Different ways of connecting branch office
Parviainen, Ella (2021)
Parviainen, Ella
2021
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2021112020792
https://urn.fi/URN:NBN:fi:amk-2021112020792
Tiivistelmä
Secure connections have a central role in business. In order to perform safe business, the
daily data communications need to be in place and established securely to have a smooth
working experience. A secure site-to-site connection is essential for communication in a
workplace. Emerging technologies need to function together with the ones that are already in use.
This thesis examines three different ways of creating a site-to-site connection. The connection methods studied are IPSec, MPLS and SD-WAN. The functionalities of these three options are explored to find out the requirements for each connection method from a technical point-of-view. These connection methods are then compared to find out the differences and practicalities.
A model connection was designed for the target organization. The implementation was designed using IPSec VPN to find out the specific requirements for this type of VPN connection. The IPSec model was designed for the target organization by using EVE-NG and Palo Alto NGFW. The result is a proposed model for IPSec VPN implementation, which can be utilized with SD-WAN in further network development.
The following conclusion was made based on the research of this thesis. The suitable
model for an organization’s network connection depends on the needs and requirements of the specific organization. Network requirements, organization’s needs, devices, technologies, security, knowledge of staff and business needs need to be considered when a network topology is designed. All changes to a network have to be designed securely and properly. A backup connection for a network always needs to be in place to secure business continuity.
daily data communications need to be in place and established securely to have a smooth
working experience. A secure site-to-site connection is essential for communication in a
workplace. Emerging technologies need to function together with the ones that are already in use.
This thesis examines three different ways of creating a site-to-site connection. The connection methods studied are IPSec, MPLS and SD-WAN. The functionalities of these three options are explored to find out the requirements for each connection method from a technical point-of-view. These connection methods are then compared to find out the differences and practicalities.
A model connection was designed for the target organization. The implementation was designed using IPSec VPN to find out the specific requirements for this type of VPN connection. The IPSec model was designed for the target organization by using EVE-NG and Palo Alto NGFW. The result is a proposed model for IPSec VPN implementation, which can be utilized with SD-WAN in further network development.
The following conclusion was made based on the research of this thesis. The suitable
model for an organization’s network connection depends on the needs and requirements of the specific organization. Network requirements, organization’s needs, devices, technologies, security, knowledge of staff and business needs need to be considered when a network topology is designed. All changes to a network have to be designed securely and properly. A backup connection for a network always needs to be in place to secure business continuity.