Book description
The definitive design and deployment guide for secure virtual private networks
Learn about IPSec protocols and Cisco IOS IPSec packet processing
Understand the differences between IPSec tunnel mode and transport mode
Evaluate the IPSec features that improve VPN scalability and fault tolerance, such as dead peer detection and control plane keepalives
Overcome the challenges of working with NAT and PMTUD
Explore IPSec remote-access features, including extended authentication, mode-configuration, and digital certificates
Examine the pros and cons of various IPSec connection models such as native IPSec, GRE, and remote access
Apply fault tolerance methods to IPSec VPN designs
Employ mechanisms to alleviate the configuration complexity of a large- scale IPSec VPN, including Tunnel End-Point Discovery (TED) and Dynamic Multipoint VPNs (DMVPN)
Add services to IPSec VPNs, including voice and multicast
Understand how network-based VPNs operate and how to integrate IPSec VPNs with MPLS VPNs
Among the many functions that networking technologies permit is the ability for organizations to easily and securely communicate with branch offices, mobile users, telecommuters, and business partners. Such connectivity is now vital to maintaining a competitive level of business productivity. Although several technologies exist that can enable interconnectivity among business sites, Internet-based virtual private networks (VPNs) have evolved as the most effective means to link corporate network resources to remote employees, offices, and mobile workers. VPNs provide productivity enhancements, efficient and convenient remote access to network resources, site-to-site connectivity, a high level of security, and tremendous cost savings.
IPSec VPN Design is the first book to present a detailed examination of the design aspects of IPSec protocols that enable secure VPN communication. Divided into three parts, the book provides a solid understanding of design and architectural issues of large-scale, secure VPN solutions. Part I includes a comprehensive introduction to the general architecture of IPSec, including its protocols and Cisco IOS® IPSec implementation details. Part II examines IPSec VPN design principles covering hub-and-spoke, full-mesh, and fault-tolerant designs. This part of the book also covers dynamic configuration models used to simplify IPSec VPN designs. Part III addresses design issues in adding services to an IPSec VPN such as voice and multicast. This part of the book also shows you how to effectively integrate IPSec VPNs with MPLS VPNs.
IPSec VPN Design provides you with the field-tested design and configuration advice to help you deploy an effective and secure VPN solution in any environment.
This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.
Table of contents
- About This eBook
- Title Page
- Copyright Page
- About the Authors
- About the Technical Editors
- Dedications
- Acknowledgments
- Contents at a Glance
- Contents
- Icons Used in This Book
- Command Syntax Conventions
- Introduction
- Chapter 1. Introduction to VPNs
- Chapter 2. IPSec Overview
- Chapter 3. Enhanced IPSec Features
- Chapter 4. IPSec Authentication and Authorization Models
- Chapter 5. IPSec VPN Architectures
-
Chapter 6. Designing Fault-Tolerant IPSec VPNs
-
Link Fault Tolerance
- Backbone Network Fault Tolerance
- Access Link Fault Tolerance
- Access Link Fault Tolerance Summary
- IPSec Peer Redundancy
- Simple Peer Redundancy Model
- Virtual IPSec Peer Redundancy Using HSRP
- IPSec Stateful Failover
- Peer Redundancy Using GRE
- Virtual IPSec Peer Redundancy Using SLB
- Server Load Balancing Concepts
- IPSec Peer Redundancy Using SLB
- Intra-Chassis IPSec VPN Services Redundancy
- Summary
-
Link Fault Tolerance
- Chapter 7. Auto-Configuration Architectures for Site-to-Site IPSec VPNs
- Chapter 8. IPSec and Application Interoperability
- Chapter 9. Network-Based IPSec VPNs
- Index
- Code Snippets
Product information
- Title: IPSec VPN Design
- Author(s):
- Release date: March 2005
- Publisher(s): Cisco Press
- ISBN: 1587051117
You might also like
book
MPLS and VPN Architectures, CCIP™ Edition
Prepare for CCIP certification as you learn to design and deploy MPLS-based VPNs Assists in preparation …
book
SSL Remote Access VPNs
SSL Remote Access VPNs An introduction to designing and configuring SSL virtual private networks Jazib Frahim, …
book
MPLS and VPN Architectures, Volume II
Master the latest MPLS VPN solutions to design, deploy, and troubleshoot advanced or large-scale networks With …
book
MPLS and VPN Architectures
A practical guide to understanding, designing, and deploying MPLS and MPLS-enabled VPNs In-depth analysis of the …