An engineer must design a solution to provide backup connectivity between two sites.
The engineer plans to use an Internet connection, but company policy requires the connection to be encrypted.
Additionally, there are several applications that utilize multicast to deliver video streams between the sites.
Which technology should the design include?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
In this scenario, the engineer needs to provide backup connectivity between two sites over an Internet connection while ensuring encryption and support for multicast applications. The options for the technology that should be used are GRE over IPsec, IPsec direct encapsulation, GET VPN, and DM VPN.
GRE over IPsec: GRE (Generic Routing Encapsulation) over IPsec is a tunneling protocol that allows for the encapsulation of a wide variety of network layer protocols inside point-to-point links. GRE provides a virtual private network ( VPN) solution by encapsulating the original data packet within a GRE packet, which is then encapsulated within an IPsec packet. GRE over IPsec is a common choice for providing site-to-site VPN connectivity because it offers flexibility and scalability in terms of protocol support and the ability to encrypt data.
IPsec direct encapsulation: IPsec is a suite of protocols for securing internet protocol (IP) communications. IPsec direct encapsulation is a method of encrypting IP packets for secure transmission over the internet. With this approach, IPsec is used to encrypt and encapsulate the original data packet directly, without the use of a separate GRE header. This approach is less flexible than GRE over IPsec, as it only supports IP traffic and cannot encapsulate other protocols.
GET VPN: GET VPN (Group Encrypted Transport VPN) is a VPN technology that provides secure, encrypted communications over a public network like the internet. GET VPN uses a Key Server (KS) to establish and distribute group keys to all routers in the network. Once the keys are established, the routers can encrypt and decrypt traffic between them without the need for tunneling protocols like GRE or IPsec direct encapsulation. GET VPN supports multicast traffic natively, making it a good choice for multicast applications.
DM VPN: DM VPN (Dynamic Multipoint VPN) is a VPN technology that uses a hub-and-spoke topology to provide secure, encrypted connectivity between multiple sites. DM VPN uses a combination of IPsec and GRE to provide VPN connectivity. DM VPN supports multicast traffic, making it a good choice for multicast applications. DM VPN is known for its scalability and ease of deployment, making it a popular choice for enterprise networks.
In summary, the best technology to use in this scenario would be GET VPN. GET VPN supports encryption and multicast traffic natively, and does not require the use of tunneling protocols like GRE or IPsec direct encapsulation. However, it's worth noting that DM VPN would also be a good option due to its scalability and ease of deployment.