znan16445
of 57
-
Upload
knifeparty91 -
Category
Documents
-
view
26 -
download
0
description
znan16445
Transcript of znan16445
(VPN)
: :
.
:
2008
1. (VPN) , . - .
2. VPNVPN dialup -, , 1.
, VPN , , . - . , (), . . , . . , , . 2 VPN , . . Point-to-Point Tunneling Protocol (PPTP) . Layer 2 Forwarding(L2F), ATM Frame Relay, Internet Protocol (IP). PPTP, L2F .Cisko Systems L2F,a L2F Internetwork Operating System (IOS), Cisco. Nortel Shiva L2F.- , , Layer 2 Tunelling Protocol (L2TP), PPTP L2F. 3. IP- . IP , Internet Engineering Task Force (IETF) (protocol wrappers). IPSecurity(IPSec),Internet Key Exchange(IKE) , Message Digest 5 (MD5),Data Encryption Standard (DES) Secure Hash Algorithm(DHA).IPSec L2TP.L2TP , IPSec . IPSec .IPSec , .
IPSec 3 , L2TP.
IPSec . VPN , L2TP IPSec VPN IPSec . , IPSec IP L2TP IPX IP .
VPN , L2Tp PPTP IPSec-IPSec . VPN .
. VPN , dialup .
Microsoft-Windows 95,Windows 98,Windows NT Windows 2000- VPN , .Windows 9x Windows NT PPTP, Windows 2000 PPTP L2TP.Linux IPSec PPTP. PPT Secure Shell(SSH), RSA .
, , VPN , . dialup:
VPN , .
VPN - .
VPN -
VPN , ISP VPN :1. , VPN.
2., . , VPN . VPN , Dialup : VPN VPN
- -, dialup
-
VPN e ISP,
VPN . VPN :
, .
, , .
.VPN : VPN - - . , .VPN , VPN (, ), , . :
LAN , , VPN . .
, . :
Hypertext Markur Language(HTML)-
Web . , .
Extensible Markur Language(XML) Commerce XML (cXML).- HTML, .
Open Buying on the Internet (OBI)- (e-commerce).
VPN VPN VPN -. -. VPN IP (forwarding).
LAN . (dial on demand) . , , dialup . , . - ISP VPN. , VPN , .VPN
- , .
/ - LAN , .
.
, . : Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Forwarding (L2F)
Layer 2 Tunneling Protocol (L2TP)
IPSec
Secure Shell (SSH) Secure Shell 2 (SSH2)
Crypto IP Encapsulation (CIPE)
PPTPPPTP Microsoft , PPP, WAN . :
1- PPTP PPP , IP,IPX NetBEUI , Generic Routing ncapsulation (GRE) . IP IP . VPN , VPN .2- , . VPN Microsoft MPPE PPTP .
PPTP-Linux , Linux UNIX . PPTP . PPTP ( PoPTop) Linux,Sun Solaris,FreeBSD UNIX. Windows , PPTP-Linux .Macintosh Windows PPTP , Network Telesystems TunnelBuilder.Cisco L2F 1996. IOS. PPTP, L2F Frame Relay ., PPTP IP, , L2F . L2F .
L2FPMicrosoft Cisco PPTP L2F L2TP. L2TP IP, PPTP. L2FTP ,Frame Relay X.25. WAN IP. L2TP . , (QoS)
L2TP , .
L2TP, PPTP, .
L2TP -IP , ATM Frame Relay .
IPSec , , , L2TP. , . IPSec IP .IPSec : Authentication Header (A) Encapsulating Security Payload (ESP). . , , . , , . . , .ESP . , () IP . DES 3DES.
SSH/SSH2
SSH UNIX r , rsh,rlogin rcp. SSH .SSH2 , , VPN , linux UNIX. VPN , SSH2, VPN .SSH Windows.
CIPECIPE Linux, IP . OSI . . , , VPN. CIPE - - IPSec. . , , . , , : MPPE
IPSec VPNd SSH MPPE PPTP- VPN ( PPP dialup ) 40,56 128 .128 ( ) .
IPSec DES 3DES L2TP .
- . - .VPNd linux Blowfish. 64- , - 32 448 . : . , GOLDFISH,DOSFISH TWOFISH.UNIX SSH .
VPN.
VPN :
.
.
.
VPN , VPN . .
, Extensible Authentication Protocol (EAP) Challnge Handshake Authentication Protocol (PAP) Shiva PAP (SPAP). , VPN, ,
. VPN - . , VPN. , .
VPN , - .
(VPN) - . CPE VPN (customer premise equipment virtual private network) - , , . . CPE VPN , - , . , , CPE VPN . - , CPE VPN . , VPN. - .1. , . - , , . , , . , VPN (WAN), , - VPN , -, , . , . , . VPN , 1, frame relay, ISDN, ATM . LAN . VPN , , , . , , (. 1.).. 1. . Point-to-Point Protocol (PPP) , ( WAN) . , -. , . , , . , , , , . WAN, intranet . , WAN intranet . VPN intranet / extranet WAN, . , . . , . , VPN secure dial-up .VPN , - . - VPN - : , . -, - - , , , , . , VPN , VPN dial-in , , VPN ( ), intra-, inter-VPN , . (. 2.) VPN. (), , . VPN VPN , . , , , LAN . VPN, -, ( ) . -, - VPN . VPN , subnets . , VPN VPN , subnet. , VPN ISPs public network cabling. , VPN .. 2., VPN , , , . LAN , (. 3.). VPN , .. 3.2. VPN VPN ( ) . , ( - ) , . , . , , , , , . , , , . , , outsourcing ( ) outsourcing ( ), outsourcing , . , - (. 4.), VPN ( ) , . . - VPN , , , ( ). VPN (, , VPN), , .. 4. , , . , VPN ( VPN ) , , . VPN -, - - end-to-end one-to-one . one-to-one VPN dial-up , , , , , World Wide Web. one-to-one VPN . , , . , . VPN , , , , ( , ) . , VPN .3. VPN , , , ( ) , . VPN . , . , . , - , . , - , ? , ? , VPN , , . , , . , , , . - . , , VPN . , , . , , , . WAN , VPN . , - . 800, . , . , VPN . , dial-up , , . , , . , VPN , . pools, WAN . VPN. , VPN, , . - , . - , . , . , , .VPN . IPSec, VPN . , , . , . extranet VPN, , , . , , - - . . - -, , IT .VPN extranet - , (EDI), (VAN). 6 12 , .4. VPN , , VPN . , VPN . , . , , frame relay , . , VPN - , , bandwidth. VPN , bandwidth , VPN . VPN . , . VPN, site-to-site , , . , , . firewall ( ), - . . VPN file-sharing, e-mail , . , . , , bandwidth-. VPN , , . dial-up - , -, , - . , , . VPN , , , , . , , , . . , , , - .5. VPN , . , , . , , - VPN. .5.1. . , . , VPN , . VPN firewall. firewall- , firewall- - . , , . , VPN .Firewall VPN, NetScreen, Watchguard NetFortress , plug-and-play . LAN , , VPN . , , . , , . , , . VPN, , . , , . VPN IPSec , , . IPSec , VPN - , . IPSec , , , ( Secure ID Crypto Card). IP , . IPSec , , , . , VPN . - , UP / , . IPSec VPN , . IPSec , . , , , , . VPN -IPSec , Aventail's SOCKS 5. , , VPN. , . SOCKS 5 .5.2 VPN , ; , . , , , , , . VPN , , . . : . - - , . - , . , - . , -. , , , . , VPN, , . . (DES) 20 , , , - , . DES 3DES , . Encapsulated Security Payload Outer Cipher Block Chaining - . , . VPN , . Check Point Software, Digital Equipment Corp., Morning Star Technologies PSINet. , VPN . , subset , . - , . VPN, . , . VPN . , secret key cryptography public key cryptography. , . . , . , . . , , . , ( ). . , . , - .5.3. , , . VPN , :- hash , . , hash , , . , hash , . , hash . hash MD5, SHA-1 RIPE-MD-160. - (MACs) hash . , , , . , , .- . , . .5.4 () . , VPN . . - , , -, . - , . , . SecurID Security Dynamics, token , . . , 30 60 . VPN. ( .509) , "Certificate Authority . . , (, ..), , . , Certificate Authority, . , -, . , , , , (PKI). , , . , , .6. VPN , , , VPN , . . - :- IPSec (Internet Protocol Security) VPN. . , VPN , . , Internet Engineering Task Force (IETF) IP- . , , , . . IPSec . . IPSec IP , - . IP , . , VPN . site-to-site VPN, , , . IPSec , extranet . extranet VPN .- PPTP (Point to Point Tunneling Protocol) L2TP (Layer 2 Tunneling Protocol) , , . , IPX NetBEUI . IPSec, Lan-to-Lan . NT 4.0 add-on Windows 95. , , 255 . NT Windows 95 , , , . . L2TP ( L2F), . L2TP Windows 2000 Windows XP IPSec .- Socks5 Sock proxy , firewall . , proxy , , extranet . Socks v5 , , , , VPN . , plug-ins, ( Java ActiveX ) . Socks5 VPN - , . IPSec Socks5 . IPSec , Socks5 .7. VPN 7.1 Cisco Systems COMDEX Cisco Systems . , , . - : VPN , , . Cisco Gartner Consulting , VPN 54 . . Cisco VPN , - - . Gartner/Dataquest , Firewall : , 2001 Cisco Systems firewall 2000 . VPN Cisco VPN Client, 3.5 . Zone Labs, Cisco AVVID . NT , MAC OS X Solaris , VPN . Cisco 3002 - 3.5. 3002. IPSec/TCP , Extranet , N . Cisco VPN PIX 525 535 . VPN .7.2 Symantec Symantec Enterprise Firewall 7.0 Symantec Enterprise VPN 7.0 Windows 2000/NT Solaris. , , Symantec . , . Symantec, , : , , - firewall . Symantec Enterprise Firewall Code Red Nimda , . , , , Advanced Encryption Standard (AES). Symantec Enterprise VPN, IPSec Symantec Enterprise Firewall, . , . ProxySecure IPSec , firewall . 7.0 firewalls. Raptor Management Console - - firewall, , PC. GUI - , . Symantec Enterprise VPN 1-Step Configuration, 1-Step Connect, , .7.3 VPN 28 , , ., , , , IP . , , . , , , , -, - - . , 40 , , . 1998 , , , , . , , , .7.4 VPN - . . , . , . VPN? VPN . (VPN). . , VPN . . VPN , 128- . . VPN? VPN . . . VPN . - , , ISDN . , . , . . . , , . VPN. VPN :+ ;+ ;+ ;+ ;+ . , : + 24- ;+ ; + ; + , ; + . VPN? . . VPN . 8. 8.1 , VPN , , 10 2003 . , 300%, 1000%. (): 1999 2,3 : 300 1000% : Nortel, Checkpoint, Cisco, Lucent, Axent, Nokia : Frame-relay, ATM, DSL8.2 VPN , , VPN firewall Nortel, Cisco, Lucent, Checkpoint Axent. . VPN , , , . , , , firewall- , , , . Checkpoint, Nortel VPN .8.3 , , VPN . VPN . , VPN, 12 . VPnet, VPN , . , Checkpoint- VPN Nokia , , .8.4 , VPN Service Level Description, , . , , firewall- , . , VPN , VPN Service Level Description .8.5 VPN . frame-relay outsourcing - , - VPN. , , .8.6 , VPN . . IPSec VPN . , firewall-, , . IPSec Windows 2000 Windows XP. - , IPSec , , . , , VPN , IPSec , . VPN , . , VPN .8.7 VPN , VPN , . , VPN / . VPN Service Level Description, VPN . Service Level Description- Event Management Escalation Process, timeframes, backup schedule VPN , , .9. VPN , , VPN . VPN :1) 2) VPN ( ), , .3) VPN 4) , IP VPN . VPN , , .10. VPN . VPN . , - VPN . , VPN , . VPN intranet extranet . , , , VPN . VPN . .- , , VPN. . VPN . VPN , . , , , . VPN , . , : , - . . . , . , . - , . . . , VPN, ( ) . . , . VPN , , , LAN, . , , Dial-up . Dial-up , . , , , . , . , , , , , , . , , . , , . VPN . VPN, , . VPN , - , . (), . , . , , , VPN . VPN GatewaysVPN gateway , , . VPN gateway , VPN . , , VPN. IPSec VPN , Internet Engineering Task Force (IETF), Internet Protocol Security (IPSec), . IPSec , . IPSec , VPN . VPN , . VPN (firewall) , . , , , Wide Area Network (WAN) (LAN). The International Computer Security Association (ICSA) : , - DSL , , , , . - , IP , . IP . . - . , . - - . , . , . VPN ? VPN VPN . , VPN gateways , . High-end VPN gateway , VPN gateways . VPN , VPN gateways. ISPs VPN POP (Point of Presence). VPN, -. - , VPN. . VPN , , , , . VPN, . , . . VPN , . , , , . - , , . . . , , - . ( ) VPN. , ." - VPN fix" , , . , .
"VPN fix" 0,03 / , 0,11 ./.!
"VPN fix"?
;
- ;
;
- 3- ;
- , ;
- , , CLIP, CLIR ;
6 ;
.
- IP VPN
IP VPN - , outsourcing . LAN-to-LAN . 100% . , . : ( Voice Video) ( Interactive data, Business data Standard data).
-
I (RFC 1918) () IP
(BGP4, OSPF)
gateway VPN ;
, Voice gateway, on-net calls
Dial back-up, ISDN back-up .
IPSec VPN
SSL
(VPN) , 25 : , . , - , VPN, IPSEC, , . VPN, , SSL (Secure Socket Layer) e ( - Web ) , . -. 60 SSL VPN 2004, Gartner., , , , , SSL. , SSL VPN , . , , - , . - . Symantec VPN Gateway 4400 ( ), SafeWeb. SSL VPN - , Symantec. - , IPSEC , . VPN , . . , , , , . , . - , . Symantec , VPN . Gateway 4400 SSL - DES, Triple-DES . 9500 , 8000.ZoneLab SSL VPN . , - , Integrity Clientless Security, Integrity Security Server. , ZoneLab - Symantec.Integrity Clientless Security , , SSL VPN, . - , , back door . Web , SSL VPN, Web -mail , Outlook Web Access . Sprint SSL VPN .
PAGE 11
