| Security problem of the network is hot researched topic at present.VPN technology is a security technology which is being extended gradually, it makes use of the public network such as Internet to implement a security and reliable connection between mobile users and enterprise network, branch department and enterprise headquarter, supply providers and cooperative fellow and it can provide many security protections such as data encryption data origin authentication, data integrity check, etc and can resist many attacks on network and save costs when constructing enterprise network.VPN technology can be implemented by many security protocols on different network layers, such as PPTP on data link layer, IPSec on network layer, SOCKS on session layers and so on. Because the data of all kinds of applications based on TCP/IP must be encapsulated into IP packets on network layer then be transmitted, furthermore, the implementation on the network layer can provide security, transparent services for the upper applications, this thesis choosed the implementation of VPN technology based on IPSec. IPSec security protocols include AH protocol, ESP protocol and IKE protocol which can finish security key exchange automatically (optional).The contribution of the thesis involves:1. Researching the significance of implementing VPN, development tendency of VPN and the mostly technological question about the implementation of VPN technolgy on IPSec relatively deep; such asimplementing the capture of IP packets, constituting security policy database and security association database and IPSec processing of outbound and inbound packets ;2. Researching the principles and the whole course of the automatic key exchange (IKE) in details; Finding out the existing questions of IKE protocol and putting forward the solution.3. Putting forward the shortcoming of the implementation and analyzing the development foreground on the aspect of Qos and MPLS of VPN technology simplly.
|
PDF Full Text Request