|
Variable length subnet masking (VLSM), 91
Vendor product vulnerability disclosure, 242–244
Virtual circuits, 282, 284–285
Virtual LANs, managed switches and, 68
Virtual private networks (VPNs), 275–339, See also IPSec
bastion hosts, 115
cryptographic terms, 119, See also Cryptography
definition, 275
DMZ for gateway, 332
firewalls and, 201, 248, 331–335
Frame Relay, 281–282, 285
gateway-to-gateway model, 277
general vulnerability issues, 277–278
host-to-gateway model, 275
compulsory tunneling, 276, 300
voluntary tunneling, 275–276
IPSec, 285–286, 305–331, See also IPSec
limitations, 279
NAT and firewall operation, 248
non-IP-based solutions, 279–289
layer 2 (packet-switched) solutions, 280–283
MPLS, 283–289
private lines, 279–280
password recovery capability, 36
performance issues, 334–335
quality of service, 335–339
router functionality, 70
security policy database (SPD), 311
split tunneling, 134–135, 298
tunneling and encapsulation concepts, 289–291
tunneling protocols
GRE, 290–293
L2TP, 299–305, See also Layer 2 Tunneling Protocol
PPTP, 291–299, See also Point-to-Point Tunneling Protocol
virtual circuits, 282, 284–285
wireless network security issues, 344–345
VLSM (variable length subnet masking), 91
Voice-over-IP (VoIP), 203, 336
Voice verification, 162
VPN routing and forwarding table (VRF), 287–288
VPNs, See Virtual private networks
Vulnerability, defined, 17–18
|