Virtual Private Network

Tunnel

Connecting Remote Offices over Private Networks

HR SeattleHR SeattleHR TokyoHR Tokyo

VPN Tunnel

Windows 2000–based Routers

Connecting Remote Offices over Public Networks

Tokyo

Seattle

ISPISP

ISPISP

InternetInternet

Selecting a Tunneling Protocol

FeaturesFeaturesFeaturesFeaturesTunneling ProtocolTunneling Protocol

L2TP/L2TP/ IPSecIPSec

PPTPPPTP IPSecIPSec Tunnel Mode Tunnel Mode

Support for NAT X

User Authentication X X

Machine Authentication X X

Multi-Protocol Support X X X

Stronger Security X X

Support for Non–Windows 2000–based Clients X

Identifying Security Requirements

Step 1: Determine What Must Be SecuredStep 1: Determine What Must Be Secured

Step 2: Determine the Level of Security to ApplyStep 2: Determine the Level of Security to Apply

Step 3: Determine Encryption RequirementsStep 3: Determine Encryption Requirements

Lab A: Planning Secure Connections for Remote Offices

Review

Defining Private and Public Networks

Securing Connections Using Routers

Securing VPN Connections Between Remote Offices

Identifying Security Requirements