logging in or signing up IPsec Business Amateur Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 627 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: April 16, 2008 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Research Seminar on Telecommunications Business IPSEC BUSINESS: Research Seminar on Telecommunications Business IPSEC BUSINESS Henri Ossi Contents: Contents Introduction IPsec technology overview IPsec in mobile networks Market overview Software component manufacturing Vendor strategies ConclusionIntroduction: Introduction Everyone has secrets Traditional IP network is like a town hall Your secrets can be heard Possible to Forge Modify Inspect traffic IPsec technology overview 1/5: IPsec technology overview 1/5 Set IETF protocols that provide Data source authentication Integrity Confidentiality (encryption) Protection against replay attacks at IP layer Traffic security protocols Authentication Header Encapsulated Security Payload (encryption)IPsec technology overview 2/5: IPsec technology overview 2/5 Modes of operation Transport Tunnel (encapsulation) Security Association provides information How to protect What to protect With whom the protection is done Key management Internet Key Exchange negotiates SAsIPsec technology overview 3/5: IPsec technology overview 3/5 TCP/UDP IP IPsec Internet Layer Secure IP packets TCP/UDP IP IPsec SA negotiations SA pair SA pairIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW Road WarriorIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 5/5: IPsec technology overview 5/5 Original RFCs criticized for complexity Two modes of operation, two traffic security protocols Committee made compromises between Network systems design Cryptographic protocol design Addressed in current (2005) versions Optional AH Transport mode between SGWs IKE version 2IPsec in mobile networks 1/3: IPsec in mobile networks 1/3 3rd Generation Partnership Project (3GPP) Collaboration agreement Mobile phones to use IP for voice & data 3GPP Release 6 IP layer security implemented with IPsec Both IKE versions in useIPsec in mobile networks 2/3: IPsec in mobile networks 2/3 IP layer in Network Domain Security IPsec and IKE Traffic between network elements IP based services IKEv2 authenticates MS and IMS IPsec tunnel for insecure protocols (SIP) IPsec in mobile networks 3/3: IPsec in mobile networks 3/3 3GPP interwork with WLAN IPsec and IKEv2 Generic Access Network (GAN/UMA) WLAN access to 2G services Seamless handoff from GSM/GPRS to unlicensed spectrum IKEv2 authenticates subscriber IPsec tunnel between MS and GANC-SEGW What does it take to compete?Market overview 1/2: Market overview 1/2 Multiple roles to take Software industry Provides software components to ... System integrators For example network equipment vendors Provide solutions to ... End users Other industries Consumers int main() …… ……Market overview 2/2: Market overview 2/2 Market segments Consumer Network cards, ADSL modems, WLAN routers SME Security gateways, network devices Government Enterprise High bandwidth, failover support These affect the software requirementsSoftware component manufacturing: Software component manufacturing Software is an information product Expensive to produce first copy Sunk costs Cheap to reproduce => OEM value proposition: Price < customer’s development costs Integration time < customer’s development time Variable pricing Differences in willingness to pay Great deal of value in maintenanceVendor strategies 1/3: Vendor strategies 1/3 Business customer classes Price-oriented Solution-oriented Total Cost of Ownership Gold-standard Quality, features and professional service Strategic-value Tight relationship Threat of vertical integration Vendor strategies 2/3: Vendor strategies 2/3 Market not perfectly competitive Cost structure Basic strategies Cost leadership Economy of scale Product business Differentiation Added value through unique resources Project business Vendor strategies 3/3: Vendor strategies 3/3 Target segment Market segment Business model Vendor strategy Price Solution Gold Strategic Consumer SME Government Enterprise Product Project Cost leadership DifferentiationConclusion: Conclusion Best solution for IP layer security Common standard Complex IP convergence brings new opportunities Mobile networks Software is information Cost structure leads to variable pricing Two basic vendor strategiesQuestions?: Questions? The floor is open You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
IPsec Business Amateur Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 627 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: April 16, 2008 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Research Seminar on Telecommunications Business IPSEC BUSINESS: Research Seminar on Telecommunications Business IPSEC BUSINESS Henri Ossi Contents: Contents Introduction IPsec technology overview IPsec in mobile networks Market overview Software component manufacturing Vendor strategies ConclusionIntroduction: Introduction Everyone has secrets Traditional IP network is like a town hall Your secrets can be heard Possible to Forge Modify Inspect traffic IPsec technology overview 1/5: IPsec technology overview 1/5 Set IETF protocols that provide Data source authentication Integrity Confidentiality (encryption) Protection against replay attacks at IP layer Traffic security protocols Authentication Header Encapsulated Security Payload (encryption)IPsec technology overview 2/5: IPsec technology overview 2/5 Modes of operation Transport Tunnel (encapsulation) Security Association provides information How to protect What to protect With whom the protection is done Key management Internet Key Exchange negotiates SAsIPsec technology overview 3/5: IPsec technology overview 3/5 TCP/UDP IP IPsec Internet Layer Secure IP packets TCP/UDP IP IPsec SA negotiations SA pair SA pairIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW Road WarriorIPsec technology overview 4/5: IPsec technology overview 4/5 Use case scenarios Host -- Host (transport) Host -- Security Gateway (tunnel) SGW-- SGW (tunnel) Virtual Private Network deployment Remote access (Road Warrior) Site-to-site SGW SGWIPsec technology overview 5/5: IPsec technology overview 5/5 Original RFCs criticized for complexity Two modes of operation, two traffic security protocols Committee made compromises between Network systems design Cryptographic protocol design Addressed in current (2005) versions Optional AH Transport mode between SGWs IKE version 2IPsec in mobile networks 1/3: IPsec in mobile networks 1/3 3rd Generation Partnership Project (3GPP) Collaboration agreement Mobile phones to use IP for voice & data 3GPP Release 6 IP layer security implemented with IPsec Both IKE versions in useIPsec in mobile networks 2/3: IPsec in mobile networks 2/3 IP layer in Network Domain Security IPsec and IKE Traffic between network elements IP based services IKEv2 authenticates MS and IMS IPsec tunnel for insecure protocols (SIP) IPsec in mobile networks 3/3: IPsec in mobile networks 3/3 3GPP interwork with WLAN IPsec and IKEv2 Generic Access Network (GAN/UMA) WLAN access to 2G services Seamless handoff from GSM/GPRS to unlicensed spectrum IKEv2 authenticates subscriber IPsec tunnel between MS and GANC-SEGW What does it take to compete?Market overview 1/2: Market overview 1/2 Multiple roles to take Software industry Provides software components to ... System integrators For example network equipment vendors Provide solutions to ... End users Other industries Consumers int main() …… ……Market overview 2/2: Market overview 2/2 Market segments Consumer Network cards, ADSL modems, WLAN routers SME Security gateways, network devices Government Enterprise High bandwidth, failover support These affect the software requirementsSoftware component manufacturing: Software component manufacturing Software is an information product Expensive to produce first copy Sunk costs Cheap to reproduce => OEM value proposition: Price < customer’s development costs Integration time < customer’s development time Variable pricing Differences in willingness to pay Great deal of value in maintenanceVendor strategies 1/3: Vendor strategies 1/3 Business customer classes Price-oriented Solution-oriented Total Cost of Ownership Gold-standard Quality, features and professional service Strategic-value Tight relationship Threat of vertical integration Vendor strategies 2/3: Vendor strategies 2/3 Market not perfectly competitive Cost structure Basic strategies Cost leadership Economy of scale Product business Differentiation Added value through unique resources Project business Vendor strategies 3/3: Vendor strategies 3/3 Target segment Market segment Business model Vendor strategy Price Solution Gold Strategic Consumer SME Government Enterprise Product Project Cost leadership DifferentiationConclusion: Conclusion Best solution for IP layer security Common standard Complex IP convergence brings new opportunities Mobile networks Software is information Cost structure leads to variable pricing Two basic vendor strategiesQuestions?: Questions? The floor is open