lecture 16 page 1 advanced network security perimeter defense in networks: virtual private networks...
TRANSCRIPT
Lecture 16Page 1Advanced Network Security
Perimeter Defense in Networks: Virtual Private Networks
Advanced Network Security Peter ReiherAugust, 2014
Lecture 16Page 2Advanced Network Security
Outline
• Another aspect of the perimeter defense problem
• Virtual private networks
– What are they?
– How do they handle this problem?
– Their practical use
Lecture 16Page 3Advanced Network Security
Another Aspect of the Problem• What if you need to work across the
Internet?• You want to get the same protection on both
ends that firewalls would give• But those running the Internet won’t install
firewalls for you• So there’s an untrusted hole in your
perimeter
Lecture 16Page 4Advanced Network Security
Illustrating the Problem
Your Los Angeles office
Your Saigon office
Your Los Angeles firewall
Your Saigon firewall
The Internet
SAFE! SAFE!
No firewall
NOTSAFE!
Lecture 16Page 5Advanced Network Security
Cryptography to the Rescue
• We can’t ensure bad guys don’t see the packets we send outside our firewalls
• But we can ensure they don’t understand them and can’t alter them
• We can use cryptography to do that
• Essentially, a different way to provide perimeter defense
– When physical boundaries don’t apply
Lecture 16Page 6Advanced Network Security
How To Do That?
• Encrypt all traffic between our trusted endpoints
– Literally everything
• For preference, even hide sender and receiver information
– To prevent attackers from knowing details of our networks
Lecture 16Page 7Advanced Network Security
Virtual Private Networks• VPNs• The formal name for the solution we
just outlined• A dedicated virtual closed network • Running across an untrusted open
network• Security provided by cryptography
Lecture 16Page 8Advanced Network Security
Encryption and Virtual Private Networks
• Use encryption to convert a shared line to a private line
• Set up a firewall at each installation’s network
• Set up shared encryption keys between the firewalls
• Encrypt all traffic using those keys
Lecture 16Page 9Advanced Network Security
Actual Use of Encryption in VPNs
• VPNs run over the Internet
• Internet routers can’t handle fully encrypted packets
• Obviously, VPN packets aren’t entirely encrypted
• They are encrypted in a tunnel mode
– Often using IPSec
• Gives owners flexibility and control
Lecture 16Page 10Advanced Network Security
Key Management and VPNs• All security of the VPN relies on key secrecy• How do you communicate the key?
– In early implementations, manually– Modern VPNs use IKE or proprietary key
servers• How often do you change the key?
– Better be often– And better be largely automated
Lecture 16Page 11Advanced Network Security
Some Other VPN Issues
• Interactions between VPNs and firewalls
• New models of VPN deployment
Lecture 16Page 12Advanced Network Security
VPNs and Firewalls
• VPN encryption is typically done between firewall machines– VPN often integrated into firewall product
• Do I need the firewall for anything else?• How much do I trust the remote office . . .?• Remember, you must not only trust honesty
– You must also trust caution
Lecture 16Page 13Advanced Network Security
Placing the Firewall Outside the VPN
• Placing the firewall “outside” the VPN is pointless
– Traffic is encrypted, at that point
– Also, true IP addresses, ports, etc. are hidden by the tunneling
– Can’t usefully analyze packets here
Lecture 16Page 14Advanced Network Security
Placing the Firewall Inside the VPN
• Meaning, after the VPN encryption has been removed
• And the tunneling undone
• Allows firewall to analyze the packets that would actually be delivered
• “Inside” means “later in same box” usually
– One machine handles both VPN and firewalls
Lecture 16Page 15Advanced Network Security
New Models of VPNs
• Original model sets up VPN between two endpoints
– Static endpoints
– Semi-permanent VPN
• Modern needs have suggested other ways to use VPNs
Lecture 16Page 16Advanced Network Security
VPNs and Portable Computing• Increasingly, workers connect to
offices remotely
– While on travel
– Or when working from home
• We can use VPNs to offer a secure solution
Lecture 16Page 17Advanced Network Security
Securing the Mobile Worker• Set up VPN software on his computer
• Capturing all incoming/outgoing packets
• Applying encryption
• Using a key shared with the home office
• Wherever the user goes, his VPN endpoint goes with him
Lecture 16Page 18Advanced Network Security
Temporary VPNs
• What if a group of users want to communicate securely?
• They’ve never done so before
• They might never do so again
• They will never meet in person
• They want it set up quickly
Lecture 16Page 19Advanced Network Security
Arranging a Temporary VPN• Get the same VPN software to all
participants
• Securely set up a key distributed to all of them
• For the period of the conversation, send just relevant packets through VPN
• Throw it all away when you’re done
Lecture 16Page 20Advanced Network Security
Practical Use of Temporary VPNs
• Often set up by video/teleconferencing companies• Using a web interface for
– Administration– Software distribution– Key distribution
• Requires customers to trust that company– SW could be bogus– Key distribution could be bugged– They claim, of course, they don’t do that
Lecture 16Page 21Advanced Network Security
Major Security Issues for Temporary VPNs
• Key distribution
– Typically want to distribute same symmetric key to all
• Authentication
– How does everyone know that the other participants are proper
• Bogus software
• Compromised user machines
Lecture 16Page 22Advanced Network Security
How It Usually Works• Clients get access from any machine• Using downloaded code
– Connect to web server, download VPN applet, away you go
– Crypto usually leverages existing SSL code– Authentication via user ID/password– Implies you trust the applet . . .