| Providing secure access to corporate resources has grown into a critical requirement for the enterprise now. Whether the user is working in a remote office or their hotel room, they all need easy access to corporate resources to accomplish their job and maintain their productivity. As the Internet grew, however, it spawned the concept of virtual private networks, or VPNs, as an alternative.VPNs leverage the free/public long-haul IP transport service and provide a more flexible, cost-effective solution for secure access. Traditional VPNs effectively addressed the requirements for fixed, site-to-site network connectivity;however, for mobile users, they were, in many ways, still too costly, while for business partners or customers, they were impossible to deploy. It is in this environment that SSL VPNs were introduced, providing remote/mobile users, business partners and customers the easy, secure access to corporate resources they needed.There are many critical tecelogies was applied to SSL VPN such as SSL, PKI, cryptography, proxy. And network data and packet filtering is one of the most important technologies. This paper introduces these important techologies and analyzes the principle of them. in detail, and constructs a system architecture by the introduction of the overall deployment model and the configuration of these components. The focus of this paper is the implementation of the network data and packet filtering module. This paper explains the design , communication- mechanism, installation, uninstall and initiation of the module which adopts the LSP technology. And emphasizes the design of the TCP, UDP communication.. The module redirects these network communication to the SSL VPN gateway and encrypts these data.The true value of the technology of network data and packet filtering is demonstrated in the SSL VPN system and this technology will be widely applied in other products.. |
