Get 30% off ITprotv.com with: You can use promo code: OSCAROGANDO2
Follow Me on Twitter:
FlexVPN is a newer “solution” for deployment of VPNs and for this you must have newer hardware to support the versions of IOS code which offer FlexVPN features. DMVPN is an option on almost every Cisco router, provided you are running a version of code which came out in the last decade.
IKEv2 (Internet Key Exchange version 2) is a VPN encryption protocol that handles request and response actions. It makes sure the traffic is secure by establishing and handling the SA (Security Association) attribute within an authentication suite – usually IPSec since IKEv2 is basically based on it and built into it.
A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization’s headquarter virtual private network (VPN) server or router.
What is AAA?
When it comes to network security, AAA is a requirement. Here is what each of these are used for and why you should care:
Authentication: Identifies users by login and password using challenge and response methodology before the user even gains access to the network. Depending on your security options, it can also support encryption.
Authorization: After initial authentication, authorization looks at what that authenticated user has access to do. RADIUS or TACACS+ security servers perform authorization for specific privileges by defining attribute-value (AV) pairs, which would be specific to the individual user rights. In the Cisco IOS, you can define AAA authorization with a named list or authorization method.
Accounting: The last "A" is for accounting. It provides a way of collecting security information that you can use for billing, auditing, and reporting. You can use accounting to see what users do once they are authenticated and authorized. For example, with accounting, you could get a log of when users logged in and when they logged out.