Improvement And Design Of The SSL VPN Based On Tunneling Technology

SSL VPN is a VPN (shorted for Virtual Private Networks) based on the SSL, which is a new solution for remote access. It allows the user to access the inner data anytime anywhere and increases the ability of the access control and secure level. It is the most convenient and securest solution. But it also has some problems. For example, it only supports the Web and Ftp applications. The function extends difficulty and the system's performance is low.To extend the function of the SSL VPN, an ameliorative SSL VPN is designed and carried out. A virtual network interface (VNI) is installed both on server and client. This VNI can encrypt the data transmitted between server and client; encapsulate the data as SSL protocol, then build a tunnel between server and client. All the data are transmitted through the tunnel. To improve the performance, some methods are imported. The Load Balance can reduce the single server's load. The Cache can lessen the data transmitted on the net. Load Balance attempers the users'requests and transmits them to the low balance server. The single server's balance is reduced and the whole system's performance is improved. Cache is set both on server and client. To avoid the data updating frequently, the data flow cache is imported, which divides the data into small pieces. Each piece is calculated a hash value saved on server and client. The client search the hash value before connection, if found, the client gets the data from the client cache. Thus it reduces the data and shortens the time.The ameliorative SSL VPN has the characteristics such as installing simply; expanding functions easily and transmitting data fast. After experimentation, compared with the Proxy SSL VPN, the system improves more both on function and performance. Also it can support the traditional network applications besides the Web and Ftp applications.