| Based on the study and practice of Taian' s eduMAN(educationMAN), this project introduces a new mode for eduMAN. In allusion to VPN technology popularized all over the network, analyzes and discusses it roundly and deeply. Concludes the design of VPN and provided recommended VPN design model in eduMAN by starting with the VPN technology. To the problem of the Tunnel technology influences to speed and unfits to configure Tunnel' s inner network by internet, puts forward a method that appending the information in router table to implement Tunnel and adding Tunnel table, instead of Tunnel server card. To eliminate the hidden troubles in VPN security authentication system, this solution scheme offers the concept of virtual working flow and the means which is proved again after delaying to offset the limitation so as to improve the system security. Applys model of RBAC to VPN eduMAN, offers the method to keep role mutual exclusion and minimal power, and also gives a design and implement method based on RBAC. This essay also provided a solution scheme to VPN which represented by IPSec+MPLS. The solution scheme not only possessed many advantages including low cost , high efficiency, security by IPSec, and high layer resource supported, QoS, and action concept of host by MPLS, etc ,but also abandons many limitations, such as, IPSecn has no providing frame order, multi-protocol operation, QoS and transmission of VPN-ID, MPLS has no fine security service and no suited application for complicated structure and high-required security, etc. The study of the project have a good effect on Taian' s eduMAN. Of course, it provided referential value for other network. |
PDF Full Text Request