Networks are inherently insecure for sensitive professional and personal data. Still we use networks for sharing data. How to deal with protecting data in an insecure network environment that is the topic of discussion of this report. In this report we have discussed about the problem and one possible solution.
Networks are built for information sharing through exchange of data. Today, in every aspect of our life, networks and technologies are used heavily. In our day-to-day work we also use networks and Internet. Risks of information security is inherent to the concept of network. When data is in transit through a network or stores in networked environment like cloud based data centres, those are not totally secures. There are high risks of loss of data. Several policies, strategies and measures should be taken by individuals and organisations in data transfer in a networked environment.
This problem is inherent to the concepts of networks. So it can be said these security risks were present just after the networks were implemented. We are using networks and Internet for more than 2/3 decades. In initial days, the use of internet or networks were not so wide spread, still these were present. However the interesting part is, till now the problem is present. Till now information are not secured in network environment. The problems are still present and none can claim that those will be removed completely within next few years. There are several security implementation, policies, measurements etc. to protect information in network environment. The mostly recommended one is Encryption. The data to be shared in network environment should be encrypted using some suitable technique. Virtual Private networks with tunnelling is one of such mechanism that secures data while transmission through a network.
Virtual private networks can be set up to get access to remote resources. It is a virtual network built on public network like Internet with some security implementation. Most businesses uses this mechanism to get connected to the branch offices at remote locations from head offices. (Stewart, 2013)
The typical structure of a VPN can be thought as the following illustration,
1: VPN with Tunnelling [Source (Internet, n.d.)]
The systems at the end points of a VPN tunnel executes all encryption and decryption of data. Encryption is possible through pair of public or private keys. However, in VPNs more than those is required. VPN uses protocols such as IPSec or Internet Protocol Security, GRE or Generic Routing Encapsulation etc.
IPSec provides secure traffic through tunnels using encryption between network devices connected to the tunnel.IPSec has two modes of encryption. Those are transport mode and tunnel mode. Devices encrypt data while transmission in between those in transport mode while in tunnel mode same is done through tunnels of VPN. Though in practice VPNs use PPP protocol in tunnel mode (Stewart, 2013). There are two protocols under IPSec, those are,
· ESP or Encapsulated Security Payload: The payload packets are encrypted by ESP with a symmetric key.
· AH or Authentication Header: Packet header information can be hidden by this protocol until a packet reaches its destination.
On the other hand, GREhelps to include packet and connection related information while encapsulation of the packet.
Usually IPSEC in tunnel more along with ESP and AH work together in VPNs.
Implementation of a secured VPN is not a longer process. The duration mostly depends on the complexity of the network.
The deliverables of this project is a secured VPN network.
In this discussion we have defined the notion of security and protection of data in a networked environment. The origin of the problem, its current status etc. Following the discussion we have discussed about a technique to protect data in a network using encryption, called VPN and tunnelling in details. You are allowed to use diagrams, tables, and plots/figures, whatever you think it is useful to make your arguments/analysis clear.</p>
: You continue on from your assignment 1 and 2, in which you have selected a topic and implemented the proposed security system or protocol. Now it is time for you to write a project report that is based on extensive reading and understanding of this particular topic. The project report consists at least 5 sections, plus an abstract and reference section.</p>
2) Literature review/background
3) Problem and existing solutions
(4) Methodology and system analysis
It is a report on the security implementation of the proposed network application.
Normally it demonstrates that you strive hard to apply one or more network security techniques you learned from this course to make your network application secure. Therefore your report must highlight
what network application you try to secure
what security technology you used or developed
how did you used the mentioned technology in the implementation
demonstrate the security of the network application has been improved