Technical Proposal IPSec VPN Implementation

Version 1.1
 Technical Proposal IPSec VPN Implementation

1. Contents

1. Contents ... 1

2. About this Document ... 2

2.1 Scope of Work ... 2

3. Technology Overview ... 3

4. Detail Diagram ... 4

5. Execution Plan ... 5

www.multi.net.pk Page 1
 Technical Proposal IPSec VPN Implementation

2. About this Document

Author: Noname
(Designation)

Version No: Issue Date Status Reason For Change

1.1 27-Feb-15 Draft Initial Document

Scope of Work:

Basically, this proposal is designed for the implementation of an Internet Protocol Security
(IPsec) Virtual Private Network (VPN) to provide optimum security between a streaming server
and a client.

For this purpose, a couple of 3725 series Cisco routers would be installed at the server and client
sites over the internet. A VPN would be established between the customer routers, providing
transparent path between the two sites.

The Cisco 3725 series router provide multiple encryption and hashing algorithms out of which
Advance Encrypted Standard (AES) and Secure Hash Algorithm (SHA) would be used as they
provide the strongest encoding method. Also, pre-shared key would be used as basic
Authentication to establish the connection.

www.multi.net.pk Page 2
 Technical Proposal IPSec VPN Implementation

3. Technology Overview

Internet Protocol Security Virtual Private Network (IPsec-VPN)

IP Security (IPSec) Virtual Private Networks (VPNs) is a method for transferring data across
public, intermediary networks, such as the Internet over a private and secure medium.

A VPN enables a company to securely share data and services between disparate locations at
minimal cost. A VPN provides following benefits:

Cost savings
Encrypted traffic
Easy network expansion
Data encapsulation
Simplicity

IPsec uses the following protocols to perform various functions:

Authentication Headers (AH): It provides connectionless integrity and data origin

Encapsulating Security Payloads:
Security Associations (SA):
authentication
It provides confidentiality, data-origin
Authentication and connectionless integrity
It provide the bundle of algorithms and data that
provide the parameters necessary for AH and/or
ESP operations

Cryptographic Algorithms

SHA: The Secure Hash Algorithm is a family of cryptographic hash functions. It provides a
160-bit hash function.

AES: The Advanced Encryption Standard (AES) is a specification for the encryption of
electronic data.

www.multi.net.pk Page 3
 Technical Proposal IPSec VPN Implementation

4. Detail Diagram

Public Network
IPSec Tunnel

VPN Router1 VPN Router2

Branch Office Head Office

www.multi.net.pk Page 4
 Technical Proposal IPSec VPN Implementation

5. Execution Plan

The execution of this plan would begin once the proposal gets accepted.

If there is any further assistance or confusion that relates to this proposal it can be addressed
immediately and would be catered accordingly for swift execution.

www.multi.net.pk Page 5