Understanding Virtual Private Networks Gurdeep Singh Pall Development Manager Windows Internetworking Microsoft Corporation ™ Outline VPN trends Technology overview Related Developments Why VPNs? Today’s workforce is increasingly mobile Telecommuting increasing Increasing focus on global operations Beyond “work from home” Firms need to provide employees with secure access to corporate information, wherever they may be Need scalable remote access solution Can’t keep up with modem pool demand Maintaining dedicated corporate modem pools not economical Growing trend to outsourcing of dialin infrastructure Replacing WANs, dedicated corporate networks with less expensive solutions based on Internet technology Result: VPNs are a critical part of every firm’s Intranet strategy Evolution of VPN Thinking 1996: Tunneling protocols PPTP (Microsoft), L2F (Cisco) Focus on compulsory tunneling 1997: VPN standardization Tunneling standardization: L2TP Authentication and encryption: EAP, IPSEC Increasing deployment of voluntary tunneling 1998: VPN solutions Centralized user management: RADIUS,LDAP Auditing, accounting and alarming: RADIUS Network management: SNMP Opportunities for ISPs Outsourcing of modem pools ISPs provide access for employees on the road Corporation or ISP maintains VPN server Tunnel set up by NAS (mandatory) or Tunnel set up by tunneling client (voluntary) Outsourcing of VPN servers ISP maintains backend VPN server Authentication against corporate database via RADIUS or LDAP PVCs set up to corporate intranet Similar to Web hosting Roaming Allows ISPs to provide national or global service without building POPs Where Microsoft is Today PPTP clients Shipped in Windows NT 4.0 Windows 95 client released to Web Macintosh, Win 3.1 clients available from 3rd parties PPTP server “Steelhead” update released to Web 6/2/97 Includes RADIUS authentication client Includes packet filtering support Shipping in PPTP forum members Network Access Servers (NASes) USR, Ascend, 3Com, Telematics Where Microsoft is Today (cont’d) Support for encryption 40 bit RC4 for export 128 bit RC4 for domestic use (MPPE) “Basecamp” - Windows NT Options Pack Connection Manager Administration Kit Connection Point Services Phonebook server Internet Authentication Server RADIUS IETF drafts available Roadmap: Where We’re Going Improved security Extensible Authentication Protocol (EAP) IPSEC Unified user administration and management Active Directory Microsoft Management Console (MMC) EAP/RADIUS integration PPTP/L2TP/RADIUS integration L2TP Roaming support Eliminates need for 800 number dialin Tunneling Technology Overview Layer 2 vs. Layer 3 tunneling PPTP L2TP IPSEC Compulsory vs. voluntary tunneling Integration issues Layer 2 vs. Layer 3 Tunneling Layer 2 tunneling PPTP, L2F, L2TP Tunnels PPP in IP Multi-protocol support Leverages existing dial-up protocols and infrastructure CHAP, EAP for authentication EAP supports smart cards, OTP, crypto- calculators IPCP for address assignment CCP, ECP for compression, encryption RADIUS for authentication and accounting Layer 2 vs. Layer 3 Tunneling (cont’d) IPSEC tunnel mode Tunnels IP in IP IP only Requires new infrastructure ISAKMP for key management Tunneled DHCP for address assignment? IPSEC transforms for authentication, compression, encryption Certificate server and directory for public key creation, storage Public-key based smartcards for proving “what you have” Unspecified protocol for auditing? Verdict Today: Only useful for static dedicated IP tunnels What is PPTP? Simply: PPP in IP Traditional PPP dial up frames are encapsulated in IP PPP is ubiquitous dial up standard PPP is multi-protocol, extensible, and authenticated Enables Internet to be used as a WAN Clients Networks PPTP Details Tunnel Between PPTP FEP or Client, and PPTP server Control and Data Channel Many PPP sessions carried Control Channel TCP based (IANA port 1723) Session establishment, tear down, and management Data Channel Enhanced GRE encapsulation (Ethertype 0x880B, IP Protocol ID 47) Flow control for congestion and link feedback A Typical PPTP Data Packet Media IP GRE PPP PPP Payload L2TP Advantages On IETF standards track combines L2F and PPTP plus new features Support for authenticated tunnels Ability to run directly over multiple media: ATM, Frame Relay, X.25 Ability to bundle multiple tunnels Firewall and NAT friendly (runs over UDP) Disadvantages Increased Payload overhead Specification stabilizing Proposed standard likely by December ‘97 IETF draft available IPSEC Tunnel Mode Advantages Universal IP-level security Authentication and encryption End-to-end security: A step beyond the “firewall” model Largely complementary to PPTP/L2TP IPSEC tunnel mode not yet a complete solution IPSEC security + PPTP/L2TP tunneling: a marriage made in heaven? Interoperability testing proceeding First bake-off completed, manual keying tested Tunneling Protocol Comparison PPTP L2TP IPSEC Authenticated Tunnels X X X Compression X X X Cert-based Smart Cards X X X Crypto calculators X X Address Allocation X X Multiprotocol X X Encryption X X X Flow control X X IPSEC and Tunneling: What is protected? IPSEC Outside Media IP IPSEC GRE PPP IP IPSEC Data MPPE Inside Media IP IPSEC GRE PPP IP IPSEC Data IPSEC Inside Media IP IPSEC GRE PPP IP IPSEC Data TLS or Kerberos Inside Media IP IPSEC GRE PPP IP IPSEC Data IPSEC and Tunneling: How the elements fit together EAP Provides extended authentication for either dialup or VPN connections Can support one time passwords, smart cards, crypto calculators, etc. Does not protect against subsequent tunnel hijacking IPSEC applied to the outside of the packet Can provide both message integrity and privacy support Packet Authentication (AH) protects against tunnel hijacking Encryption (ESP) provides privacy Incompatible with NAT MPPE applied to PPP payload Provides privacy support Protects privacy of conversation between client and tunnel server Encryption of PPP payload (includes IP header and data) Useful in cases where IPSEC is not available or where it can not be used (NATs) Compatible with NAT Voluntary vs. Compulsory Tunnels Voluntary tunnels Tunneling initiated by end-user Requires tunneling client No NAS support required No intermediate router support required End-user responsible for security MPPE or IPSEC (outer) encryption goes between client and tunnel server Keeps burden of encryption, compression off NASes and routers No router or NAS upgrades required NAS not involved in security ISPs not liable VPN: Voluntary Tunnel Tunnel Server ABC Corp. POP A IP PSTN ISDN ... Internet POP B XYZ Corp. Tunnel IPX client Customer premise POP C Carrier networks LMN Corp. Remote users Access server front ends NBF VPN: Voluntary Tunnel With Direct Network Connection Tunnel server ABC Corp. POP A IP PSTN ISDN ... Internet POP B XYZ Corp. IPX Customer premise Carrier networks LMN Corp. Remote users Tunnel Client NBF Voluntary vs. Compulsory Tunneling (cont’d) Compulsory tunnels Tunneling initiated by NAS Requires NAS support for tunneling protocol Can use RADIUS for per-user tunnel setup No client support required? Not really true if NAS does not support encryption Client must then support MPPE or IPSEC No intermediate router support required NAS responsible for security NAS must set up tunnel NAS may be responsible for encryption ISPs liability? Types of Compulsory Tunnels Static tunnels: all calls tunneled to a given server Realm-based tunnels: calls tunneled based on realm (i.e., bigco.com) User-based tunnels: calls tunneled based on userID (i.e., firstname.lastname@example.org) VPN: Compulsory Tunnel Tunnel Server ABC Corp. POP A IP PSTN ISDN ... Internet POP B XYZ Corp. IPX Customer premise POP C Carrier networks LMN Corp. Remote users Access server front ends NBF Issues in Compulsory Tunneling Who is responsible for security? IPSEC (outer) encryption can be used between NAS and tunnel server Problems Scalability Legacy NASes lack CPU, crypto acceleration to handle encryption Compatibility Requires NAS to implement IPSEC, ISAKMP What if NAS does not implement IPSEC? Client not aware if encryption is in place Client must encrypt inner packet IPSEC or TLS can be used between client and endpoint Result: encryption may or may not be in force for a specific destination! Solution: PPP encryption MPPE used between client and tunnel server Supporting Protocols RADIUS EAP Roaming What is RADIUS? Remote Access Dial In User Service Supports authentication, authorization, and accounting for remote access Physical ports (analog, ISDN) Virtual ports (tunnels) Allows centralized administration and accounting of multiple tunnel servers IETF status Proposed standard: RFC 2138, RADIUS authentication/authorization Informational: RFC 2139, RADIUS accounting Draft: RADIUS extensions, EAP, tunneling support, interim accounting Compulsory Tunneling with RADIUS Tunnel Server BIGCO Corp. POP A PSTN ISDN ... POP B RADIUS Server POP C Remote users Access server (email@example.com) front ends Why Use RADIUS For Compulsory Tunneling? RADIUS enables per-user compulsory tunneling More flexible than static or realm-based tunneling What if firstname.lastname@example.org is to be given Internet access, but email@example.com should be tunneled to the marketing tunnel server? RADIUS enables accounting and auditing Both NAS and tunnel server can use RADIUS Allows enterprise to audit VPN usage, do alarming BIGCO can match accounting records from tunnel server with accounting records from ISP for auditing purposes RADIUS enables use of a single userID/password pair Both NAS and tunnel server can authenticate against the same database RADIUS server backend LDAP backend What is EAP? Extensible Authentication Protocol Extension to PPP, developed in IETF PPP Working Group Under consideration for proposed standard status Provides support for a very wide range of authentication methods Stored value cards Public key authentication (with or without smart card) Cryptographic calculators One-time passwords RADIUS support for EAP on standards track Why Do We Need Smart Cards? Widespread tunneling support enables ubiquitous access to the Intranet Want to enable access to Intranet from home or private ISP accounts Want to enable roaming to other providers for global access Security issues Can no longer restrict tunnel sources to a given IP address range Authenticated tunnel setup not sufficient to provide security How do you know that it’s really Fred logging in from Indonesia? Why Do We Need Smart Cards? (cont’d) Solution: smart cards Possession of smart card required for authentication Foils brute force password guessing attempts Prevents sniffing of passwords over the network Can be used for ISP or VPN authentication, or both Remaining issues Hijacking of sessions: need auth, encryption, too Types of Smart Cards Cryptographic calculators Card with keypad and display No reader required Certificate-based smart cards Requires smart card reader Readers now available for PCMCIA, Serial ports Requires PIN# for access by user Holds certificate (read by PC) Sealed private key (cannot be gotten off card) Related Developments “Steelhead” - Routing & Remote Access Service for Windows NT 4.0 “Basecamp” - Windows NT Options Pack “Steelhead” Features Integrated RAS & Routing service IP & IPX routing support Remotable GUI & command-line UI APIs for extensibility Demand dial routing PPTP support server-to-server client-server Packet filtering for security Exploits multi-link & other RAS features “Steelhead” Features Routing Protocols RIPv2 for IP OSPF by Bay Networks DHCP relay agent RIP for IPX SAP for IPX Plus others can be “plugged in” Packet Filtering Features IP packet filtering TCP port includes “Established” UDP port IP protocol ID ICMP type IPX packet filtering Source address, node, & socket Destination address, node, & socket Packet type Complements MS Proxy Using RAS & Routing LAN-to-LAN or LAN-to-WAN Routing Si POTS, ISDN, Public INTERNET... Networks Remote PC Clients T1, x.25, frame relay, Windows NT INTERNET... Server with RAS & Routing Service Branch Office Corporate running RAS LAN & Routing Using RAS & Routing to Connect an Intranet to the Internet DMZ LAN Full configuration Router/ Internet firewall Proxy Router 2-3 machines Small business PPTP vs configuration with Internet Services 1 machine NT Server, & MS Proxies Proxy Filtering Internet Routing Using RAS & Routing with Point-to-Point Tunneling Internet Si Remote PC Encrypted PPP Packets Tunnel Clients Encapsulated encrypted Internet PPP Packets Service Windows NT Provider Server with POP RAS & Routing Branch Office Corporate Server LAN Low-cost, secure VPN via the Internet “Base Camp” A secure, seamless, and inexpensive end to end Internet remote access solution that allows individuals to connect to public and private networks. Base Camp Components & Features Road Warriors Wan/Lan resources Confirmation/denial & Any POP attribute information Access Request Telecommuters Internet Consumer Services Client ISP Enterprise Connection Manager Connection Point ServicesInternet • Pre-configure • Integrated phone books Authentication service profiles (RAS and POP merged) Server • Branded dialer • Roaming agreements • Radius server • Auto client PPTP • Automated POP mgmt • Directory ties into NT • Auto DUN Internet Authentication backend • Auto POP update Server • Central management • Extensible Connect Radius/Proxy of business policy and Actions Connection Manager employees • Empty*.Exe in OS • 22 Languages Administration Kit • Wizard to configure dialer Questions?