Virtual threats. The biggest challenge in wireless network

 

 

 

 

 

 

Virtual
Private Network (VPN)

 

By

Best services for writing your paper according to Trustpilot

Premium Partner
From $18.00 per page
4,8 / 5
4,80
Writers Experience
4,80
Delivery
4,90
Support
4,70
Price
Recommended Service
From $13.90 per page
4,6 / 5
4,70
Writers Experience
4,70
Delivery
4,60
Support
4,60
Price
From $20.00 per page
4,5 / 5
4,80
Writers Experience
4,50
Delivery
4,40
Support
4,10
Price
* All Partners were chosen among 50+ writing services by our Customer Satisfaction Team

Samir
Patel

 

 

                            

 

 

 

 

 

 

Professor
Stan J. Senesy

IT
620

December
7th 2017

 

ABSTRACT

Security in
wireless networks is an interesting subject for over many years. Security has
been the biggest issue these days as the attacks are increasing every year.
Organizations are facing the biggest challenges in securing their
infrastructure which can protect against the security threats. There has been
an enormous interest in designing the secure wireless network that can defend
against these threats. The biggest challenge in wireless network is to secure
the transactions of data which are transmitted over radio frequency. Transmission
of data over radio frequency introduces new opportunities for eavesdropping
into the network which results in unauthorized access.

Virtual Private Network (VPN) has
been developed as a crucial solution in protecting against the security threats
within the use of public networks for private communications. VPN is the best
security solution being used in open standards based technologies to address
any security holes. It provides security in the Wireless LAN by integrating a
set of authentication, encryption, access control, and session management
components. The two main methods of VPN; Internet Protocol Security (IPsec) and
Secure Sockets Layer (SSL) are being utilized on Enterprise’s Wireless
Networks. Both methods differ in terms of the function they serve as well the
underlying technologies used. The key thing is to decide which method to
consider during the designing of Enterprise’s infrastructure that can provide
reliability and security to best protect against security breaches.

 

INTRODUCTION

            Security is a critical factor in the design and
deployment of wireless networks. Security issues are the main concerns for the
businesses as the wireless data LANs are deployed on the infrastructures. Wireless
data transmits over radio frequency which introduces new opportunities for
eavesdropping in the wireless communications. The data can be breached with a
suitable transceiver within the range of the communication. It makes an easier
way to eavesdrop on the data passing through the radio waves. Wireless network
offers a platform for an attacker to compromise data transmitting over wireless
devices without requiring any physical arrangements. The interception over the
network to capture all of the traffic transmitting through multiple devices has
become a crucial factor in the security. Therefore, businesses need to
implement efficient technology that can protect against wireless network
breaches.

            Virtual Private Network (VPN) has been introduced as a viable
solution that builds a secure and private communications over public network
infrastructures. VPN essentially creates a secure tunnel between a public and
private network with the use of encryption methods to transmit the data. A
tunnel uses cryptographic techniques to prevent other transmitter to intercept
the data being transmitted over the network. VPN leverages the use of different
types of protocol to provide scalability and security for the enterprise to
secure the wireless LAN networks. The most common types of protocols used in
the implementation of VPN are IPsec and SSL. IPsec functions primarily at a
network layer and SSL functions at an application layer. They both provide a
valid solution for securing remote access over wireless networks but it is
important in the way they can be strategically design to secure the transmitted
data over the networks as well as provide benefits to businesses.  

ANALYSIS

The
main factor in the leveraging the use of VPN is to provide a secure remote
connection from public network to communicate with private network. IPsec and
SSL both provide the functionalities that facilitate a secure connection but in
different ways. IPsec protocol requires a company provided VPN client on the
public device to initiates a session while SSL can be used with any client.
IPsec supports all IP based application and SSL supports any browser based
applications (See Figure 1).

Both of these technologies
employs standard based encryption and authentication techniques to secure
access over the network. They both differ (See Figure 2) in the terms of the
way they can be implemented depending upon the requirements of the businesses.

 

Figure 2. Comparison
between IPsec vs SSL

                IPsec
operates at network layer which provides access to entire enterprise network.
It typically requires a VPN client installed on a local device which connects
to the firewall or VPN gateway of enterprise network and initiates an Internet key
exchange (IKE). The flow of the connection is the user gets authenticated with
enterprise network and a tunnel is created between two networks. The packets
transmitting over the networks are encrypted which provides data
confidentiality and integrity. IPsec leverages the use of cryptography standards
such as 3DES, MD5, and SHA for authenticating packets and encrypting data. IKE
can be used with digital certificates to provide two way authentications. IPsec
is generally a main choice during a site-to-site implementation.

            SSL operates at
application layer which provide access to enterprise network from anywhere. SSL
leverages the same cryptographic standards as IPsec; however, it provides direct
access to web based application rather than internal network. Any browser that
supports SSL encryption can be used to initiate remote access connectivity. SSL
uses cipher suites to define cryptographic functions for both parties to use
during communications. SSL VPN gateway authenticates to web server using SSL
server by signing a trusted Certification Authority certificate. SSL is
generally considered when a connection needs to be made with web based
application or services running on enterprise’s network.

            IPsec and SSL are both intended to be used for same
purpose. They both provide a great source of functionalities in securing the
wireless data flow over public networks. Their major difference between the two
VPN protocols is the security protection they provide. Companies decide to choose
the effective protocol to implement is primarily based upon the security
aspects of both protocols. The major security components considered are the
encryption and authentication methods. They both use the same encryption
methods but different algorithms. Both protocols utilize the robust security protocols
and methods but the decision to choose should be based on the company’s
requirements.

            VPN can be implemented with many other protocols:
however, IPsec and SSL are the main being leveraged in many industries. The
suggestion in choosing the one that can provide the best security measures
depends on the business requirements. IPsec is complex and connects more sites
together. IPsec VPN should be used in situations where the connection needs to
be run 24×7. SSL VPN should be used in situations where mobile use within the
organization is much needed. IPsec requires a VPN client which cannot be used
with mobile. In the situation like this, SSL is much more ideal as it
authenticates the user within SSL enabled browser within the devices. They both
should be implemented when designing Enterprise infrastructure as it adds an
extra layer of security within the environment.

CONCLUSION

                  VPN
is a powerful technology in terms of securing the environment. Regardless of which
method to use in implementation, VPN should be implemented as a part of a defense
in depth strategy that utilizes comprehensive policies and varieties of network
security policies. Wireless LAN network within the businesses leverages
majority of their transactions. The data being transmitted over public network
should be well protected to provide efficiency in the way the businesses run. Attacks
are growing in numbers and wireless network is the first line that provides the
entries for attacker to get into the private network. VPN doesn’t secure all
the aspects of the wireless network; however, it is the main method that
provides an extra layer of security within the company’s environment. The main
goal for them is to implement the securities within their infrastructure that
is reliable and best suites the needs of today’s world.

REFERENCES

 

IPSec vs. SSL: Why
Choose?. (2017). ebook Woburn: An OpenReach Backgrounder Comparing VPN
Technologies. Available at:
https://pdfs.semanticscholar.org/6b7f/c468155115b5ac42fd0e7c5d1c5a91ece4d7.pdf
Accessed 9 Dec. 2017.

Greene, T. (2017). IPSec
vs. SSL VPNs. online Network World. Available at:
https://www.networkworld.com/article/2287584/lan-wan/ipsec-vs–ssl-vpns.html
Accessed 10 Dec. 2017.

SearchEnterpriseWAN. (2017). Which VPN should your business network implement?. online
Available at:
http://searchenterprisewan.techtarget.com/tutorial/Which-VPN-should-your-business-network-implement
Accessed 11 Dec. 2017.

SearchSecurity. (2017). Tunnel
vision: Choosing a VPN — SSL VPN vs. IPSec VPN. online Available at:
http://searchsecurity.techtarget.com/feature/Tunnel-vision-Choosing-a-VPN-SSL-VPN-vs-IPSec-VPN
Accessed 12 Dec. 2017.

Lifewire. (2017). Not
Sure Whether to Use IPSec or SSL for VPN Connectivity? Read This. online
Available at: https://www.lifewire.com/vpns-ipsec-vs-ssl-2486720 Accessed 12
Dec. 2017.

SearchSecurity. (2017).
IPSec VPN vs. SSL VPN: Comparing respective VPN security risks. online
Available at:
http://searchsecurity.techtarget.com/tip/IPSec-VPN-vs-SSL-VPN-Comparing-respective-VPN-security-risks
Accessed 11 Dec. 2017.

Ferrigni, S. (2003). SSL
Remote Access VPNs Is this the end of IPSec?. ebook SANS Institute
InfoSec Reading Room. Available at: https://www.sans.org/reading-room/whitepapers/vpns/ssl-remote-access-vpns-ipsec-1285
Accessed 10 Dec. 2017.

SearchNetworking. (2017).
IPsec vs. SSL VPNs: Understanding the basics. online Available at:
http://searchnetworking.techtarget.com/feature/IPsec-vs-SSL-VPNs-Understanding-the-basics
Accessed 12 Dec. 2017.

Impact of Implementing
VPN to Secure Wireless LAN. (2009). ebook World Academy of Science,
Engineering and Technology International Journal of Electronics and
Communication Engineering. Available at:
http://waset.org/publications/9220/impact-of-implementing-vpn-to-secure-wireless-lan
Accessed 9 Dec. 2017.

Wei Qu and S. Srinivas, “IPSec-based secure wireless virtual private network,” ebook MILCOM
2002. Proceedings, 2002, pp. 1107-1112 vol.2. Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp==1179632=26490
Accessed 9 Dec. 2017.