Virtual Private Networking: A Construction, Operation and Utilization Guide

Overview

This book provides network managers, LAN administrators and small business operators with all they need to know to "interconnect" multiple locations or travelling employees that need to access a single location. The operation and utilization of virtual private networks is discussed both in theory and practicality, covering the technical aspects associated with encryption and digital certificates as well as the manner by which readers can create VPNs using readily available ...

See more details below
Paperback (New Edition)
$145.00
BN.com price
Other sellers (Paperback)
  • All (10) from $23.65   
  • New (4) from $58.95   
  • Used (6) from $23.65   
Sending request ...

Overview

This book provides network managers, LAN administrators and small business operators with all they need to know to "interconnect" multiple locations or travelling employees that need to access a single location. The operation and utilization of virtual private networks is discussed both in theory and practicality, covering the technical aspects associated with encryption and digital certificates as well as the manner by which readers can create VPNs using readily available products from Microsoft, Cisco, Checkpoint and possibly other vendors.

The author was among the first to write about the concept of virtual private networking in a series of articles published over five years ago, and in the intervening years this has become a very hot topic - with the technology being increasing deployed by companies.

Virtual Private Networking, by Gilbert Held, covers the technology and the theory, but also shows readers, through numerous examples, 'how to use ' the technology.

Read More Show Less

Product Details

  • ISBN-13: 9780470854327
  • Publisher: Wiley
  • Publication date: 3/19/2004
  • Edition description: New Edition
  • Edition number: 1
  • Pages: 306
  • Product dimensions: 7.44 (w) x 9.25 (h) x 0.71 (d)

Meet the Author

Gilbert Held is an award winning author and lecturer. Gil has written over 50 technical books and 400 articles over the past 30 years. In addition, Gil has earned many accolades and has been presented with an award from the Association of American Publishers. He has also been selected by Federal Computer Week to join the Federal 100, a list of the top 100 persons in academia, industry and the Federal Government that have made a significant impact upon the equipment acquisition process.

Read More Show Less

Table of Contents

Preface xiii

Acknowledgements xv

Chapter 1 Introduction to Virtual Private Networking 1

1.1 THE VPN CONCEPT 1

1.1.1 DEFINITION 1

1.1.2 TYPES OF VPNS 2

1.1.3 CATEGORIES OF VPNS 4

1.1.4 INFRASTRUCTURE 8

1.1.5 BENEFITS OF USE 9

1.1.6 DISADVANTAGES OF VPNS 12

1.1.7 VPN PROTOCOLS 14

1.1.8 SUMMARY 17

1.1.9 ALTERNATIVES TO VPNS 18

1.1.10 ECONOMIC ISSUES 19

1.1.11 OTHER ALTERNATIVES 20

1.2 BOOK PREVIEW 20

1.2.1 UNDERSTANDING AUTHENTICATION AND CRYPTOLOGY 21

1.2.2 UNDERSTANDING THE TCP/IP PROTOCOL SUITE 21

1.2.3 LAYER 2 VPN TECHNIQUES 21

1.2.4 HIGHER LAYER VPNS 22

1.2.5 VPN HARDWARE AND SOFTWARE 22

1.2.6 SERVICE PROVIDER-BASED VPNS 22

Chapter 2 Understanding Authentication and Encryption 23

2.1 AUTHENTICATION 23

2.1.1 PASSWORD AUTHENTICATION PROTOCOL 24

2.1.2 CHALLENGE-HANDSHAKE AUTHENTICATION PROTOCOL 27

2.1.3 EXTENSIBLE AUTHENTICATION PROTOCOL – TRANSPORT LEVEL SECURITY 30

2.1.4 TOKEN AUTHENTICATION 30

2.2 ENCRYPTION 31

2.2.1 GENERALMETHOD OF OPERATION 31

2.2.2 PRIVATE VERSUS PUBLIC KEY SYSTEMS 33

2.2.3 PUBLIC KEY ENCRYPTION 34

2.2.4 THE RSA ALGORITHM 35

2.2.5 DIGITAL CERTIFICATES 40

2.2.6 HASHING AND DIGITAL SIGNATURES 49

Chapter 3 Understanding the TCP/IP Protocol Suite 53

3.1 FRAME FORMATION 53

3.1.1 HEADER SEQUENCING 54

3.1.2 SEGMENTS AND DATAGRAMS 54

3.1.3 ICMP MESSAGES 55

3.1.4 ON THE LAN 56

3.1.5 DATAFLOW CONTROL FIELDS 56

3.2 THE NETWORK LAYER 57

3.2.1 THE IPV4 HEADER 57

3.2.2 SUBNETTING 61

3.2.3 THE SUBNETMASK 63

3.2.4 THEWILDCARDMASK 63

3.2.5 ICMP 65

3.3 THE TRANSPORT LAYER 69

3.3.1 TRANSPORT LAYER PROTOCOLS 69

3.3.2 THE TCP HEADER 69

3.3.3 THE UDP HEADER 70

3.3.4 SOURCE AND DESTINATION PORT FIELDS 71

3.4 PROXY SERVICES AND NETWORK ADDRESS TRANSLATION 73

3.4.1 PROXY SERVICE 73

3.4.2 NETWORK ADDRESS TRANSLATION 74

3.4.3 TYPES OF ADDRESS TRANSLATION 75

3.4.4 VPN CONSIDERATIONS 76

Chapter 4 Layer 2 Operations 79

4.1 THE POINT-TO-POINT PROTOCOL 79

4.1.1 COMPONENTS 79

4.1.2 PPP ENCAPSULATION 80

4.1.3 LINK CONTROL PROTOCOL OPERATIONS 83

4.1.4 MULTILINK PPP 89

4.2 POINT-TO-POINT TUNNELING PROTOCOL 90

4.2.1 IMPLEMENTATIONMODELS 90

4.2.2 NETWORKING FUNCTIONS 93

4.2.3 ESTABLISHING THE PPTP TUNNEL 95

4.2.4 PPTP ENCAPSULATED PACKETS 95

4.2.5 THE PPTP CONTROL CONNECTION PACKET 96

4.2.6 CONTROL CONNECTION PROTOCOL OPERATION 111

4.2.7 PPTP DATA TUNNELING 112

4.3 LAYER TWO FORWARDING 115

4.3.1 EVOLUTION 115

4.3.2 OPERATION 115

4.3.3 THE L2F PACKET FORMAT 116

4.3.4 TUNNEL OPERATIONS 118

4.3.5 MANAGEMENTMESSAGES 119

4.4 LAYER TWO TUNNELING PROTOCOL 119

4.4.1 OVERVIEW 120

4.4.2 ARCHITECTURALMODELS 120

4.4.3 THE L2TP PACKET FORMAT 121

4.4.4 CONTROLMESSAGES 124

4.4.5 PROTOCOL OPERATIONS 127

Chapter 5 Higher Layer VPNs 133

5.1 UNDERSTANDING IPSEC 133

5.1.1 OVERVIEW 134

5.1.2 TOPOLOGIES SUPPORTED 134

5.1.3 SPECIFYING SESSION PARAMETERS 135

5.1.4 THE SPI 137

5.1.5 PROTOCOLS 137

5.1.6 AUTHENTICATION HEADER 139

5.1.7 ENCAPSULATING SECURITY PAYLOAD 142

5.1.8 OPERATIONS 146

5.1.9 KEYMANAGEMENT 152

5.2 WORKING WITH IPSEC 157

5.2.1 CONFIGURING IPSEC POLICIES 157

5.2.2 ADDING THE IPSEC SNAP-IN 158

5.2.3 CREATING AN IPSEC POLICY 161

5.2.4 WORKING WITH IPSEC FILTERS 172

5.3 SSL AND TLS 187

5.3.1 RATIONALE FOR SSL 187

5.3.2 OVERVIEW OF SSL 188

5.3.3 SSL OPERATION 190

5.3.4 MESSAGE EXCHANGE 190

5.3.5 CIPHER SUITES 194

5.3.6 THE NETILLA SECURITY PLATFORM 197

5.3.7 SUMMARY 201

Chapter 6 VPN Hardware and Software 203

6.1 USING THE ASANTE VPN SECURITY ROUTER 203

6.1.1 OVERVIEW 204

6.1.2 CONFIGURATION ACCESS 204

6.1.3 WIRELESS CONSIDERATIONS 205

6.1.4 VPN OPERATIONS 209

6.1.5 CLIENT-TO-NETWORK 215

6.2 WINDOWS VPN SOFTWARE 216

6.2.1 USING AWINDOWS XP CLIENT 217

6.2.2 CREATING THE VPN 217

6.3 WORKING WITHWINDOWS 2000 SERVER 233

6.3.1 INSTALLING RRAS 234

6.3.2 ENABLING RRAS 234

6.3.3 CONFIGURING RRAS 239

6.3.4 CREATING A TEST ACCOUNT 254

6.3.5 TESTING THE CONNECTION 256

Chapter 7 Service Provider-Based VPNs 261

7.1 RATIONALE FOR USE 262

7.1.1 ECONOMICS 262

7.1.2 PERSONNEL LIMITATIONS 263

7.1.3 RELIABILITY 264

7.1.4 COMMUNICATIONS UNITY 265

7.1.5 MANAGEMENT 266

7.1.6 INSTALLATION AND SUPPORT 266

7.1.7 PACKAGED SECURITY 267

7.2 TRANSPORT FACILITIES AND VPN OPERATION 267

7.2.1 HARDWARE-BASED SWITCHING 268

7.2.2 SOFTWARE-BASED SWITCHING 269

7.3 SERVICE LEVEL AGREEMENTS 271

7.3.1 SLAMETRICS 271

7.3.2 SLA LIMITATIONS 275

7.4 VPN SERVICE PROVIDER OVERVIEW 276

7.4.1 AT&T CORPORATION 277

7.4.2 LEVEL 3 COMMUNICATIONS 279

7.4.3 SPRINT 279

7.4.4 VERIZON 280

Appendix A VPN Checklist 283

Index 287

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)