Cisco IINS 2.0: VPN Technologies and Public Key Infrastructure

Overview/Description
An IP Security (IPsec) VPN uses the Internet to connect branch offices, remote employees, and business partners to the resources of your company. It is a reliable way to maintain your company privacy while streamlining operations, reducing costs, and allowing flexible network administration. VPNs are an integral part of any security architecture. Providing confidentiality, integrity, and endpoint authentication, VPNs are ubiquitous and provide data loss prevention mechanisms for data that is in transit at multiple levels. From Secure Sockets Layer (SSL) VPNs to IP Security (IPsec) VPNs, site-to-site VPNs, or remote-access options, this security control is now embedded in networks and applications and should be available in a transparent and manageable fashion. This course introduces the cryptographic elements of VPNs, including symmetric and asymmetric algorithms, and describes the components, deployment options, and operational framework of VPN technologies. A public key infrastructure (PKI) is an increasingly critical component to ensure confidentiality, integrity, and authentication in an enterprise. PKI is based on the fundamentals of asymmetric encryption. PKI uses the power of private and public keys, digital signatures, and trust models that are derived from asymmetric encryption. PKI provides services that range from identity management to software code signing, and from encrypted file systems and email to VPNs and others. This course discusses the principles behind asymmetric encryption that result in PKI solutions and explains the operational framework of such solutions.

Target Audience
Network designers, administrators, engineers, and managers; systems engineers; individuals seeking the Implementing Cisco IOS Network Security (IINS) v2.0 640-554 certification, which is associated with the CCNA Security certification exam. Knowledge and skills equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) are required, and a working knowledge of the Windows operating system and Cisco IOS networking and concepts is recommended.

Expected Duration (hours)
2.0

Lesson Objectives

Cisco IINS 2.0: VPN Technologies and Public Key Infrastructure

describe the benefits of VPNs

identify the OSI layers where MPLS VPNs operate

match the type of VPN to the appropriate descriptions

describe the role of cryptology in VPN implementations

identify the use of ciphers in VPN deployments

identify the use of encryption algorithms in VPN deployments

identify the use of cryptanalysis in VPN deployments

identify symmetric encryption algorithms and their use in VPN operations

identify asymmetric encryption algorithms and their use in VPN operations

describe the functions of cryptographic hashes

identify the components of key management

describes the role of cryptography plays in commercial implementations such as IPsec and SSL/TLS

describe how PKI uses asymmetric cryptography to accomplish confidentiality

describe how PKI uses asymmetric cryptography to accomplish authentication

describe the features and functions of the RSA algorithm

describe the principles behind a PKI

describe PKI standards

identify the role of CAs in a PKI