SSL VPN in Cisco Router

Comming Soon

IPSec VPN in Cisco Router

Comming Soon

AH&ESP in IPSec

Uses of Authentication Header (AH)

• Provide Authentication Services
• Verifies the originator of a message
• Verifies that data has not been changed on routing

Uses of Encapsulating Security Payload (ESP)

• Encrypted the IP datagram
•  AH ensures integrity but not privacy

    Example of AH&ESP

   #ah-md5-hmac AH-HMAC-MD5 transform  

   #ah-sha-hmac AH-HMAC-SHA transform  

   #esp-3des ESP transform using 3DES(EDE)cipher (168 bits) 

   #esp-des ESP transform using DES cipher (56 bits) 

   #esp-md5-hmac ESP transform using HMAC-MD5 auth 

   #esp-null ESP transform w/o cipher 

   #esp-sha-hmac ESP transform using HMAC-SHA auth 

   Command in CISCO Router

   Config(config)# crypto ipsec transform-set CorpHQ-vpn esp-3des esp-md5-hmac

   Config(config)# mode (tunnel or transport) 

Hash Function & MD5

Hash Function

   Hash Function is a mathematical function that converts a large, variably-sized data into a small datum. There are many hash function algorithms
(1) MD5
(2) SHA-1 , SHA-2 SHA-3 (Secure Hash Algorithm)

-----------------------------------------------------------------------------------

MD5 Algorithm

An algorithm created in 1991 by Professor Ronald Rivest that is used to create digital signatures. It is intended for use with 32 bit machines and is safer than the MD4 algorithm, which has been broken. MD5 is a one-way hash function, meaning that it takes a message and converts it into a fixed string of digits, also called a message digest.

Hash Function of MD5 uses IPSEC over GRE in CISCO Router

Data Encryption Standard (DES)

Data Encryption Standard (DES)

(1) AES (Advanced Encryption Standard) replaced DES.
(2) Developed by IBM
(3) DES used standard arithmetic and logical operations on numbers up to 64 bits long.

DES uses IPSEC over GRE in CISCO Router

Cryptography

Cryptography

        Mathematical techniques that protect information with Encryption & Decryption.

There are two types of Encryption Methods.

(1) Symmetric Encryption

        -Used same keys

Symmetric Encryption

(2) Asymmetric Encryption

       -Used different Keys (one for Public Key  and one for Private Keys)

Asymmetric Encryption

Introduction of Network Security,

·        Security attacks means any attacker hack security information when any person or organization sharing their own information’s.

(1)    Passive attach cannot affect source information.

(2)    Active attach can affect source information

·        Security Mechanisms  designed to detect, prevent, or recover from attacker

·        Security Service means that uses one or more security mechanisms.

(1)    Used of Authentication Methods

(2)    Used of ACL