| As the communication activity through Internet becomes more frequent, many techniques to protect the data are invented. VPN (Virtual Private Network) is one of the available choices. As SSL (Secure Socket Layer) VPN is easier to deploy and has lower cost, thus it has developed very rapidly in recent years. However, we also realize that the traditional SSL VPN system has some inherent problems, such as non-support for non-Web application, non-protection of remote user's security effectively. So, it makes far-reaching sense for the further study of SSL VPN.In technical analysis of the current SSL VPN system, based on the driver capture packet technology, tunneling technology with encryption and decryption and client firewall technology, we have designed an advanced SSL VPN system, called adv-VPN system. We have described the architecture and work flow of this system, and depicted the design and implementation of key modules of server and client.Adv-VPN system use the OpenSSL develop library as the prototype of SSL module to simplify the system and support a variety of operating system platforms. The tunnel module gets the IP packets through the communication of application layer and driver layer .Then it encapsulates the packets and sends them through the SSL encrypted tunnel to enhance the safety of data packet. The driver capture module captures IP packets in driver layer directly to support all kinds of different network application. In addition, the use of firewall with client filter strategy can strengthen the security of remote users.The experimental results show that Adv-VPN system not only solves some problems of the traditional SSL VPN, but also strengthen safety and flexibility of the system. |
PDF Full Text Request