BN305 - Virtual Private Network
Credit Points: 15 credit points
Workload: 48 hours
Prerequisite: BN200 Network Security Fundamentals
Co-requisite: N/A
Aims & Objectives
This is a sixth trimester core unit out of a total of 24 units in the Bachelor of Networking (BNet). This unit addresses the BNet course learning outcomes and complements other courses in a related field by developing students’ specialised knowledge in virtual private networks and applying critical skills in networking equipment such as router, switch and server. For further course information refer to: http://www.mit.edu.au/study-with-us/programs/bachelor-networking. This unit is part of the AQF Level 7 (BNet) course.
This subject provides students with the knowledge and advanced professional skills to manage and maintain a VPN. It also provides students with the knowledge and skills to deal with both MPLS and MPLS VPN architectures. Students will also obtain further knowledge and experience in building, implementing and managing VPN architecture and security.
Unit topics include:
- Overview of VPN in security context, its characteristics, requirements and architecture
- SSL VPN protocols and configurations
- Internet Key Exchange Protocol version 1 and 2
- IKE v1 & 2 and ISAKMP
- Site-to-Site IPsec VPN Operations
- VPN routes management/handling at gateways
- Overview of MPLS VPN Technology
Learning Outcomes
4.1 Course Learning Outcomes
The Course learning outcomes applicable to this unit are listed on the Melbourne Institute of Technology’s website: www.mit.edu.au
4.2 Unit Learning Outcomes
At the completion of this unit students should be able to:
a. Explain the significance of VPN for contemporary organisations
b. Discuss the role of VPN to support the security of businesses and corporations
c. Describe architectural VPN design for small, medium and large businesses and corporations
d. Report on the health of the existing VPN architecture, solution, data, application and technology
e. Discuss the appropriate security design and solutions for varieties of organisations
f. Report on the current and future state of the management of VPN infrastructure and its technologies
g. Interpret a roadmap process to transform the VPN architecture to support an organisations’ long-term goals
h. Implement a process to support the administration and the management of VPN.
Weekly Topics
This unit will cover the content below:
Week | Topics |
---|---|
1-3 | Overview of VPN, VPNs a Security context, Types of VPNs, SSL VPN, IPSec VPNs, Internet Key Exchange version 1 and 2 frameworks, ISAKMP protocol. VPN connection phases in detail with various options. Preparing and understanding requirements to set up a VPN connection and to configuring a VPN connection |
4-6 | Various types of VPN implementations, planning VPN tunnels, evaluation of security threats and their assessment, Other VPN related tools and technologies i.e. SSL/TLS SSH protocol, etc. Configuring IPsec Site-to-Site VPNs, understanding and configuring access for VPN users and hosts, routing in VPN tunnels, |
7-8 | Firewall and IDS fundamentals, TCP/IP stack and firewalls, functions of firewalls, local and remote access via firewall, controlling access and communication paths. Firewall management and security, common firewalls, firewall deployment considerations. |
9-10 | Virtual LANS and their routes, paths, MPLS Networks, MPLS VPN Architectures, routing labels, etc. |
11 | Overall view of an organisations access and security (Firewall, IDS and VPNs). Case Study: A scenario based firewall and VPN planning for design and implementation. |
12 | Review |
Assessment
Assessment Task | Due Date | A | B | Learning Outcomes Assessed |
---|---|---|---|---|
Formative Assignment 1 | Week 3 (10/04/2022) | 5% | a | |
In-Class Test | Week 7 (03/05/2022) | 10% | a-d | |
Assignment 2 | Week 11 (01/06/2022) | 25% | a-h | |
Laboratory and Problem Based Learning participation & submission | Week 2 – 11 (12/06/2022) | 10% | a-h | |
Final Examination (2 hours) | 50% | a-h | ||
TOTALS | 40% | 60% |
Task Type: Type A: unsupervised, Type B: supervised.
Contribution and participation
This unit has class participation and student contribution as an assessment. The assessment task and marking rubric will follow the Guidelines on Assessing Class Participation (https://www.mit.edu.au/about-us/governance/institute-rules-policies-andplans/policies-procedures-and-guidelines/Guidelines_on_Assessing_Class_Participation). Further details will be provided in the assessment specification on the type of assessment tasks and the marking rubrics.
Presentations (if applicable)
For presentations conducted in class, students are required to wear business attire.
Textbook and Reference Materials
Text Book:
- D. Goyal, S. Balamurugan, Sheng-Lung Peng, O. P. Verma, Design and Analysis of Security Protocol for Communication, John Wiley & Sons, 2020.
References:
- J. Michael Stewart, Network Security, Firewalls and VPNs, Second Edition Jones and Bartlett Learning, 2014.
- G. Bartlett, A. Inamdar, IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS (Networking Technology), 1st Edition, CISCO press, 2016.
- O. Kolesnikov, Building Virtual Private Networks (VPNs), ion (Cisco Press), 2005.
- J. H. Carmouche, IPSEC Virtual Private Network Fundamentals, U.S.A.: Pearson Education (Cisco Press), 2006.
- R. Deal, The Complete Cisco VPN Configuration Guide (Networking Technology), U.S.A,.:Pearson Education (Cisco Press), 2006.
Adopted Reference Style: IEEE
Students are required to purchase the prescribed texts and have them available each week in the class.
Graduate Attributes
MIT is committed to ensure the course is current, practical and relevant so that graduates are “work ready” and equipped for life-long learning. In order to accomplish this, the MIT Graduate Attributes identify the required knowledge, skills and attributes that prepare students for the industry.
The level to which Graduate Attributes covered in this unit are as follows:
Ability to communicate | Independent and Lifelong Learning | Ethics | Analytical and Problem Solving | Cultural and Global Awareness | Team work | Specialist knowledge of a field of study |
---|---|---|---|---|---|---|
Legend
Levels of attainment | Extent covered |
---|---|
The attribute is covered by theory and practice, and addressed by assessed activities in which the students always play an active role, e.g. workshops, lab submissions, assignments, demonstrations, tests, examinations. | |
The attribute is covered by theory or practice, and addressed by assessed activities in which the students mostly play an active role, e.g. discussions, reading, intepreting documents, tests, examinations. | |
The attribute is discussed in theory or practice; it is addressed by assessed activities in which the students may play an active role, e.g. lectures and discussions, reading, interpretation, workshops, presentations. | |
The attribute is presented as a side issue in theory or practice; it is not specifically assessed, but it is addressed by activities such as lectures or tutorials. | |
The attribute is not considered, there is no theory or practice or activities associated with this attribute. |