Scribd Logo
Upload

Welcome to Scribd!

  • Module - 13 - Securing Network Communications Using IPSec

    Uploaded by

    neevu
    10 views17 pages
    hi

    Original Title

    Module_13_Securing Network Communications Using IPSec

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    hi

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views17 pages

    Module - 13 - Securing Network Communications Using IPSec

    Uploaded by

    neevu
    hi

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 17

    Securing Network Communications Using IPSec

    Module – Securing Network Communications


    Using IPSec
    Overview
    Windows Server 2003 supports IPSec protocol for securing data that is
    transmitted over the network. IPsec is the most widely used protocol for data
    security. IPSec secures data by encrypting it and also adding a digital signature.
    Understanding the parameters of the IPSec helps in maintaining and
    troubleshooting the protocol.
    The module covers the following 4 lessons:
    Lesson 1 Securing Internetwork Communications – explains packet
    filtering as a means of verifying network packets. It also explains the packet
    filtering techniques supported by Windows Server 2003.
    Lesson 2 Planning an IPSec Implementation – explains the working of an
    IPSec protocol. It also explains the various protocols supported by IPSec and
    its modes of operation.
    Lesson 3 Deploying IPSec – explains the different components of IPSec
    and the steps in its deployment. It also explains the default policies supported
    by Windows Server 2003 and the elements of an IPSec policy.
    Lesson 4 Troubleshooting Data Transmission Security – explains IPSec
    policy mismatches and the steps in troubleshooting them.
    © 2006 IIHT Limited
    Securing Network Communications Using IPSec

    Lesson 1 – Securing Internetwork


    Communications
    Introduction
    In a network, the basic function of a server is to receive, process and transmit
    packets. However, some packets may be a part of harmful applications that when
    run on the server will cause damage to the running of the network. Hence, it is
    important to verify the packets before being processed. One method of
    processing the packets is through packet filtering. This lesson covers the
    following topics:
    Introduction to Packet Filtering
    Packet Filtering Criteria
    Windows Server 2003 Packet Filtering

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 1 – Introduction to Packet Filtering


    This topic explains the packet filtering process and the advantages
    of installing packet filtering services on a firewall.
    Packet filtering is a process that controls network access by examining
    packets that reach or go through the network interfaces
    A packet filtering service will filter packets based on:
    • IP addresses
    • Protocols
    • Port numbers
    Commonly used at the routers and firewalls, but can also be used within a
    network
    Routers usually have packet filtering service built in its application
    Advantages of installing packet filtering services on a firewall:
    • Separate routing and filtering services
    • Firewalls have advanced packet filtering services

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 2 – Packet Filtering Criteria


    This topic explains how to deploy a packet filter service and the
    criteria for packet filtering.
    Methods of deployment :
    • First, allow complete Internet access to the network. Then, filter the traffic
    that you do not want the network to access
    • First, block all Internet access to the network. Then, allow traffic that the
    network users can access
    Criteria for packet filtering:
    • Port Numbers
    • Protocol Identifiers
    • IP addresses
    • Hardware addresses
    © 2006 IIHT Limited
    Securing Network Communications Using IPSec

    Topic 3 – Windows Server 2003 Packet Filtering


    Windows Server 2003 supports two types of filtering techniques:
    TCP/ IP Packet Filtering - inclusive type of filtering that allows you to specify
    the type of TCP/IP traffic, based on port numbers and protocol
    RRAS Packet Filtering - comprehensive filtering tool that you can use when
    the Windows Server 2003 system is configured as a router

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Lesson 2 – Planning an IPsec Implementation


    Introduction
    IP Security (IPSec) is a method of securing Internetwork communications. It is
    the most widely used protocol for encrypting data. Additionally, it provides
    features against spoofing and data replay. In this lesson, you will learn about :the
    working of an IPSec protocol in these topics:
    Introducing IPSec
    IPSec Protocols
    Two modes of IPSec

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 1 – Introducing IPSec


    This topic introduces IPSec protocol and describes it basic working.
    Definition
    • IPSec is a protocol that encrypts IP data (or network traffic) and operates
    at the network layer.
    • IPSec encapsulates IP data
    IPSec protects your network against:
    • IP spoofing
    • Data modification
    • Data replay
    Basic working of an IPSec protocol
    • Authenticate source and destination computers before messages are
    transmitted
    • Encrypt data before transmission
    • Use digital signatures to verify the security of transmitted data
    © 2006 IIHT Limited
    Securing Network Communications Using IPSec

    Topic 2 – IPSec Protocols


    This topic explains the types of protocols supported by IPSec.
    IP Authentication Header (AH) protocol
    • Secures data by adding an AH to the IP datagram.
    • SME: AH header location diagram
    • SME: AH header format diagram
    IP Encapsulating Security Payload (ESP) protocol
    • A header and a trailer is attached to the data around the datagram
    payload.
    • SME: ESP header location diagram.
    • SME:ESP header format diagram

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 3 – Two Modes of IPSec


    IPSec functions in two modes – tunnel and transport.
    Tunnel mode
    • End systems do run IPSec protocols.
    • IPSec protocols are implemented be WAN routers to which the end
    systems are connected
    • Information exchanged between an end system and router is
    unprotected. Information between routers is encrypted.
    • Usually implemented for a VPN Connection.
    • SME :Tunnel mode packet picture
    Transport mode
    • End systems must support IPSec protocols
    • Not necessary for intermediate systems to support the IPSec protocols
    • Used to secure communication between computers on a network
    • SME :Tunnel mode packet picture
    © 2006 IIHT Limited
    Securing Network Communications Using IPSec

    Lesson 3 – Deploying IPSec


    Introduction
    IPSec is based on standards that are decided by the Internet Engineering Task
    Force (IETF). The standards specify the structure of the IPSec policy and how it
    should be implemented. These standards are supported and can be monitored
    using Windows Server 2003. In this lesson, you will learn about :
    Components of IPSec
    Planning an IPSec Deployment
    Using IPSec Policies

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 1 – Components of IPSec


    This topic explains the various components of IPSec.
    IPSec Policy Agent
    • Service that access IPSec policy information that is stored in the
    Windows registry or Active Directory
    Internet Key Exchange (IKE)
    • Protocol for generating Diffie-Hellman keys
    • Creates a security association
    IPSec Driver
    • Initiates secure network communication
    • Generates checksums
    • Constructs IP packets
    • Encrypts data for transmission
    © 2006 IIHT Limited
    Securing Network Communications Using IPSec

    Topic 2 – Planning an IPSec Deployment


    This topic explains the steps to be followed before deploying IPSec
    on the network.
    Determine the network traffic that is to be protected
    • Windows Server 2003 allows you to do this through packet filtering
    Determine the degree of protection
    • IPSec utilizes additional network bandwidth. So the degree of protection
    should depend on the amount of protection that the network can support
    Determine if the computers on the network can support IPSec protocols
    • Systems running on versions before Windows 2000 do not support IPSec

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 3 – Using IPSec Policies


    This topic provides procedures to manage IPSec policies from the
    MMC snap-in.
    Deploying IPSec policies on a network by assigning them as Active Directory
    Objects
    Activating IPSec policies
    Assigning IPSec policies
    Policies supported by Windows Server 2003:
    • Client (Respond Only)
    • Secure Server (Require Security)
    • Server (Request Security)
    Creating an IP Filter List, Filter Actions and Rules

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Lesson 4 – Troubleshooting Data Transmission


    Security
    Introduction
    If network communications do not take place due to IPSec, the main reason is
    due to non-compatible IPSec policies on different components of the network.
    Hence, the main step is in verifying whether the components are running on the
    same IPSec policies . In this lesson, you will learn about :
    Policy Mismatches
    Examining IPSec Traffic

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 1 – Policy Mismatches


    This topic explains ways of identifying and troubleshooting IPSec
    policy mismatch.
    Incompatible IPSec policies are the most common form of trouble faced in
    IPSec
    Identifying policy mismatch
    • Check the Security logs in the Event Viewer console. If a failed IKE
    negotiation is listed in the Security log, the IPSec problem is then caused
    by a policy mismatch
    Tools for troubleshooting IPSec policy mismatch:
    • IP Security Monitor snap-in
    • Resultant Set of Policy snap-in

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Topic 2 – Examining IPSec Traffic


    This topic discusses the Network Monitor Tool that is used to
    examine IPSec traffic in Windows Server 2003.
    Network Monitor allows you to capture IP packets and examine its header
    structure
    Network Monitor includes parsers for IKE, AH and ESP headers
    Examining packet information using the Network Monitor

    © 2006 IIHT Limited


    Securing Network Communications Using IPSec

    Conclusion
    Summary of the module
    Packet filter mechanism is based upon port numbers, IP addresses, hardware
    addresses and protocol identifiers
    Basic functions of an IPSec protocol include authentication, encryption and
    verification
    Two protocols supported by IPSec are: IP AH protocol and IP ESP protocol
    Components of an IPSec policy include an IPSec policy agent, IKE and an
    IPSec driver
    The default IPSec policies supported by Windows Server 2003 include Client
    (Respond Only), Secure Server (Require Security) and Server (Request
    Security)
    RSoP provides a more comprehensive list of data than IP Security Monitor to
    examine IPSec policies on the system
    You can use Network Monitor to examine IPSec traffic
    Question and Answer Session

    © 2006 IIHT Limited

    You might also like