| With the deepening of the information network, enterprise demand for secureremote access will become increasingly prominent, but its own original privatenetwork cannot meet the urgent demand. If you are using the traditional VPNsolutions, enterprises need a lot of work on existing networks, both time-consumingand costly. As a mature development of network technology, the SSL VPN has goodcompatibility, can easily achieve smooth expansion with the SSL VPN network thatthe enterprise existing or is about to build, and no longer requires a lot of changes andcomplicated development. At the same time it also has a convenient deployment,simple to use, scalability, and lower maintenance costs and other characteristics. inparticular,it also can satisfy telecommuting, discrete branch access and other needs.And SSL VPN has the ability to control more powerful, applications can achievefine-grained division of authority, its data transfer mechanism uses a series ofencryption technology and forwards the packages, standing the entire office networkplatform security point of view, the safety factor is also higher.According to the needs of sensitive data communication in enterprise privatenetwork, this paper studied in detail based USBkey certified SSL VPN networkperformance and features, to build Inner Mongolia tongliao city CPI MengDongenergy company’s SSL VPN network system as an example, introduces the design ofkey technologies involved in this and related theory, including VPN and SSL VPN,USBkey, and digital certificate technology, discusses in detail the system demandanalysis, network structure and main equipment selection and configuration, etc. Inthe mode of compulsory certification of identity, it is expounded in this article basedon the common Windows operating platform, using the mature technology of USBkeycomplete identity authentication scheme, introduces in detail the implementation process of network, the scheme is low cost, high safety, ease of use,significantlyimproved the reliability and convenience of enterprise user identity authentication,further strengthen the core competitiveness of the company.This paper combines the SSL VPN technology and USBkey technology, in thisscenario chosen was "None client" of SSL VPN network, users need only through thebrowser can remote access to the corporate Intranet. And considering corporatefunding and technical strength, select the mainstream inspur server build enterpriseCA Center, choose Sangfor VPN-2050gateways to build enterprise SSL VPNnetwork, and use the Haikey that Haitai company produced as user’s USBkey,Implements the comprehensive protection of enterprise internal resources, to provideusers with safe, reliable and efficient environment for remote access. At present,thesystem has been officially running more than a year, to prove the feasibility of designscheme. |
PDF Full Text Request