Remote Access Protocols and Services
Remote Access Protocols and ServicesThis section describes some of the various protocols and services used for remote and secure connections.
• RAS - RAS stands for "Remote Access Service", Microsoft's term for modem pools. This service provides dial-in access to networks and to the Internet.
• PPP - Point-to-point Protocol (PPP) is a method for connecting a personal computer to the Internet using a standard phone line and a modem. The difference between PPP and other, older dial-up procedures is that a PPP setup will establish a direct Internet connection that allows the PC to use TCP/IP (Internet-based) applications.
• PPTP - The Point to Point Tunneling Protocol (PPTP) provides for the secure transfer of data from a remote client to a private server by creating a multi-protocol Virtual Private Network(VPN) by encapsulating PPP packets into IP datagrams. Setting Up PPTP requires a PPTP Client, PPTP Server and a Network Access Server(NAS). PPTP does not support the Appletalk protocol.
• IPsec - IPSec is a suite of Internet-standard protocols that allow secure, encrypted communications between two computers over an insecure network. IPSec provides end-to-end security, meaning that the IP packets are encrypted by the sending computer, are unreadable en route, and can be decrypted only by the recipient computer.
• L2TP - L2TP creates a tunnel through a public network that is authenticated on both ends, uses header compression, and relies on IPSec for encryption of data passed through the tunnel. L2TP works like PPTP in that it creates a "tunnel", but uses IPSec encryption in order to support non-IP protocols and authentication.
• SSL - SSL (Secure Sockets Layer) uses a technique called public-key cryptography to provide encrypted connections. This enables you to move information across the Internet with confidence that it will not be intercepted or modified in transit. This is heavily used in e-commerce and can be identified by a URL that begins with HTTPS.
• Kerberos - This form of security has been evolving in the Unix world for a long time and is now becoming a standard. Kerberos provides mutual authentication between a client and a server or between servers before a network connection is opened between them. Rather than sharing a password, computers share a cryptographic key, and they use knowledge of this key to verify each other's identities. Kerberos security only works with computers running Kerberos security software.
No comments:
Post a Comment