Home Page

Firewalls

Email & Spam

Security Terminology

Security Topics

VPN & Cryptography

Wireless

 

 

 

VPN Terminology

VPN Tutorial Guide

3DES

AES

Aggressive Mode

Authentication Header

Asymmetric Encryption

Authentication

Certification Authority

Data Integrity

DES

Diffie-Hellman

Digital Certificate

Dynamic IP addresses

Encryption

ESP

IKE Oakley & ISAKMP

IPSec

IPSec Quick Mode

L2TP

Main Mode

MD5

NAT-T

PFS

PKI

Policy-vs-Route-VPN

PPTP

Pre-Shared Key

Remote Access User

RSA

Security Association

Sha-1

Site to Site VPN

SSL VPN

Transform Sets

Tunnel mode and Transport mode

VPN client tunneling option

VPN Topologies

VPN Tunnel

 

Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?

 

What is Guide

What is a Firewall?

What is a Virus?

What is Spam?

 

Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security

 

Other

Top 8 Internet Security tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?

 

 

Ipsec Site to Site VPN Guide

 

Site to Site VPN

Site to site VPN is a VPN tunnel between two or more sites. This would allow offices to share files and other resources. A VPN tunnel would be created using VPN gateways on each site usually using IPSec to secure the VPN connection over the internet.

When a tunnel has been created between sites, users are able to access and share files and resources easily. However this would all rely on an internet connection and relying that both sites ISP's are up. Some site to site VPN's are configured using multi-wan setup which would provide them with some redundancy if an ISP went down. So on their VPN they would have two ISP's connected. The primary ISP would usually be the faster internet connection, and they would have a slower link connected as a back-up link. This backup link would come into affect if the primary ISP goes down.

VPN's can also be setup in a site to multi site configuration. So you would have all branch offices connected to the head office VPN. The branch offices can connect to each other via the head office. This is usually referred to as a hub and spoke deployment. The head office is the hub, and the branch offices are the spokes connecting to the hub. The head office VPN appliance would need to be powerful and scalable to provide connectivity to all branch offices.

Further Reading

Wikipedia's guide to VPN