Transcription
MUM Europe, Ljubljana 2016.03.25Andis Arins / router.lvHow to choose the right VPN?
Presenter – Andis Arins MikroTik Consultant at www.router.lv MikroTik / Microsoft certified trainer Member of the board in Latvian Internet Association Review expert EU EC in future networking sarinsMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv2
Focus of presentationVirtual Private Networking aspects in perspectiveof Security / Performance / FlexibilityWhy you want one ?What RouterOS can offer?How to pick the best one for you ?MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv3
VPN user profiles4regional officeheadquarters road warriors corporateconnectionsregional office James Bondsremote workersMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
road warriors working fromanywhere unpredictablenetworkconditionsMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv5headquarters
Corporate connections6branch officeMicrosoft AzureAmazon EC2headquarters Business requirements Partner requirementsMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Corporate connectionsMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv7
Serious encryption AES256 certificates huge keysstored in safe hardware VPN over VPNMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv8
Critical functions AuthenticationAccess controlConfidentialityData integrityMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv9
RouterOS VPN portfolioPPPoE - Point-to-Point Protocol over EthernetPPTP – Point to Point Tunneling ProtocolL2TP - Layer 2 Tunneling ProtocolSSTP – Secure Socket Tunneling ProtocolOVPN – Open Source VPNIPSEC - Internet Protocol SecurityEoIP – Ethernet over IPMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv10
Does encryption still work?Core cryptography elements:o Algorithmo Key (size)Security is Only as Strong as the Weakest LinkMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv11
Algoritmso DES (Data Encryption Standard) was once the standard crypto algorithmfor encryptiono MD5 has recently been found less secure than previously thoughto RC4 (Rivest Cipher 4) - recent attacks :Royal Holloway, KU LeuvenAES (Advanced Encryption Standard) is thecurrent preferred symmetric algorithmIPSEC / SSTP between RouterOS / OVPNMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv12
Keys13Symmetric:Key sizes of 128 bits (standard for SSL) are sufficient for most applicationsConsider 256 bits for secure systems such as large financial transactionsSymmetric-key encryption protocols should include message authenticationAsymmetric:2048 bits should be considered for highly protected applications.2048 / 4096 ?Don’t use excessive key sizes unless you know you need them.MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Point-to-Point Tunneling ProtocolPPTP is a available since the mid 1990srequires /47 GRE and /6 TCP:1723 Proso client software on all platformso very easy to set upo fasto NAT friendly- Conso not at all secureo easy to block on firewallsMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv14
PPTP vulnerabilityMPPE-128 encryption (which uses RC4 encryption with a 128bit key)MITM attack to capture the handshake and any PPTP traffic after thatoffline crack of the handshake and derive the RC4 keyno forward secrecy - cracking one PPTP session is sufficient to crack allprevious PPTP sessions using the same credentials.https://github.com/moxie0/chapcrackMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv15
IP security (IPSec)IPSec is set of encryption mechanisms,two modes: transport/ tunnelrequires IKE /17 udp:500, ESP /50 Proso considered very secureo works together with other tunnelso faster than OVPN/SSTPo hardware support- Conso struggle with restrictive firewallso problems with NATo complicated setupMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv16
L2TP/IPSecThe L2TP and IPsec protocols combine their best individual features to create ahighly secure VPN clientrequires IKE udp:500, ESP /50, udp:1701 Proso Clients in most modern OSo faster than OVPN/SSTPo Hardware support- Conso struggle with restrictive firewallso larger overheado may be compromised by governments (unproven)MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv17
OpenVPNfairly new open source technology that uses the OpenSSLrequires tcp:1194 (can be changed) Proso Optional clients in most OS (OpenVPN Connect)o Can bypass firewallso Open sourceo NAT friendly- Conso Needs third party softwareo Certificates requiredMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv18
Secure Socket Tunneling Protocolintroduced by Microsoft in Windows Vista SP1, small chance to ever appear onApple device. SSL v3 offers similar advantages to OpenVPNrequires tcp:443 (can be changed) Proso very secureo built-in client in MS Windowso can bypass firewallso NAT friendly- Conso RouterOS - MS Windows can use only RC4o Proprietary standard owned by Microsoft so cannot be independently auditedfor back doors and suchlikeo Overhead of PPPMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv19
VPN hardware accelerationAES for IPSec, not for SSTP/OVPNRB8501100AHx2Cloud Core Router (tile CPU family)MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv20
Smart Card slots21CCR 1072 – full sizeCCR 1009 – sim factorMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Tunnel characteristics22VPN typeLogicalinterfaceEncrtiptionAuthenticationCan bebridgedEoIP -- IPIP ---PPTP MPPE128-with BCPL2TP MPPE128-with BCPPPPoE MPPE128-with BCPSSTP TLS (AES/RC4) TLSwith BCPOpenVPN TLS (AES/BF) TLSwith BCPGRE ---IPSec- -MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Performance testbed1Gb/s23hAP acMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Testbed calibrationsimple routing, no encryption, no fastpathTransfer size: 1GBProtocol: SMB3 over TCPtime: 9.938scpu 35%average bandwidth: 805 Mb/soverhead: 4.3%MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv24
PPTP benchmarkPPTP, MPPE128 statelesstime: 9.938scpu 99%average bandwidth: 97.44 Mb/soverhead: 7.2%MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv25
IPSec benchmark26IPSec, AES128 / SHA1 / pfsIPSec, AES256 / SHA1 / pfstime: 169.525scpu 99%time: 203.436scpu 99%average bandwidth: 47.19 Mb/soverhead: 8.3%average bandwidth: 39.32 Mb/soverhead: 8.3%MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
OVPN benchmarkOVPN, AES-128-CBC/SHA1/ 2048 certificatetime: 325.66scpu 65%avarage bandwidth : 24.56 Mb/sOVPN, AES-256-CBC/SHA1/ 2048 certificatetime: 357.94scpu 70%avarage bandwidth : 22.35 Mb/s 15% overheadMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv27
SSTP benchmarkSSTP, AES256-CBC (certificate/fps impact minimal)time: 533.887scpu 50%av.bandwidth : 15.00 Mb/soverhead: 13%MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv28
Experimentation summary29VPNMeasured Mb/s %OVPN2515%65%SSTP1513%50%MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
What happens to data packetL2L3L2L330L2L364–1518MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
TCP over TCP problem31APPLICATIONSEND DATAWAIT ACKVPNTCP-WINDOW 64kbMUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Conclusion – encryption workso IPSEC – on CCR routers with routable IPso OVPN – primary choice for road warriors(its now time to switch from PPTP)o SSTP – primary choice for MS Windowso GRE-IPSEC to connect to Ciscoo Waiting for IKEv2MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv32
SXT-LTE IPv633all IPv6 devices mustsupport IPSecSXT-LTE now can get IPv6 address.This is a great potential for IPv6 VPNs in mobile world.MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
Thank You!MUM Europe, Ljubljana 2016.03.25 Andis Arins / router.lv
RouterOS VPN portfolio 10 PPPoE -Point-to-Point Protocol over Ethernet PPTP -Point to Point Tunneling Protocol L2TP -Layer 2 Tunneling Protocol SSTP -Secure Socket Tunneling Protocol OVPN -Open Source VPN IPSEC -Internet Protocol Security EoIP-Ethernet over IP MUM Europe,Ljubljana2016.03.25 Andis Arins / router.lv
