| With the increasing development of the global economy, there are more and more branches of the enterprises coming into being. What's more, the corporation between enterprises has been more frequent. Therefore, it is obviously essential to exchange and share the business information widely and timely, not only inside but outsides the enterprises.The progress of the information techniques and the appearance of the computer network make the convenience and speediness of the exchanging the business data to be available. Accordingly, the network has become the main platform for them to communicate and share the data.A number of companies have established their own private networks. Although these private networks have the high security character, the constructing cost is too expensive. The other way for the most companies to communicate inside and mutually is basing on the common network. This way could have lower cost, but it will bring some problems of transportation security. For the purpose of ensuring the security and reliability when transporting, an available way in technique has been put forward—VPN, namely the Virtual Private Network.Its basic theory is that the common network is transformed to the virtual private network via the security measures, such as identify authentication, access control, data encryption, data integrality etc. The VPN connects LANs locating different physical areas to be a logic secure virtual private network. By this way, the data transferred by the common networks could has the same security character as is provided by physical private network.Presently, the implementation of VPN has many techniques, including PPTP, L2F, L2TP, SSL, IPSEC, MPLS etc. This paper mainly discusses the research and analysis of the IPSEC.The full name of the IPSEC is the IP Security, to be the security criterion which is issued by the IETF (Internet Engineering Task Force) in Nov., 1998.IPSEC, itself is put forward with the IPV6. The primary target is to solve the security problems in IPV6. For the reason that it will need some time to transform IPV4 to IPV6 at current situation, IPSEC also provides the supports to the IPV4. Therefore, IPSEC is compulsory to IPV6, while optional to IPV4.Since the establishment of the IPSEC criterion, IETF has always been engaged in the improvement and the progress of it. Up to now, there are over ten criterions concerning about the IPSEC in RFC. IPSEC mainly ensure the reliability, confidentiality, integrality and uniqueness of the transportation of the confidential data via measures including data encapsulation,encryption,integrality computing and source authentication etc.This paper deeply analyses the IPSEC collection, including the criterions of the framework, ESP, IKE etc, researches the work principle and procedure, further illustrates the implementation mechanism in Linux system and the problems which will be possibly encountered in practice, and brings forward the available solutions at last. |
PDF Full Text Request