The Design And Implementation Of SSL VPN System

Posted on:2008-11-19

Degree:Master

Type:Thesis

Country:China

Candidate:J B Chen

Full Text:PDF

GTID:2178360272468949

Subject:Computer system architecture

Abstract/Summary:

PDF Full Text Request

SSL VPN is emerging in recent years, compared with IPSec VPN, its main advantage is to facilitate the deployment, Mobility good, mainly for remote access and mobile office. Most SSL VPN is HTTP reverse proxy, they are very suitable for Web-enabled applications, and any web browser can visit.However, this advantage also becomes its biggest constraints, enterprises tend to use many non-Web applications, users can only visit part of the applications and data resources they want.Virtual LAN-Based gateway mode SSL VPN overcomes the above-mentioned flaw of traditional SSL VPN. At this time, the payload in SSL tunnel is IP packet, not just application data, thus the system is transparent to applications. When Client access the internal network, the IP traffic are intercepted by virtual card. The packets will be compressed, encrypted in application layer, and then it will be sent to the SSL VPN server. When the server receives the packet, it decrypts it, decompress it, and get an IP packet.Then the VPN Gateway forwards the packet to the real application server. SSL VPN server should not only act as VPN server, but also the entire gateway of the network. The new structure SSL VPN can also be used for connecting different network through internet like IPSec VPN, not just used for remote accessing; it extends the scope of its application. The new SSL VPN system architecture based on the SSL protocol also a certain degree of improvement, establishing operations in the tunnel above the UDP, guarantee the reliability of the tunnel under the premise Performance of the system upgrade will help.System access control mechanisms have also done some improvements. By the client downloaded from the server access control rules, the client realized the port-level fine-grained access control. This distributed approach can reduce server loads and improve system performance and scalability.Tests show that the SSL VPN system is simple and easy to use, and supports most of the applications. It solves the problem of the limited scope of SSL VPN solution, with the port-level fine-grained access control, and has a good performance.

Keywords/Search Tags:

Virtual Private Network, Secure Socket Layer, Network Security, Access Control

PDF Full Text Request

Related items

1	A Research On Wireless LAN Security Framework And Access Control Based On SSL VPN
2	Protocol Based On Secure Sockets Layer Virtual Private Network Research And Design
3	Analysis,Design And Implementation Of The Dynamic P2P VPN System
4	SSL VPN Technology Application
5	Design And Implement Of The SSL VPN
6	Analysis And Improvement Of Performance And Security On SSL VPN
7	Research Of SSL VPN System And It's Application On Campus Network
8	The Application Research Of Authentication And Access Control Technology In SSL VPN
9	To Introduce A Certificate Mechanism To Protect The Security Of Enterprise Information Assets
10	SSL VPN Based On The Agreement In The Application And Realization Of Campus Network