Professional Documents
Culture Documents
Chapter3 CNM
Chapter3 CNM
Disadvantages of L2TP
• Difficult to configure
• Higher use of computing power because of advanced encryption
• Slower operations because of double encapsulation technique
• Easily blocked by firewalls
Point–to–Point Tunneling Protocol (PPTP):
• Point–to–Point Tunneling Protocol (PPTP): PPTP or Point-to-Point Tunneling
Protocol generates a tunnel and confines the data packet. Point-to-Point
Protocol (PPP) is used to encrypt the data between the connection. PPTP is one
of the most widely used VPN protocol and has been in use since the early
release of Windows. PPTP is also used on Mac and Linux apart from Windows.
• Advantages of PPTP
• Low overhead costs and easy setup
• Fast connection speeds
• Compatible with a wide range of operating systems like MAC OS Linux,android
and ios
• Disadvanatages of PPTP
• Security risk because of low encryption
• Potential to get blocked by firewalls
• Less stable
• Inefficient over longer distances
SSL/TLS protocol
• An SSL VPN, or Secure Sockets Layer Virtual Private Network, is a type of
VPN that connects to the internet via the SSL/TLS protocol. SSL VPNs
provide a secure remote connection, which allows people to access the
internet anywhere without compromising data privacy. SSL VPN can help
strengthen the privacy of your internet browsing. the web browser acts as
the client and user access is prohibited to specific applications instead of
entire network.Online shopping websites commonly uses SSL and TLS
protocol
Advanatages
• Allows secure remote access
• No need for client software
• Easy to setup and use
• Compatible with a wide variety of devices
• End-to-end data encryption
Disadvanatages
• Limited network-level access control
• Only protects the web browser it is set up on
• Doesn’t protect traffic from web apps
• May be vulnerable to malware
• Relies on web-based applications
VLAN VTP protocol
• VTP stands for VLAN Trunking Protocol. It is a layer-2 protocol. In a small
network, the number of switches is less, so we can configure VLANs
individually. But it is not an easy task to configure VLANs individually in large
networks.
• Putting one switch in VTP server mode and the other in VTP client mode, you
can configure VLANs in one go. VTP allows you to configure VLANs on a
central VTP server switch while VTP clients coordinate their VLAN database to
the server.
There are three modes of VTP
• VTP Server Mode (default)
1.It allows you to add, modify and delete VLANs.
2.It stored the VLAN database in NVRAM.
3.The VTP server advertises all VLANs on a trunk port, and the VTP client
synchronizes their database to it so that whenever a new VLAN gets added
to the VTP server, it automatically gets created in VTP clients. The CR
number also gets updated automatically (the CR value is the same as the
VTP server).
4.The revision number (CR value) increases whenever a new VLAN is added
or deleted.
• VTP Client Mode
1. You can’t add, modify or delete VLANs in this mode.
2. Don’t store the VLAN database in NVRAM.
3. If the configuration number received from server is greater than their own configuration
number the devices update their configuration and pass it to other clients of the same VTP
domain.
Full Form Virtual Local Area Network (VLAN) Virtual Private Network (VPN)
Type of VLAN:
Type of VPN:
1. Port-based VLAN
Types 1. Remote Access VPN
2. Protocol-based VLAN
2. Site-to-Site VPN
3. MAC-based VLAN
Kind of service VLANs are the kind of subnetworks VPNs are the technology a service
VPN
Parameter of Comparison VLAN
VLANs use virtual LANs to segment VPN uses encryption to create a virtual
Take help of
traffic private network
• Ease of administration
• Reduction in network traffic
• Enforcement of security policies
LDAP OVER SSL
• LDAP(Lightweight Directory Access Protocol) is used by Active Directory for communication
between clients and directory servers. LDAP allows to read and write data in Active Directory
• The LDAP protocol is not secure against cyberattacks because it transmits data without
encryption. This allows attackers to spy on the connection and intercept packets sent over a
network. This is called packet sniffing. Attackers can also perform a Man-in-the-Middle
(MiTM) attack, thereby manipulating, modifying, and replacing unencrypted LDAP packets.
• LDAPS uses TLS (Transport Layer Security) or SSL (Secure Sockets Layer) to encrypt LDAP
packets. SSL and TLS are cryptographic protocols that establish a secure connection between
client and server using certificates.
• LDAPS helps to make the communication between the client and server confidential so that
data cannot be seen by a third party.
• TLS also provides authenticity (so that both parties can be sure they talk to who they want)
and integrity (so that messages are not modified in transit).TLS is the newer version of SSL.