Archive for : February, 2020

post image

What Is Site-To-Site VPN?

There are several types of VPN that people and companies can use today. It’s necessary for users to learn about them so they can choose and they can use the right type of VPN that suits their necessities. In this article, we will share with you some info about site-to-site VPN. Additionally, if you want to use a VPN app on your Android smartphone, we recommend you find out what is the best android vpn so you can find an app that suits your mobile device.

Site-to-site VPNs create secure and permanent paths between websites. For example, between head office and branch offices via the internet. Both the head office and branch offices must have Cisco VPN equipment to build the VPN paths needed.

Cisco VPN equipment used at the head office is a Cisco VPN Concentrator for large companies, while for small or medium-sized companies it is sufficient to use a Cisco ASA firewall that supports VPN facilities.

Cisco VPN equipment used for branch offices is generally a Cisco ASA firewall that supports VPN facilities.

After the VPN path is established between the branch office and the head office, then computer users who are on the LAN at the branch office can access data that is on the LAN at the head office. Only of course access speeds are limited by the bandwidth of the VPN path used

What you need to consider is that the network configuration on the user’s computer at the branch office must use the default gateway in the form of an IP address (inside) the Cisco ASA firewall at the branch office.

If it’s viewed in terms of control or administrative control. In general, site-to-site VPNs can be divided into:

Intranet

When the VPN is only used to connect several locations that are still one agency or one company. Like the head office is connected with the branch office. In other words, administrative control is entirely under one control.

Extranet

When a VPN is used to connect several different agencies or companies, they have a “close” relationship. Like a textile company with a freight company used by the textile company. In other words, administrative control is under the control of several related agencies.

post image

There Are Some Security Models In VPN

VPN security systems usually require remote access to be authorized and utilize encryption techniques to prevent the disclosure of personal information. VPN provide security through tunneling protocols and security procedures. Therefore, security is the main concern for you to decide which vpn service is best according to your own needs.

Here are some security models that we can see in VPNs:

– Confidentiality. It exists so that even if a cybercriminal sniffs your data, the attacker will only see encrypted data that he cannot understand. It allows sender authentication to prevent unauthorized users from accessing the VPN. It maintains the message integrity to detect each case of transmitted messages that have been tampered with the Secure VPN protocol.

– IPSec (Internet Protocol Security) was developed by the Internet Engineering Task Force (IETF) and it was originally developed for IPv6, which requires it. Then, the Layer 2 Tunneling Protocol often runs more than IPSec. The design meets the most security goals: authentication, integrity, and confidentiality. IPSec functions through encryption and encapsulating IP packets in an IPSec packet. De-encapsulation occurs at the end of the tunnel, where the original IP packet is decrypted and forwarded to the intended destination.

– Transport Layer Security (SSL / TLS) can tunnel traffic throughout that network, as is the case in the OpenVPN project, or secure individual connections. A number of vendors provide remote VPN access capabilities via SSL. It can connect where the IPsec runs into troubles with the address of network Translation & the rules of firewall.

– Datagram Transport Layer Security (DTLS), it’s used in Cisco VPN AnyConnect, to solve SSL / TLS problems already with tunneling over UDP.

– Microsoft Point-to-Point Encryption (MPPE) works with the Point-to-Point Tunneling Protocol and several compatible implementations on other platforms.

– Microsoft Secure Protocol Socket Tunneling (SSTP), introduced in Windows Server 2008 and Windows Vista Service Pack 1. It’s basically SSTP tunnel Point-to-Point Protocol (PPP) or Layer 2 Tunneling Protocol traffic through SSL 3.0 channels.

– MPVPN (Multi Virtual Private Network Path).

– Secure Shell (SSH) VPN. OpenSSH offers VPN tunneling (different from port forwarding) to secure remote connections to networks or inter-network links. The OpenSSH server provides a number of concurrent tunnels and the VPN feature itself does not support private authentication.