IPsec Business

50 %
50 %
Information about IPsec Business
Entertainment

Published on April 16, 2008

Author: Amateur

Source: authorstream.com

Research Seminar on Telecommunications Business IPSEC BUSINESS:  Research Seminar on Telecommunications Business IPSEC BUSINESS Henri Ossi Contents:  Contents Introduction IPsec technology overview IPsec in mobile networks Market overview Software component manufacturing Vendor strategies Conclusion Introduction:  Introduction Everyone has secrets Traditional IP network is like a town hall Your secrets can be heard Possible to Forge Modify Inspect traffic IPsec technology overview 1/5:  IPsec technology overview 1/5 Set IETF protocols that provide Data source authentication Integrity Confidentiality (encryption) Protection against replay attacks at IP layer Traffic security protocols Authentication Header Encapsulated Security Payload (encryption) IPsec technology overview 2/5:  IPsec technology overview 2/5 Modes of operation Transport Tunnel (encapsulation) Security Association provides information How to protect What to protect With whom the protection is done Key management Internet Key Exchange negotiates SAs IPsec technology overview 3/5:  IPsec technology overview 3/5 TCP/UDP IP IPsec Internet Layer Secure IP packets TCP/UDP IP IPsec SA negotiations SA pair SA pair IPsec technology overview 4/5:  IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGW IPsec technology overview 4/5:  IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGW IPsec technology overview 4/5:  IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGW IPsec technology overview 4/5:  IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW Road Warrior IPsec technology overview 4/5:  IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGW IPsec technology overview 5/5:  IPsec technology overview 5/5 Original RFCs criticized for complexity Two modes of operation, two traffic security protocols Committee made compromises between Network systems design Cryptographic protocol design Addressed in current (2005) versions Optional AH Transport mode between SGWs IKE version 2 IPsec in mobile networks 1/3:  IPsec in mobile networks 1/3 3rd Generation Partnership Project (3GPP) Collaboration agreement Mobile phones to use IP for voice & data 3GPP Release 6 IP layer security implemented with IPsec Both IKE versions in use IPsec in mobile networks 2/3:  IPsec in mobile networks 2/3 IP layer in Network Domain Security IPsec and IKE Traffic between network elements IP based services IKEv2 authenticates MS and IMS IPsec tunnel for insecure protocols (SIP) IPsec in mobile networks 3/3:  IPsec in mobile networks 3/3 3GPP interwork with WLAN IPsec and IKEv2 Generic Access Network (GAN/UMA) WLAN access to 2G services Seamless handoff from GSM/GPRS to unlicensed spectrum IKEv2 authenticates subscriber IPsec tunnel between MS and GANC-SEGW What does it take to compete? Market overview 1/2:  Market overview 1/2 Multiple roles to take Software industry Provides software components to ... System integrators For example network equipment vendors Provide solutions to ... End users Other industries Consumers int main() …… …… Market overview 2/2:  Market overview 2/2 Market segments Consumer Network cards, ADSL modems, WLAN routers SME Security gateways, network devices Government Enterprise High bandwidth, failover support These affect the software requirements Software component manufacturing:  Software component manufacturing Software is an information product Expensive to produce first copy Sunk costs Cheap to reproduce => OEM value proposition: Price < customer’s development costs Integration time < customer’s development time Variable pricing Differences in willingness to pay Great deal of value in maintenance Vendor strategies 1/3:  Vendor strategies 1/3 Business customer classes Price-oriented Solution-oriented Total Cost of Ownership Gold-standard Quality, features and professional service Strategic-value Tight relationship Threat of vertical integration Vendor strategies 2/3:  Vendor strategies 2/3 Market not perfectly competitive Cost structure Basic strategies Cost leadership Economy of scale Product business Differentiation Added value through unique resources Project business Vendor strategies 3/3:  Vendor strategies 3/3 Target segment Market segment Business model Vendor strategy Price Solution Gold Strategic Consumer SME Government Enterprise Product Project Cost leadership Differentiation Conclusion:  Conclusion Best solution for IP layer security Common standard Complex IP convergence brings new opportunities Mobile networks Software is information Cost structure leads to variable pricing Two basic vendor strategies Questions?:  Questions? The floor is open

Add a comment

Related presentations

Related pages

IPsec – Wikipedia

IPsec (Kurzform für Internet Protocol Security) ist eine Protokoll-Suite, die eine gesicherte Kommunikation über potentiell unsichere IP-Netze wie das ...
Read more

IPSec VPN Client | Geschäftskunden Telekom

Sie möchten Ihre Mobilfunk-Daten und Produkte verwalten? Mit dem Business Service Portal. Mit dem Business Service Portal (BSP) als Mobilfunk ...
Read more

Mobile IP VPN | Geschäftskunden Telekom

Mit dem Business Service Portal ... die einzige Voraussetzung ist eine Internet-Anbindung mit statischer IP-Adresse und ein IPSec-fähiger Router. ...
Read more

What Is IPSec?: Security Policy; Security Services

Internet Protocol security (IPSec) is a framework of open standards for helping to ensure private, secure communications over Internet Protocol ...
Read more

Cisco IOS VPN Configuration Guide - Site-to-Site and ...

Cisco IOS VPN Configuration Guide. ... the headquarters and business partner are connected through a secure IPSec tunnel and the business partner is ...
Read more

Which VPN Is Best for Your Small Business? - Blogs - Cisco

When choosing between IPSec and SSL, you might find you need both kinds of VPNs. Mobile workers are a fact of life for most small businesses and that is ...
Read more

IPsec - Security Architecture for IP (VPN)

IPsec - Security Architecture for IP. IPsec ist eine Erweiterung des Internet-Protokolls (IP) um Verschlüsselungs- und Authentifizierungsmechanismen.
Read more

bintec Secure IPSec Client - bintec-elmeg.com

Der bintec elmeg Secure IPSec Client ist eine leistungsstarke IPSec-Software für den professionellen Einsatz in Remote Access VPN-Lösungen. Er ...
Read more

VPN Firewalls - SRX5308 | Security | Business | NETGEAR

NETGEAR ProSAFE ® business-class VPN Firewalls are ideal for remote/branch offices and telecommuters and deliver full secure network access ...
Read more

Ipsec VPN | Claranet Deutschland

IPsec VPN - Business-Vorteile. Flexibilität. Abbildung beliebiger Unternehmenstopologien. Reichweite. Weltweiter mobiler Zugriff auf Ihr Unternehmensnetz.
Read more