Solved

Tunneling Architecture

Posted on 2014-03-26
2
200 Views
Last Modified: 2014-03-26
Do Tunnels generally require a separate tunneling agent or executable to perform tunneling, or do the apps package the data in this manner themselves?

Thanks
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Accepted Solution

by:
Dash Amr earned 250 total points
ID: 39956939
It all depends on so many variables like what you  want to secure and how, and how fast is your connections and the amount of data you need to tunnel, in saying that 2 main types of tunneling

Secure shell tunneling
Tunneling to circumvent firewall policy

but I would say not all apps packages will be able to secure your data as you wish out of the box. you need need a separate client to initiate the tunnel
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 250 total points
ID: 39957026
depends on what you are tunnelling, to where, and with what.

the simplest form of tunnel is one you use every day - https. By creating a TLS connection, a web browser is able to send and receive http (web) traffic securely.  the web browser handles all of that for you though, so no other/special software is needed.

in most cases, the tunnelling app is separate, and you use it with otherwise normal (non-tunnelling) software, How you then configure that software varies depending on the app and the protocol you are tunnelling. VPN typically pretends to be a network card, hence the tunnelling is completely transparent to the tunnelled app.  SSH tunnels open explicit listening ports, and you have to connect to those to have the traffic tunnelled. This is TCP only (while vpn can handle UDP) and has a predetermined destination.

proxy-configured tunnelling usually (again) opens a listening port, but the app must be configured to use the port as a proxy and can then specify a final destination. If you use ssh in this configuration (-D or dynamic mode) then you can configure a web browser as a "socks 4a" proxy, and web browse as normal (albeit with internet servers seeing you coming "from" the ssh server, and your internal monitors seeing only a ssh link from you to the ssh server (and no separate connection for the tunnelled traffic)
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question