1 hour 53 minutes
hello and welcome back and user VPN Security course. In this lesson, I will be talking about how the conviction communication work. So I'll give you some kind of example off how it
looks for a remote user to establish a connection with BP in on the company server
and how it works in the in real life.
So, um, when when you start, so imagine you're working at home and do you have your company PC notebook video and you're using some kind of whatever software that these there is a clients to establish communication. So first thing you do when you start that client, of course you are.
It's an assumption that you're already connected to Internet,
and then you do the authentication. Now this authentication is usually more than one factor, so sometimes it's just password.
But most corporate I T. Security people don't think that the passport is enough. So what you usually have is some kind of smart card, which can be your key card that you used to enter your premises. If you are working in the office
and off also some kind of pain that goes with it. It's a typical thing for a smart car to have a smart card plus pin.
It could be something else. It can be password plus, uh, fingerprint, uh,
a room on the red on the reader that's in the notebook. If you have it,
um, on and then you authenticate. And also, if you're using mobile device, it can be secret key that's pre shared, which is not safe enough because it's ah, it's one key that has bean used all the time.
Or it could be a certificated, although certificates are also used with them
passwords or smart card and multi factor authentication. But it can be something that doesn't really need you toe type anything. Sometimes it's just the certificate, plus your fingerprint
on your mobile phone.
So you have established link toe corporate, the corporate VPN, and you authenticated yourself. So now the other side knows that it's really you, and then they establish a tunnel. Basically, this is this is done on a level off network, and
you don't need to know any details about. It's just the links is established
and then normal communication starts. So what does normal communication look like?
So you can have somebody like me working from home and I'm connecting to the Internet.
And of course, ah is Ah, it is always the case. My corporate offices always connected to the Internet. So you have the Internet representing here. But this piece of road and there are packets going to and for
from the Internet. But this is not safe enough for if you are being connected to company network.
you have a tunnel. So let's say you have ah, some kind of specialized system in which your, um, um
your data goes directly from your home to the office or the other way around. And if you want to send a file like we have here what happens in this trial, it gets, ah, split into smaller,
uh, pieces like packets. Then each of these gets encrypted,
sent to corporate, then it gets decrypted there. And then these things get pasted together in one file, and then it goes wherever you wanted to send it.
So this is how the thing works. And this for the tunnel. It's not actually a reserved power portion of Internet now. It's not like that. There is no way that
on the Internet, you just determined these things. What happens is that you are actually defining that these packages go directly from you to their over the regular network.
So you have seen how this communication works. You have seen how the files of transferred from you to the
office off your office, for example, or using Internet as a conduit.
Well, I think they're quite similar. If this is 1 to 1 communication rip, let's say, for example, between branch office and
the head office in the bank.
And what is very important to know that if you're connecting with your notebook toe the company server with VPN,
you're no book changes its i p address from normal home I P address, which is given to you by your router, and it becomes the I. P. Address, which corresponds to the
address space off your company. So we have bean for example 100 to 92.1680 dot 11. Suddenly your I P address might become 10.15 at 75 3
And in that case,
uh, this is what is difficult for re PM that you suddenly become a part of the network. So you have learned in this video how it works.
And in next video, I'm going to talk about the types off BP end that exists today.