2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet508/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   504   505   506   507   508   509   510   511   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

IP Security Protocol
The most commonly used VPN protocol is now IPsec. 
IP Security (IPsec)
is both a stand-
alone VPN protocol and the security mechanism for L2TP, and it can be used only for IP 
traffic. IPsec consists of the security elements of IPv6 crafted into an add-on package for 
IPv4. IPsec works only on IP networks and provides for secured authentication as well as 
encrypted data transmission. IPsec has two primary components, or functions:
Authentication Header (AH)

AH provides authentication, integrity, and nonrepudiation.


Encapsulating Security Payload (ESP)

ESP provides encryption to protect the confiden-


tiality of transmitted data, but it can also perform limited authentication. It operates at the 
Network layer (layer 3) and can be used in transport mode or tunnel mode. In transport 
mode, the IP packet data is encrypted but the header of the packet is not. In tunnel mode, 
the entire IP packet is encrypted and a new header is added to the packet to govern trans-
mission through the tunnel.
Table 12.1 illustrates the main characteristics of VPN protocols.
TA b l e 12 .1
VPN characteristics
VPN 
Protocol
Native 
Authentication 
Protection
Native Data 
Encryption
Protocols 
Supported
Dial-Up Links 
Supported
Number of 
Simultaneous 
Connections
PPTP
Yes
No
PPP
Yes
Single point-
to-point
L2F
Yes
No
PPP/SLIP
Yes
Single point-
to-point
L2TP
Yes
No (can use 
IPsec)
PPP
Yes
Single point-
to-point
IPsec
Yes
Yes
IP only
No
Multiple
The VPN protocols which encapsulate PPP are able to support any subprotocol compatible with PPP, which 
includes IPv4, IPv6, IPX, and AppleTalk.

Virtual Private Network 
545
A VPN device is a network add-on device used to create VPN tunnels separately from 
server or client OSs. The use of the VPN devices is transparent to networked systems.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   504   505   506   507   508   509   510   511   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish