welcome back toe and use a repeat and security course. In this lesson, I will be talking about the infrastructure that is needed for BP and so on. User side.
You don't need anything than your device. It can be a PC like Home PC. Or
although it's for a rarely used, it can be your business PC or it become your mobile phone,
and then you will need to have something installed on it, which can be an agent or an application or both.
Um, maybe some kind of like I mentioned, if you're looking to corporate
Network and you're not using the physical smartcard with pain but yours and virtual, then you'll have to have your virtual smartcard, the software installed on your device. But it goes toe agent and or application thing. So all these things you need and that's it, that's pretty much it.
So, um, on the heart on the side of a hump company, if we're talking about harbor implementation, you need BP in the wire routers. Do you need VPN aware firewall? So these things have to be able to let the VP and traffic
in and out of the company
and then you need BP in appliances. And of course, you need client creepy in on PC is like a mention. So this is it,
um, nothing special. So you need only these things. European appliances, they said. These air
piece of networking hardware that can be set up to allow weeping connection. So if you are establishing a site to site the connection in using your having harder implementation, have chosen, it is your preferred way to set up your VPN.
Then you will have to harbor appliances for each re P in connection. It is not usual toe have. What's a central building one applies that can maintain multiple VPN connections in multiple locations, although
there are those. But people usually choose tohave
one for each connection. Unless you have hundreds and hundreds of them, then you have in those cases you usually. What you have is you have a server on the central sides of in in central corporate headquarters. You have a server
with software implementation,
and then you have
what is essentially appliance in on every other. Those location because on those locations you have to have something that anyway and sometimes it's too expensive to put Carter in terms of server now on every of these locations. For example, if you if your bank
and you have lots of small branch offices,
it's sometimes it's cheaper, and it's more effective to just have a VPN appliance in those those more branches because you don't have server there. Anyway, people are connecting through BP and maybe using very based applications to do their banking. Some of the banks do that today, so
it's ah, it's all based up like a core banking applications and everything they need to do. The banking retail banking
is done them through Web based applications, so you don't need the server there. Everything is anyway on the server and the headquarters.
And then, um,
you just need the appliance there.
And but on the headquarter side, it's maybe too expensive to buy 200 or 500 appliances. Maybe it's cheaper to have just a huge server bank and and virtual server machines running the VP instructor.
so also, if you're doing software implementation again, you need to have a VPN ever routers and VPN of our firewalls. Although when it comes the firewalls, there are we peons that can bypass Firoz, which are not BP in there, so there are ways to do it.
Andi. There are solutions in terms of subsidy, even in terms of harbored that can bypass the things. And again, these people are connecting remotely matter to your server from home or while they are in the field.
You also need some kind of client, the interest structure on their side.
And then in those cases you would probably have to have different versions off the What's a separate servers for those two things? So one server is to maintain connections between the headquarters and
what's a different geographical locations in which you have offices,
and the other is there to remote the for remote connection off
employees because these to work in a different way, and sometimes it's even a different softer. The same thing is, with them
remote connection if you're using harbor implementation, so if you have a harder VPN appliance, that is one is therefore to connect to a different location and the other is their toe receive connections from remote users. So there are two different things, and it's usually never
one server or one harbor or one software even running
those two separate things.
Um, so this is about infrastructure you need I won't go into details how to size it. This is a little bit more complicated. Matter which is outside the parameters of this course suspect. Let me just ask you a question on duh.
What is the main difference when you set up a VPN in the company on the heart in the harbor, implementation on self current limitations. So visit the weepy an appliance. Is it VPN aware router? Or is it a VPN client? Once licensing is during difference
and the correct answer is between appliance. So it is mentioned if you're using a hardware implementation than you have a VPN appliance if he was in suffer a plantation you're using softer on the server.
So in this lesson, you have learned how
what kind of infrastructure is needed to implement with bean, your company
and the In the next video, I will do the recap off the entire Model three, which is about how we pian works