Chapter 17. Configuring Tunnels for Secure Packet Exchange

Most enterprises these days have geographically dispersed workforces. Those workers not located at corporate headquarters, though, still need access to the same tools, applications, and data as the rest of the employees. You need a way to connect up satellite offices to corporate headquarters, using a carrier's network as the transit vehicle.

But just because a site is remote doesn't mean that it can be less secure. The requirements go well beyond simple access; you must provide a secure means by which you can transmit and receive sensitive information. That means is through the use of secure tunnels. By encrypting traffic before sending it through the Internet, you can ensure that your company's data assets aren't compromised.

Getting an Overview of Secure Tunnels

In today's corporate networks, it's becoming increasingly common to have one or more satellite offices connected to a central corporate headquarters. These satellite offices have the exact same needs as the devices and users connected directly to the corporate network (see the sample topology of Figure 17-1). They need fast, reliable, and secure access to data that resides on the same servers and in the same data centers.

The networks depicted in Figure 17-1 are all TCP/IP networks. That is, they're interconnected using IP protocols such as OSPF and BGP. As you now know, IP protocols are tremendously powerful when it comes to exchanging information. They assist in ...

Get JUNOS® FOR DUMMIES® now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.