This chapter discussed remote access options and alternatives, including traditional remote access and Virtual Private Network (VPN) architectures.

Remote access is defined as providing access to fixed site resources to those users who are not at a fixed workstation at that location's local-area network (LAN).

A cost-effective and secure alternative to traditional remote access is VPN. With VPNs, all phone calls that access corporate networks are local calls tunneled from the remote site to a local Internet service provider (ISP), over the Internet, and to the corporate VPN gateway.

VPN has three major components:

• LAN-to-LAN VPN is the next common VPN configuration. The LAN-to-LAN VPN is closely tied to the IPSec standard. Whereas the remote dial-up user VPN uses protocols such as PPTP, L2F, and L2TP, IPSec concentrates on LAN-to-LAN.

• Authentication is the process of positively identifying the entity (user, router, network device) that requires access. This authentication is usually done by means of a cryptographic function.

• Encryption is an extra precautionary measure that protects the data through the tunnel. Data is encrypted before it is encapsulated to reduce the risk that someone might tamper with it if the tunnel is breached.

Was this article helpful?

0 0

Post a comment