Let's move on to our next section, which covers remote access.
So we're looking at connecting to the network without being physically plugged in.
We'll talk a little bit about dial up, and then we'll talk about VPN access through process we referred to as tunneling.
So let's take a look at dial up
Normally, when we're connected to our local area network were connected VR Network card
and that network card provides layer to framing for a local network.
But if we take a step back and we think about a remote access clients
maybe using, um, Autumn to connect into a remote access server,
which is likely not the way we're communicating mainstream.
The remote access server and modem usage still exists,
But in this case I have a client that's no longer connecting to the network via network card,
which means they don't have a device that does the work that a network card typically does.
One of the things a network card does is provide layer to framing for Elian connections.
It adds the information that's necessary to communicate across a l n.
If we have a client dialing up with, um, autumn, there is no device to provide that layer to framing.
That's where point to point protocol comes in.
P P P is how it's often referred to point to point protocol. Through
is what does that layer to framing for connections to the W A. N.
It was traditionally used with dial up clients. But today, now that we're connecting out to our w. A. N s through our cable modems and DSL modems,
now we have something called P P p o E,
which is point to point protocol over Ethernet,
which basically means you're using your network card. But you're still connecting to a W A N, as opposed to a local area network.
So the primary protocol is going to be allowing us to connect to a W A N and still have that layer two information added. That's point to point protocol.
with point to point protocol is not designed to add security.
It's specifically for layer to frame me.
So for security, there are a handful of authentication protocols that would be used,
the first of which is P. A. P.
Pip stands for password authentication protocol,
and poppy transmits passwords in plain text.
We don't want that anymore.
P A P really is irrelevant for use today,
P A P was replaced by a protocol called C J P
Challenge handshake authentication Protocol.
And then Microsoft extended beyond that. And there's M S, C, H A, P and M S C H a p version two.
But ultimately, this is something called a challenge handshake protocol or a challenge response.
So basically, when one device is trying to make a connection with another based on the password that's entered,
let's say I have to connect to a router from one router from another.
I'm setting up a static route, for instance.
There may be a password protection,
so only if I type in the correct password. Can my device respond to a challenge issued by the server or the system on the other end.
Basically, what it is is a system where I can prove the password that's being entered correctly without having to put the password on the network.
Challenge Response systems are good because they do keep the passwords off the network. That's desirable.
But the problem with C. H, a, P and P A P also is that they only provide a means to authenticate using passwords.
There are a lot of ways we can authenticate today.
We can use smart cards, biometrics, cookies, certificates, tokens and none of that can be used with P, A, P or C J P.
We needed a protocol that could extend beyond just passwords and really provide capabilities to authenticate in any manner you choose.
That's very EAP extensible authentication protocol
eep extends the capabilities beyond passwords.
You can think of it in that way.
So at any point in time you're using anything beyond passwords. You're definitely using it.
I will also allow you to use passwords as well. So keep is the way of the future.