Page 891 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 891

protocol). The envelope is delivered through the postal service (the
               untrusted intermediary network) to its intended recipient. You can use

               tunneling in many situations, such as when you’re bypassing firewalls,
               gateways, proxies, or other traffic control devices. The bypass is
               achieved by encapsulating the restricted content inside packets that
               are authorized for transmission. The tunneling process prevents the
               traffic control devices from blocking or dropping the communication
               because such devices don’t know what the packets actually contain.


               Tunneling is often used to enable communications between otherwise
               disconnected systems. If two systems are separated by a lack of
               network connectivity, a communication link can be established by a
               modem dial-up link or other remote access or wide area network
               (WAN) networking service. The actual LAN traffic is encapsulated in
               whatever communication protocol is used by the temporary
               connection, such as Point-to-Point Protocol in the case of modem dial-
               up. If two networks are connected by a network employing a different

               protocol, the protocol of the separated networks can often be
               encapsulated within the intermediary network’s protocol to provide a
               communication pathway.

               Regardless of the actual situation, tunneling protects the contents of
               the inner protocol and traffic packets by encasing, or wrapping, it in an
               authorized protocol used by the intermediary network or connection.

               Tunneling can be used if the primary protocol is not routable and to
               keep the total number of protocols supported on the network to a
               minimum.






                   The Proliferation of Tunneling



                  Tunneling is such a common activity within communication
                  systems that many of us use tunneling on a regular basis without
                  even recognizing it. For example, every time you access a website
                  using a secured SSL or TLS connection, you are using tunneling.
                  Your plaintext web communications are being tunneled within an
                  SSL or TLS session. Also, if you use internet telephone or VoIP
   886   887   888   889   890   891   892   893   894   895   896