Documente Academic
Documente Profesional
Documente Cultură
In a site to site VPN data is encrypted from one VPN gateway to the other,
providing a secure link between two sites over the internet. This would enable
both sites to share resources such as documents and other types of data over
the VPN link.
In a remote access VPN scenario which is also known as mobile VPN a secure
connection would be made from an individual computer to a VPN gateway. This
would enable a user to access their e-mail, files and other resources at work
from where ever they may be, providing they have an internet connection. There
are two common forms of technology that exists in remote access VPN known
as IPSec and SSL that are covered further below.
Why have a VPN
A real world example would be if a company was split into two sites
(When referring to sites we mean offices), the main site in the US and a
smaller site in the UK. The US site has already a full network and storage
infrastructure in place which consisted of active directory, an exchange
server, file server and so on. The UK site only consisted of a small
number of users, let’s say 10 employees. To make this particular scenario
cost effective a VPN connection from site to site would be the best
solution. Providing a VPN tunnel from the UK site to the US site would
save costs from having to install another network infrastructure,
exchange server, active directory server and so on. As the US site would
already have administrators maintaining servers and the infrastructure
and can now maintain the VPN connection as well as other resources
would prove another area where savings would be made.
Another cost saving scenario to the above example would be to close the
UK site down where employees based in UK could work from home. A
remote access VPN scenario would be suited if the 10 users were not
based anywhere in particular, and there was no UK based office. In this
case they would just require an internet connection and a configured VPN
client software enabling them to securely connect to their corporate
network in the US. If they were using SSL VPN then they would not even
require a configured client side software, they would just require the URL
address to connect to the VPN portal.
So VPN’s provide a superb and cost effective solution for companies with
several branch offices, partners, and remote users to share data and
connect to their corporate network in a secure and private manner.
With normal internet traffic, packets can be sniffed and read by anyone.
However sending data via a VPN tunnel encapsulates all data packets providing
high level of security. If packets which were sent securely over the internet were
sniffed, they would be unreadable and if modified this would also be detected by
the VPN gateway.
VPN tunnels use one of four main networking protocols, which provide the
sufficient level of security as shown below;
PPTP (Point to Point tunneling protocol)
IPSec operates on layer 3 and so can protect any protocol that runs on top
of IP. IPSec is a framework consisting of various protocols and algorithms
which can be added to and developed. IPSec provides flexibility and
strength in depth, and is an almost perfect solution for securing VPN’s.
The only drawback is IPSec requires setting up on the corporate network
and on the client end and is a complex framework to work with. IPSec is
used for both site to site and remote user connectivity.
SSL VPN provides excellent security for remote access users as well as
ease of use. SSL is already heavily used such as when you shop online,
accessing your bank account online, you will notice an SSL protected page
when you see the “https” in your browser URL bar as opposed to “http”.
The difference in using SSL VPN to IPSec is with IPSec a remote user
would require client software which would need installing, configuring and
sometimes troubleshooting. However with SSL there is no client software
if a user was using the SSL portal. The portal is a GUI interface that is
accessed via a web browser and contains tools and utilities in order to
access applications on the network such as RDP and Outlook. SSL can
also imitate the way IPSec works via a lightweight software. If a user
required client SSL software, it can be installed with very little effort via a
browser which simplifies the process in securely accessing to the
corporate network.
Using SSL VPN would mean thousands of end user’s would be able to
access the corporate network without the support of an administrator and
possible hours of configuring and trouble shooting, unlike IPSec. The end
user would just need to know the address of the SSL VPN portal. Another
advantage is they can do this from any computer as they do not have to
rely on a configured client side software.
Advantages
VPN’s eliminate the need for expensive leased lines. Historically T1 lines
have been used connecting office locations together in a secure manner.
If the office locations are further away, the cost of renting these least
lines can be unbearable. A VPN though, only requires you to have a
broadband internet connection, and so avoiding paying a hefty sum of
monthly rental on dedicated leased lines. VPN’s are also a replacement for
remote access server’s and dial up network connections although rarely
used anymore.
Having many branch offices over the globe requires many leased lines,
and so does not scale well. Each office would require a leased line to all
other offices. VPN’s connecting via the Internet is a far more scalable
solution, as opposed leased lines.
Through the use of link balancing and link bonding VPN's can use two or
more internet connections, so if one connection at your company had a
problem all VPN traffic can be sent over the remaining connections, and
will automatically use the original connection when it is back up again.
Disadvantages
You have to remember though, having a VPN means having to rely on the
Internet, and having to rely that your ISP (Internet Service Provider) is
reliable, although this problem can be reduced by having two or more
ISP’s and using the 2nd in a VPN failover scenario.
Also VPN’s require careful configuration, possibly some troubleshooting and the
terminology can be overwhelming for administrators not familiar with the
technology.
Aggressive Mode
For a successful and secure communication using IPSec, the IKE (Internet
Key Exchange) protocols takes part in a two step negotiation. Main mode
or Aggressive mode (Phase 1) authenticates and/or encrypts the peers.
Quick mode (Phase 2) negotiates the algorithms and agree on which
traffic will be sent across the VPN. Below I discuss Aggressive mode
(Phase 1).
You may be new to all the VPN terminology, so clicking on the links in this
VPN article will give you a good understanding on meanings within the
below guide.
First you would decide how your going to authenticate both VPN peers to
each other. Either select a Pre-shared key or install a digital certificate. This is
used for authentication and to ensure the VPN gateways are authorised.
This would prove their identities to each other. Both gateways must use
the same type of credentials, so either both use pre-shared keys or both
use digital certificates. Also if you are using pre-shared keys, then both
keys would have to match.
Phase 1
1) You will need to specify both gateway addresses. So you would specify
the address of the local VPN gateway and you would also specify the
address of the remote VPN gateway. You can either specify an IP address
or a domain name. On some VPN gateways you could also specify an e-
mail address, or if you use a digital certificate you could specify the
certificates subject field.
2) Main mode or aggressive mode can be selected depending on which one you
would want to use. Main mode is more secure, but slower than aggressive
mode. In Main mode peers exchange identities with encryption, and
Aggressive mode, although faster exchanges identities without
encryption. Main mode is the more commonly used. Aggressive mode is
typically for when one or both of the VPN gateway's have a dynamic IP
address.
4 You would now decide on your transform set. This includes the type
ofencryption, authentication and how long your security association will last. For your
authentication you can either use Sha1 or MD5. Sha1 is the stronger
authentication algorithm.
For your encryption you can select either DES, 3DES or AES 128, 192, 256
bit key strength. AES is the strongest protocol.
You can specify a limit before your SA expires, which will add more
security to your VPN if your keys have been hacked. Although this will
also have a slight affect on performance as well.
You will need to specify a Diffie-Hellman key group, usually 1, 2, 5 or 14 in
which 14 is the most secure group.
You can optionally set up extra transform sets if needed. If you’re not
sure on your peers transform settings, then you may want to set up more
transform sets. Although it is recommended to know your peers settings
and create the minimum transform set’s required as it is more secure this
way.
Phase 2
In phase 2 using Quick mode you would establish the IPSec SA. You would
tell the gateway what traffic you will be sending over the VPN, how to
encrypt and authenticate it.
1) You will need to specify what traffic will go across the VPN. So you
would be specifying an IP address, Network address, or IP address range.
This is access to your internal network, so either remote users from
home, or the peer office can have access to resources behind the VPN
gateway.
2) You can choose whether to use PFS (Perfect forward secrecy), for
optional and an extra layer of security. If you will be using PFS,
remember that both VPN peers must support and use PFS. You can select
which Diffie-Hellman group to use for new keying material. The higher the
group you select, the stronger the key.
You would now need to specify some more parameters in securing your
data within the IPSec SA (Phase 2), also known as phase 2 proposals. The
parameters are made up of encryption and authentication algorithms.
3) Here you first specify the type of proposal, either selecting AH orESP.
AH only provides authentication, and ESP provides authentication and
encryption.
4) If you have specified ESP, which the majority would choose, then you
would specify your authentication and encryption. For authentication and
integrity you can select SHA1 or MD5, where SHA1 is the strongest
algorithm. For encryption you can select DES, 3DES or AES 128, 192, or
256-bit key strength. AES 256 is the strongest encryption protocol.
5) You may want to specify a value for when your key would expire. This
would ensure your encryption keys would change over a period of time,
adding more security, as well as having a slight affect on performance.
The majority leave these settings as the default. However if your a bank
or any other company dealing with confidential data then you may want
to force keys to expire, and have them re-created.
Final steps
You may now need to create policies or rules to allow your VPN traffic in
and out of your firewall. This may have already been done for you when
you had completed configuring your gateway, and you may have had the
option to either enable or disable your VPN gateway to automatically
doing this for you, all depending on the product functionality.
You are done in configuring your VPN gateway, and you can now
configure the peer VPN gateway. Remember to configure your peer VPN
gateway with the exact same settings as you configured your local
gateway or else the VPN tunnel will not form successfully.
Final words
The above article is not specific to any VPN gateway so you may find
differences in order of settings or slight difference in terminology used,
but nothing more than that. Whatever firewall you may use for VPN
connectivity such as Watchguard, Fortinet, SonicWALL, Cisco and so on
they all support IPSec which is a standardised internationally known
framework with a standard set of parameters and settings and so you will
find the above instructions to be very like how you would set up your
firewall VPN gateway. The only differences you would see would lie within
the GUI, and possibly some slight naming alterations.
In a nutshell, with all VPN gateways using IPSec you would have to
configure your VPN gateway addresses, phase 1 settings, phase 2
settings, create VPN firewall policies (some firewalls automatically create
VPN policies for you) and save the configuration in which ever vendor
product you work with.
When two IPSec gateways want to make a VPN connection between them,
they negotiate on various settings and parameters and must make an
agreement on the parameters used. For example what type of
authentication and encryption will be used within the VPN tunnel. This is
generally called VPN negotiation.
IPSec does not use RSA for data encryption. It uses DES, 3DES, or AES.
IPSec uses RSA for IKE internet key exchange for during peer
authentication phase, to ensure the other side is authentic and who they
say they are.
5 phases of IPSec
4 Transfer data – After the tunnels are established you transfer the data.
For a successful and secure communication using IPSec, the IKE (Internet
Key Exchange) protocols takes part in a two step negotiation. Main mode
or Aggressive mode (Phase 1) authenticates and/or encrypts the peers.
Quick mode (Phase 2) negotiates the algorithms and agree on which
traffic will be sent across the VPN. Below I discuss Quick mode (Phase 2).
In phase 2 you would specify which traffic will travel across the VPN. IP
addresses behind both VPN devices would be specified in order to send
traffic, in which both gateways would inform each other via phase 2 ID’s.
You could specify an individual IP address, a network IP address or a
network range.
All Quick mode negotiations are protected from when the IKE SA was
established when Main mode during phase 1 was completed. In Quick
mode parameters are negotiated and agreed between the peers such as
to use Transport or Tunnel mode, ESP or AH, encryption type and hash
functions. These parameters would then be used to secure data traveling
across the VPN tunnel.
L2TP over the Internet - L2TP
VPN tutorial
L2TP (Layer 2 Tunneling Protocol)
L2TP is seen as the replacement for PPTP and L2F. L2TP's other main
advantage is that it is routable over other networks as well as IP. PPTP is
only routable over IP. Also L2TP can be used in conjunction with IPSec to
provide encryption, authentication and integrity. Ultimately IPSec is the
way forward and is considered better than the layer 2 VPN’s such as PPTP
and L2TP.
For a successful and secure communication using IPSec, the IKE (Internet
Key Exchange) protocols takes part in a two step negotiation. Main mode
or Aggressive mode (Phase 1) authenticates and/or encrypts the peers.
Quick mode (Phase 2) negotiates the algorithms and agree on which
traffic will be sent across the VPN. Below I discuss Main mode (Phase 1).
You should use main mode when peers have static IP addresses. If one or
the other peer does not use IP address as the identifier of that peer then
Main mode can only be used if certificates are used for the credential
methods.
3DES is simply the DES symmetric encryption algorithm, used three times
on the same data. The same data is encrypted two more time using DES,
and hence where the name triple DES came from. Of course this makes
the encryption stronger and more difficult to break, although Triple DES
was later replaced by AES which proves to be the strongest encryption
algorithm.
When the 3DES process is complete, data is sent to its final destination.
However 3DES works in a number of other modes as well. As shown
above it is basically Encrypt, Decrypt and finally encrypts again using 3
different keys. This is known as DES-EDE3.
DES-EDE2 – Here we only use two keys, in which the first and last
encryption is done using exactly the same key.
DES-EEE2 – Finally this also uses two keys, the first and last encryption is
done using the same key.
Depending on the key lengths and block sizes AES produces a number of
rounds of computation.
In a block and key size of 128 bits, there are 10 computation rounds.
In a block and key size of 192 bits, there are 12 computation rounds.
In a block and key size of 256 bits, there are 14 computation rounds.
AES became the replacement for 3DES and DES. DES in particular was
found to be weak and breakable. AES is a popular encryption standard
approved by the government and supported by all VPN vendors.
AES today is also used in removable media such as USB's and external
hard drives. It is effective in both hardware and software and uses less
memory than most other symmetric algorithms. Simply put, you can
protect your data on your USB memory stick using encryption software
running the AES algorithm. If an encrypted USB was stolen and in the
wrong hands, data would be protected and would be in an un-readable
format.
Asymmetric encryption is much more scalable because you have two keys
and can hand your public key out to the world, not requiring to keep a
track of who has the key. With symmetric keys, you need to ensure only
the entities intended to communicate with you securely has your key and
no one else, which does not scale well at all.
If confidentiality was needed over the public network then a user can
encrypt data using Barclays bank public key. Barclays bank can only
decrypt this data as they hold the corresponding private key for that
public key.
Remember when Barclays encrypted this message with the other banks
public key, this would provide confidentiality because no one else but the
other bank can decrypt the message as only they hold the private key
which is mathematically related to their public key. Also when Barclays
bank encrypted the message with their own private key, this provides
authentication because only the public key that is accessible to everyone
can decrypt the messages which would prove it cam from Barclays bank.
The clever point is not everyone can see the final message other than the
bank it was intended for, because it was encrypted twice. The first part
everyone can decrypt, which would only provide authenticity, but the
second decryption required the other bank’s private key which only they
have access to as it was encrypted with their public key.
Session key
Asymmetric algorithms
Diffie-Hellman
Diffie-Hellman was the first public key algorithm. Being the first, Diffie-
Hellman has its problems, the primary one being it does not provide
authentication. However using Diffie-Hellman within IPSec along side
other authentication methods works well and is still used today. It is
based on calculating discrete logarithms in a finite field. To note, Diffie-
Hellman only provides key distribution. Authentication and encryption are
not supported. See Diffie-Hellman page for more information.
Knapsack
El Gamal
Another option for VPN authentication is with the use of Xauth (extended
authentication) where additional user authentication is required usually
through the use of LDAP or Radius authentication protocols. However this
is usually used when setting up remote / mobile user VPN. This is
executed at the end of phase 1 negotiation.
For example Joe wants to communicate with Carl and so sends his
certificate to Carl and Carl checks out the certificate's CA signature with
Verisign. He will look at the CA public key with Verisign to ensure the CA
signature is on the certificate. If the certificate is valid then Carl can
assume Joe is who he says he is, and the message is valid. Then Joe
checks Carl’s certificate and if the certificate is fine and valid, the VPN
process can be progressed.
All certificates are exchanged during the IPSec negotiation process. CA’s
are the masterminds behind the public key infrastructure (PKI). The CA’s
digital certificate is created with the CA’s private key, it’s the one that
guarantees the authenticity.
Looking further into digital certificates and CA's, there are two parts to be
aware of and can be confusing so below are the differences and the
relationship;
A one way hash simply takes a variable length string and data, and
produces a fixed length hash value. The hash along with its data is then
sent to the receiver. The receiver will compute the same hash function on
the data to compare this to the sending hash result, and if they are the
same, then the message will be accepted. We can say that the message
has not been modified in transit.
DES encryption algorithm uses a 56 bit key to encrypt data for transit.
DES is a symmetric key algorithm, and so uses one key which does the
encryption and decryption on the same data.
Some claim DES is a 64-bit key algorithm. However out of the 64 bits, 56
bits are actually used for keying material, where the remaining 8 bits are
reserved for parity information and to ensure integrity of the remaining
56 bits of data. So in a sense it is correct that DES uses 64 bits, but 8 of
those 64 bits are not used to encrypt data. For the keying it actually uses
56 bits, so in other words the encryption strength is 56 bits.
ECB provides the highest throughput and so is the quickest of the modes.
However it is also the weakest form of DES modes to break into. This is
because it will always produce the same cipher text when using the same
key. ECB mode should only be used on small amounts of data such as key
values.
CBC is more secure than ECB as it simply does not expose a pattern
within the encrypted data, unlike ECB. This is because the value of the
previous block of text is added to the algorithm as well which produced
the next block of text. This process is referred to as chaining, and adds a
high degree of randomness to the data. One issue with this mode is if an
error occurs it will be propagated to the rest of the blocks, as already
mentioned all blocks are encrypted in a chain like method using the
values of the previous block to provide randomness, and so connected.
This could cause decryption to fail. You can use CBC to encrypt large
amounts of data in 64 bit blocks.
CFB works with smaller block sizes of 8 bits rather than 64 bits, and
emulates a stream cipher. CFB works similar to CBC in that the value
from the previous blocks results in the encrypted data for the next block.
CFB is used in situations when needing to encrypt smaller amounts of
data at a time.
OFB also emulates a stream cipher; however unlike the two previous
modes OFB eliminates the use of chaining. Because the value to encrypt
the next block of data comes from the key stream and not from the cipher
text, it reduces the chances of errors and so becomes a more reliable
encryption method.
Counter Mode (CTR)
The process works by two peers generating a private and a public key.
Peer A would send it’s public key to peer B and peer B would send it’s
public key to peer A. Peer A would then use the public key sent from peer
B and it’s own private key to generate a symmetric key using the Diffie-
Hellman algorithm. Peer B would also take the same process as peer A
and in turn produce the exact same symmetric key as peer A, though
enabling them to communicate securely over the in-secure internet. Both
peers can now encrypt, transmit and decrypt data using their symmetric
keys.
Diffie-Hellman just does key exchange and does not do data encryption,
digital signatures or any authentication.
A real life comparison would be like humans having identity cards such as
a driving licence, a passport, etc. A digital certificate plays the same role
for authenticating devices proving they are who they say they are by
exposing their certificates (Their version of a passport/driving licence) to
peer devices.
In a real world scenario, if you were shown ID from a human being using
their DVLA driving license you would feel confident they are who they say
they are, having an ID issued by DVLA. However on the other hand if they
were to show you their employee ID from company Joe Bloggs, or some
other random ID you would most likely feel a little suspicious.
How this works is, you are issued a certificate from a CA. When you pass
your certificate to a peer, they check your certificate against the CA
certificate which is cryptographically tied with your certificate, and if they
match, then the remote peer would trust your identity. You would also
take the same steps in checking your remote peer’s identity.
When creating a site to site VPN connection we would use public static IP
addresses to connect to each end. At one end we would tell our firewall to
connect to the other firewall and specify its static address, and then we
would do the same at the other end. However some public IP’s are not
static and are dynamically assigned by the ISP. We now have a problem
because the remote firewalls IP changes every so often and this means
our firewall will be pointing to an incorrect IP address.
The way we can overcome the issue is by registering our firewall with a
provider like DynDNS.com. We would register out current firewall IP
address along with a URL to use instead on our firewall. Anytime our IP
address changes, DynDNS will know about this and update accordingly.
So the URL will always reflect the correct IP address.
So in your firewall (assuming you firewall supports this) you would specify
a URL instead of an IP address to reach the remote firewall your
connecting to.
When encrypted data reaches the peer VPN gateway, or any entity for
this matter that encrypts data in transit, the remote peer will have an
identical key and use this key to decrypt the data.
Asymmetric encryption -
Two keys are used, a public key and a private key. Data is encrypted
using the public key and decrypted with the private key. Asymmetric
encryption is used for communication over in-secure networks such as the
internet. Asymmetric encryption is also known as public key encryption.
Symmetric encryption -
A single key is used to encrypt data and decrypt data. There are a
number of symmetric encryption algorithms as follows;
DES –
One of the first encryption algorithms. Has been replaced by 3DES. See
DES page for more information.
3DES –
A replacement for DES, a stronger algorithm. Read 3DES page for more
information.
AES –
AES encryption algorithm is the standard today. See the AES page for
more information.
Blowfish -
Twofish -
Twofish is a block cipher with a 128 bit block size, and a key size of up to
256 bits. Twofish was one of the contenders to fill in the boots as an
algorithm for AES, but did not eventually reach this far.
IDEA –
CAST -
Safer (Secure and Fast Encryption Routine) is another block cipher which
comes in two sizes of 64 and 128 bit key sizes. This encryption algorithm
was another candidate for AES.
Skipjack –
Another block cipher, which uses an 80 bit key and 64 bit block size. It
was developed to be used with clipper chip (chipset for voice
communication).
RC -
RC4 – A stream cipher with a variable key size and is used in SSL and
wireless technology in WEP. RC4 is a quick, simple and effective
algorithm.
RC5 – A fast block cipher which uses various key and block sizes.
RC6 – A block cipher and an improved version of RC5. RC6 was another
candidate for AES.
Encryption uses
ESP provides all four security aspects of IPSec. These are confidentiality,
integrity, origin authentication, and anti-replay protection. Confidentiality
would ensure data is encrypted. Providing integrity would ensure data in
transit has not been tampered with and origin authentication would
ensure the remote peers are who they claim to be. Anti-replay will ensure
duplicated traffic is not accepted which would prevent DOS attacks, as
well as spoofed traffic.
ESP can operate in either tunnel mode which is more secure due to
encrypting the routing, header information and IP payload, or can operate
in transport mode in which it only encrypts the IP payload. Tunnel mode
is usually used between gateways through the internet, and transport
mode is usually used for host to host VPN’s such as between a server and
a computer.
Oakley is used along side ISAKMP, and is now commonly known as IKE
(Internet Key Exchange). Basically Oakley is a protocol to carry out the
key exchange negotiation process for both peers, in which both ends after
being authenticated can agree on secure and secret keying material.
Oakley is based on the Diffie-Hellman key algorithm in which two
gateways can agree on a key without the need to encrypt.
Management of keys
Message integrity algorithms ensure data has not been changed in transit.
They use one way hash functions to detect if data has been changed.
MD5 is a cryptographic one way hashing algorithm which uses a 128 bit
hash value just like its predecessors. Although it still uses the same hash
value, the algorithm is more complex and difficult to break than the
others. MD5 is used by to provide data integrity and authentication,
ensuring data has not been altered in transit. However sha-1 is a stronger
hash function than MD5, and ideally should be used if the option is
available. MD5 will ensure data has not been tampered with and achieves
this by converting plain data into unreadable ciphertext known as a hash.
If any data during transit has changed, even slightly the hash will look
completely different, and it would be assumed data has been tampered
with.
In a nutshell MD5 will ensure data has not been changed when in transit.
MD5 is a symmetric key algorithm. MD5 consists of a key size of 128 bits.
A hash is appended to the original message.
Nat Traversal also known as UDP encapsulation allows traffic to get to the
specified destination when a device does not have a public address. This
is usually the case if your ISP is doing NAT, or the external interface of
your firewall is connected to a device that has NAT enabled.
Also in some cases depending on the level of encryption, the payload and
in particular the headers are encrypted when using IPSec ESP mode. The
NAT device can not change these encrypted headers to its own addresses,
or do anything with them.
The NAT device in the middle breaks the authenticity, integrity and in
some cases can not do anything at all with the packet. It is clear NAT and
IPSec are incompatible with each other, and to resolve this NAT Traversal
was developed. NAT Traversal adds a UDP header which encapsulates the
IPSec ESP header. As this new UDP wrapper is NOT encrypted and is
treated as just like a normal UDP packet, the NAT device can make the
required changes and process the message, which would now circumvent
the above problems. Also enabling Nat-Traversal on the gateways
resolves the problem with the authenticity and integrity checks as well, as
they are now aware of these changes.
Three ports in particular must be open on the device that is doing NAT for
your VPN to work correctly. These are UDP port 4500 (used for NAT
traversal), UDP port 500 (used for IKE) and IP protocol 50 (ESP).
PFS will ensure the same key will not be generated again, so forcing a
new diffie-hellman key exchange. This would ensure if a hacker\criminal
was to compromise a private key, they would only be able to access data
in transit protected by that key and not any future data, as future data
would not be associated with that compromised key.
Both sides of the VPN must be able to support PFS in order for PFS to
work. When PFS is turned on, for every negotiation of a new phase 2 SA
the two gateways must generate a new set of phase 1 keys. This is an
extra layer of protection that PFS adds, which ensures if the phase 2 SA’s
have expired, the keys used for new phase 2 SA’s have not been
generated from the current phase 1 keying material. Of course if PFS is
not turned on then the current keying material already established at
phase 1 will be used again to generate phase 2 SA’s.
You don't have to use PFS if you don't want to, just leave it disabled.
However if you are protecting very sensitive data then maybe it should be
enabled. It depends on your requirements and security policies. It
depends on how sensitive your data is and how often you would like to
renew these keys. What is the worst that could happen if a criminal did
get their hands on this sensitive data? This should give you a good
indication to whether you should have it enabled and for how long each
key is renewed or disabled. Just remember having it enabled and
renewing keys more often will have a little performance impact but
provide further security.
PKI uses public key cryptography and works with x509 standard
certificates. It also provides other things such as authenticating users,
producing and distributing certificates, maintaining, managing and
revoking certificates. PKI is an infrastructure in which many things
happen and is not a process or algorithm itself, so PKI consists of a
number of aspects to enable the infrastructure to work. As well as
authentication, PKI also enables the use of providing integrity, non-
repudiation and encryption.
Central –
Hierarchical –
The CA would require some information back from this company. Usually
some proof they are who they claim to be, and require their registration
information.
The CA will sign and issue the company with a digital certificate, and this
will be their identification proving they are who they claim to be.
The company can now use this information to participate in the PKI
system.
Joe wants to communicate with Carl and so sends his certificate to Carl.
Carl checks out this certificate's CA signature with his CA, Verisign for
example. He will look at the CA public key with Verisign to ensure the CA
signature is on the certificate. If the certificate is valid then Carl can
assume Joe is who he says he is, and the connection would be accepted.
Then Joe checks Carl’s certificate, and if the certificate is fine and valid,
the VPN process can be progressed.
How a secure key is agreed upon by two peers
The process works by two peers exchanging their public keys. Joe
would send his public key to Carl and Carl would send his public key
to Joe. Joe would then use the public key sent from Carl and its own
private key to generate a symmetric key using the Diffie-Hellman
algorithm. Carl would also take the same process as Joe and in turn
produce the exact same symmetric key as Joe, though enabling
them to communicate securely over the in-secure internet. Both
peers can now encrypt, transmit and decrypt data using their
symmetric keys.
Most firewalls support both policy based and route based VPN’s. Which
one we are supposed to use in most cases doesn't really matter, but there
are a couple of things to consider.
Route based VPN is more flexible, more powerful and recommended over
policy based. However a policy based VPN is usually simpler to create.
A route based VPN creates a virtual IPSec interface, and whatever traffic
hits that interface is encrypted and decrypted according to the phase 1
and phase 2 IPSec settings.
In policy based VPN the tunnel is specified within the policy itself with an
action of "IPSec". Also for policy based VPN only one policy is required. A
route based VPN is created with two policies, one for inbound and another
for outbound with a normal "Accept" action.
A static route is also required for a route based VPN, so anything destined
to the remote network must go through the virtual IPSec interface which
was created when specifying this within the Phase 1 settings.
A route based VPN is also required when using redundant VPN connection.
A route based VPN only works in route mode, where policy based VPN
works in both route and transparent mode.
Conclusion
Although PPTP is easier to use and configure than IPSec, IPSec outweighs
PPTP in other areas such as being more secure and a robust protocol.
PSK is a key both peers use to identify themselves to each other. If one
pre-shared key is different from the other, then the authentication will not
be successful. In a real world scenario you would specify this on a VPN
Gateway at one site, such as a firewall with VPN capabilities and then
specify the exact same key on the other site’s VPN Firewall. So it is a way
for a device to prove it is authorised by providing a pre-shared key
identical to the opposite peer in negotiation.
Pre shared keys are easier to configure than digital certificates, and are
typically used for small to medium sized businesses that require a VPN
connection. You would usually communicate a pre-shared key via the
phone or in person so that it is not captured by anyone such as a hacker
sniffing the network.
You would then specify your pre-shared key within your VPN
configurations, and do the same at the peer end. A VPN gateway should
use long Pre-shared keys to eliminate chances of being hacked, 10 plus
characters is recommended. For large networks though, digital certificates
should be implemented over pre-shared keys as digital certificates are
scalable.
Remote access users are end users and employees who access their
corporate network remotely. This would be via a VPN client. On the
remote user's laptop VPN client software would be installed, which a
remote user would use to connect to their VPN gateway at the corporate
site over the internet. Initially when the client software is installed on a
laptop, it would require setting up, so that it knows how to reach the
corporate VPN gateway and how to encrypt and authenticate to it as well
as other parameters.
Usually the VPN client software also consists of a firewall protecting them
as well as the corporate network from outside threats. After all a remote
user with a laptop can be a threat to the corporate network. The laptop
may contain viruses and trojans. So for this reason a firewall is required
mainly to protect the corporate network, as well as the remote user's
laptop.
Also many VPN servers now come with the ability to control their end
user's via network access control. For example if the laptop is not on the
latest windows patch, is not up to date with the newest anti virus dat
files, has not got a certain application running, then the laptop is not
allowed access to the corporate network.
Like Diffie-Hellman, using RSA requires a public key and private key for
encrypting and decrypting data over the internet. The main purpose to
use such an algorithm is because we need a scalable and secure solution
for secure key exchange over the internet. VPN gateway's as well as other
aspects such as secure websites communicating keys across the internet
to be used for encrypting and decrypting data could easily be sniffed and
stolen by a hacker. For this reason, it is why the public and private key
(Asymmetric) mechanism was put into place. So entities could securely
agree on a symmetric key over the internet without anyone else being
able to capture the secret key.
RSA has been implemented in hardware and software. RSA is built into
software such as Microsoft products, Apple and Novell. RSA has been
implemented into hardware such as network interface cards and smart
cards as well.
As well as RSA, some other asymmetric encryption algorithms are Diffie-
Hellman, ECC, El Gamal, DSA, LUC and Knapsack.
SA (Security Association)
Message integrity algorithms ensure data has not been changed in transit.
They use one way hash functions to detect if data has been changed.
Other integrity algorithms include MD2, MD5, MD6, Haval and Tiger.
Site to site VPN is a VPN tunnel between two or more sites. This would
allow offices to share files and other resources. A VPN tunnel would be
created using VPN gateways on each site usually using IPSec to secure
the VPN connection over the internet.
When a tunnel has been created between sites, users are able to access
and share files and resources easily. However this would all rely on an
internet connection and relying that both sites ISP's are up. Some site to
site VPN's are configured using multi-wan setup which would provide
them with some redundancy if an ISP went down. So on their VPN they
would have two ISP's connected. The primary ISP would usually be the
faster internet connection, and they would have a slower link connected
as a back-up link. This backup link would come into affect if the primary
ISP goes down.
VPN's can also be setup in a site to multi site configuration. So you would
have all branch offices connected to the head office VPN. The branch
offices can connect to each other via the head office. This is usually
referred to as a hub and spoke deployment. The head office is the hub,
and the branch offices are the spokes connecting to the hub. The head
office VPN appliance would need to be powerful and scalable to provide
connectivity to all branch offices.
Now vendors have started making use of the SSL application layer
protocol in conjunction with VPN’s. SSL provides excellent security for
remote access users as well as ease of use. SSL is already heavily used
such as when you shop online, accessing your bank account online, you
will notice an SSL protected page when you see the “https” in your
browser URL bar as opposed to “http”. The difference in using SSL VPN is,
with IPSec a remote user would require client software and would need to
configure this. However with SSL VPN you do not need any client software
as you log into a portal. You just need the URL address and use a web
browser to access the portal.The portal is a GUI interface that is accessed
via a web browser and contains tools and utilities in order to access
applications on the network such as RDP and Outlook. SSL VPN can also
imitate the way IPSec works via a lightweight software client that can be
configured and installed without much effort, which simplifies the process
in securely accessing the corporate network.
For a first time VPN user using SSL they would access the VPN gateway
via their web browser either using an IP address or a domain name. This
would take them to a GUI asking them to log in. To imitate that of the
way IPSec works (giving full access to the network from a client) client
software can be installed via ActiveX or Java. When client software has
been installed, remote user would be able to login which will create a VPN
tunnel from remote user to VPN gateway. Now the end user will have
access to their network resources.
The client software installed through a web browser is a breeze and in fact
you would not notice much at all. All the settings are configured for you,
and it is as simple as clicking a button when installing client software for
SSL VPN.
SSL VPN software also comes with a feature called host checking or
Network Access Control. This means the software will only allow users if
their computer systems are compliant and up to date. For example you
can configure the SSL VPN to only allow users to be able to access the
network if their system's anti-virus software and firewall is up to date,
their operating system is on the latest patch and they are running a
certain application that the company requires.
Key points between IPSec and SSL VPN's
SSL VPN is accessed via a web portal front end after a secure https
connection has been established between the client and server. From here
a user can access the configured enterprise applications. IPSec VPN
connectivity happens via the configured client software, and when
connected can use resources available on the network.
SSL is very easy and simple to install and use as compared to IPSec. The
IPSec protocol is sometimes blocked in public places such as hotels and
cafe's where SSL is usually always open.
IPSec provides security to network access only, where SSL VPN's provides
secure access to certain applications. IPSec is suitable for LAN to LAN or
gateway to gateway connectivity where SSL VPN is suitable for remote
client access only.
IPSec is an all or nothing scenario. This means you are either connected
to the network or you are not. SSL VPN has much tighter control and can
be setup so that for certain users they get access to certain applications
only and can only access the network if their system is compliant.
If you are looking to buy a dedicated VPN solution, here is list of SSL VPN
vendors.
For example a VPN gateway at a bank with highly confidential data I may
want to use;
The above would be my proposal or transform set for a bank. I may name
this proposal "High-Security" for my own reference. However the peer
device connecting to my bank must also use the exact same settings as
above to successfully create a VPN tunnel. Although if a remote peer does
not use the same settings you can configure other proposals with
alternative settings to fall back on. So you may specify your ideal protocol
and algorithms to use in your first proposal and then below this a fallback
proposal which could be used if a remote peer has a different combination
of protocols and algorithms specified as it’s proposal.
When using ESP you can specify one of two modes, in which ESP operates
in. Tunnel mode encrypts the whole packet. Tunnel mode is used for site
to site VPN, when securing communication between security gateways,
concentrators, firewalls, etc. Tunnel mode provides security for the entire
original IP packet, that is the headers and the payload.
The other mode ESP can operate in is Transport mode, which is not as
secure as it only encrypts the data portion and not the whole packet
unlike tunel tunnel mode.
Transport mode encrypts the data portion of the packet. It works between
two different workstations running some kind of VPN software. Transport
mode protects payload of packet and the high layer protocols. Transport
mode leaves the original IP addresses in open clear text. Using transport
mode the final destination is not a gateway or router, generally the host
itself. Transport mode provides security to the higher layer protocols only.
Tunneling
You will tend to have 3 tunneling options when using an IPSec VPN client;
Tunnel everything –
Means all traffic at a client will be encrypted and sent through the IPSec
tunnel.
Split tunneling –
In this setup when you surf the web, it is a direct connection to the
internet without it being encrypted and traveling via the VPN concentrator
or VPN server. However you can still access the corporate LAN through
the IPSec tunnel, hence the name split tunneling. So you have two
tunnels, one is encrypted when your browsing the internet and the other
is encrypted when accessing your corporate LAN.
Split tunneling means you will be able to browse the web and the
browsing will not be affected through the VPN encrypted tunnel. However
this does provide a security concern. As you now have a tunnel to your
corporate LAN and you can freely browse the web. You have opened a
pathway from the internet to your corporate LAN via your laptop. This
means if your laptop has been infected, a criminal can easily access your
corporate LAN via your compromised laptop.
Usually the default setting and most secure option is to tunnel everything.
Of course you may experience slower browsing as all traffic will be
traveling through the IPSec tunnel to you corporate gateway, and having
all these security headers added to it, as well as secure filtering via your
firewall web filter, anti-virus and other UTM features.
All major IPSec clients such as Fortigate VPN client, Cisco VPN client,
Sonicwall, Juniper, Mcafee, Checkpoint supports the use of split tunneling.
Site to Site
In this topology all remote sites connect to the head office site. Remote
sites are like all the spokes on a bicycle wheel which connect to the hub of
the wheel (head office). For a multi site VPN scenario a hub and spoke
topology is the most common implementation. A central hub will enable
not only connectivity from remote site to the hub and the hub to the
remote sites, but acts as a gateway for remote sites to communicate with
each other via the hub.
Going off the scope a little I'll give an example below how this would be
configured on a Fortinet firewall.
Now you have a spoke to hub and hub to spoke VPN configuration on the
hub side. From the spoke end you just need to configure a VPN as you
would configure a standard site to site config to the hub.
On the spoke side some further alteration is required as well. All As well
as the Hub address all other spoke addresses have to be specified in both
firewall policies, again you can group these together via an address
group. You have now a VPN config where all remote sites can
communicate via the hub.
This topology requires the most work. However it also provides the most
reliability. Here all sites are connected to each other. There is no hub. In
the previous Hub and spoke topology, if the hub dies or there is a
connection problem to the hub, all sites will have no connectivity.
However in this case there is no hub, so if a site has a hardware failure,
only that site will be down, all other sites can still communicate with each
other.
So here in each site’s VPN device you have to specify all other sites, and create
the required phase 1 and phase 2 settings and firewall policies for the number of
sites. Every site will be connected to every other site. However the more sites
there are the more connections and this can multiply very quickly, making it
unmanageable.
A tunnel is a virtual path or route between two end points through the
internet. When you’re making a site to site or site to mobile VPN
connection, then this is where you are creating a tunnel or a secure
tunnel from one gateway to another. So data packets travel securely
through a tunnel connection through the internet encapsulated inside ESP
headers and trailers and inside a new IP header which travels securely
over the internet.
Also take a look at my VPN tutorial guide which explains the ins and outs of
VPN's and VPN implementation.