Segui questo link per vedere altri tipi di pubblicazioni sul tema: VPN.
Tesi sul tema "VPN"
Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili
Vedi i top-50 saggi (tesi di laurea o di dottorato) per l'attività di ricerca sul tema "VPN".
Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.
Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.
Vedi le tesi di molte aree scientifiche e compila una bibliografia corretta.
1
Козолуп, І. М. "Інформаційна технологія проєктування сучасних віртуальних приватних мереж". Master's thesis, Сумський державний університет, 2021. https://essuir.sumdu.edu.ua/handle/123456789/86666.
Testo completoAbstract (sommario):
Змодельовано VPN мережу за допомогою протоколу IPSec. В роботі були проаналізовані основні команди, які використовуються при її конфігурації. На основі цього аналізу було розроблено веб-інтерфейс, який генерує код налаштувань для заданих адрес роутерів. Згенерований код можна використовувати при роботі з мереживим обладнанням. Розроблена програма була написана з використанням мови програмування JavaScript та була успішно протестована.
2
Rehman, Sheikh Riaz Ur. "Investigation of different VPN Solutions". Thesis, Blekinge Tekniska Högskola, Avdelningen för telekommunikationssystem, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3364.
Testo completoAbstract (sommario):
Abstract The rapid growth of e-business in past few years has improved companies efficiency and revenue growth. E-business applications such as e-commerce, remote access has enabled companies to manage processes, lower operating costs and increased customer satisfaction. Also the need rises for the scalable networks that accommodate voice, video, and data traffic. With the increased dependability of networks the security issues are raised and networks become more and more vulnerable to different types of security threats. To overcome security issues different security technologies are in action by vendors and technologists. Also for the survival of many businesses to allow open access to network resources, today’s networks are designed with the requirement of availability to the Internet and public networks, therefore, information confidentiality is the major issue in these networks to ensure that the network resources and user data are as secure as possible. With the requirement of network security, concept of Virtual private network was established. A Virtual Private Network (VPN) can be defined as a network in which connectivity between multiple customers’ sites is deployed on a shared network with the same security as a private network. Different VPN technologies and protocols architectures are available in market among are MPLS VPN architecture, IPSec VPN architecture, and SSL VPN architecture. Like With the introduction of Multiprotocol Label Switching (MPLS), which combines the benefits of Layer 2 switching and Layer 3 routing, it became possible to construct a technology that combines the benefits of an overlay VPN with the benefits of peer-to-peer VPN implementation in which routing is simple. MPLS/VPN is a new and simple technology, which provides simpler to routing and also makes number of topologies easy to implement which are otherwise difficult to implement. All architectures have benefits and drawbacks, also each of them can be implemented separately or in combination of other according to customer security requirement and performance of the network.
3
Fabiánek, Ondřej. "VPN kontrolér". Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2019. http://www.nusl.cz/ntk/nusl-403195.
Testo completoAbstract (sommario):
Tato práce se zabývá návrhem architektury a implementací flexibilního, škálovatelného a bezpečného systému pro správu virtuálních privátních sítích, který by umožnil propojení jinak nedostupných routerů a zařízení v jejich lokálních sítích. Ačkoli je systém primárně určen pro použití s routery od výrobce Advantech, podpora jiných zařízení může být později přidána.
4
Schreiber, Alexander, e Holm Sieber. "VPN/IPSec". Universitätsbibliothek Chemnitz, 2002. http://nbn-resolving.de/urn:nbn:de:bsz:ch1-200200982.
Testo completo
5
Samuelsson, Joakim, e Richard Sandsund. "Implementing a virtual private network". Thesis, KTH, Kommunikationssystem, CoS, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91933.
Testo completoAbstract (sommario):
Dagens företag vill ge anställda möjlighet att jobba hemifrån eller på resande fot. En vanlig lösning för att möjliggöra detta är virtual private network (VPN). VPN ger en användare tillgång till interna resurser på företaget från ett externt nät, exempelvis via Internet. Detta gör att användare kan komma åt de interna resurserna på ett säkert sätt. Vilken VPN-teknik är då att föredra för att få en så snabb, säker och pålitlig anslutning som möjligt? Detta examensarbete tar upp olika VPN-tekniker. Vi beskriver vanliga VPN-protokoll som L2TP, IPSec och PPTP. Hur användare autentiseras på ett säkert och smidigt sätt samt metoder att göra sin VPN-anslutning säker. Vi redovisar också den lösning vi har implementerat hos Confidence, för vilka arbetet utfördes. Problemen med att använda de produkter som redan fanns på företaget beskrivs. Förslag på lösningar ges för att lösa dessa problem i framtida arbeten.Companies of today want to give their employees the opportunity to work from home or while they travel. A common solution to accomplish this is to implement a VPN over top of the existing network. Using VPN gives the employees access to the company’s local area network from outside, via the internet. The VPN provides a secure channel for these employees to connect to the local services attached to the company’s network that they need to reach. Which VPN technology is most suitable to deliver a secure, fast, and reliable connection to theses employees? In this thesis examines we are taking a closer look at different VPN solutions. We describe different VPN-protocols like L2TP, IPSec and PPTP. How to authenticate users in a secure and flexible way and also methods used to make the VPN-connection secure. Lastly we will show the solution we have implemented at the company Confidence, for whom we made the solution. The difficulties in using existing products with the company’s infrastructure are described. Suggestions are offered for future work to address these problems.
6
Hurtig, Andreas, Thomas Gisslar e Alexander Karlsson. "Vilken mjukvarubaserad fjärranslutningslösning är passande för ett mindre företag?" Thesis, University of Kalmar, School of Communication and Design, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:hik:diva-1974.
Testo completoAbstract (sommario):
Syftet med denna undersökning är att ta reda på vilken mjukvarubaserad fjärranslutningslösning som passar för ett mindre företag, då de har mindre ekonomiska tillgångar än ett större företag behöver de vara mer noggranna med sina produktval. Arbetet är utfört med litteraturstudier och en enkätundersökning till ett tiotal mindre företag, samt en laborationsmiljö där tester av de olika fjärranslutningslösningarnas egenskaper har utförts.
Område valdes då ämnet fjärranslutning knappt behandlads under utbildningstiden, och fördjupar sig därför inom området.
Resultatet visar vad mindre företag anser vara de viktigaste egenskaperna med en fjärranslutningslösning. Även de värden som uppkom vid tester i laborationsmiljön kommer att presenteras i resultatet. De samlade resultaten kommer sedan visa på vilken mjukvarubaserad lösning som passar bäst för ett mindre företag.
The purpose of this survey is to figure out which software based remote access solution that fits a smaller company, hence they have less economy assets than a larger company they need to be more thorough with their products of choice. The work is performed with literature studies and a survey of a dozen smaller companies, and also a laboratory environment where properties of the different remote access solutions are performed.
This area was chosen because the subject of remote access scarcely was treated during our education, and become engrossed in this area.
The result shows what the companies consider to be the most important properties with a remote access and also the products results from the tests. Also the values that occurred during testing in a laboratory environment will be presented in the results. The combined results will then show which software-based solution that is best suited for a small company.
7
Dahlberg, Axel, e Jonas Francén. "IPv6-adresshantering och prefixdelegering i MPLS VPN-nät". Thesis, KTH, Data- och elektroteknik, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-123805.
Testo completoAbstract (sommario):
För full migrering till IPv6 behöver utbudet av datakommuniktionsstjänster anpassas för den nyagenerationens IP-protokoll med bevarad eller utökad funktionalitet. Detta examensarbetes mål äratt ta fram en eller flera lösningar som möter krav och tekniska förutsättningar för att utöka företagetDGC:s tjänst IP-VPN för IPv6. Detta innefattar adresstilldelningstekniker som prefixdelegeringoch automatisk adresskonfigurering i befintlig nätinfrastruktur.Lösningarna presenteras i sex framtagna scenarier som har undersökts utifrån tester, analys ocherfarna problem som uppstått. Undersökningen formade kriterierna skalbarhet, konfigurationenskomplexitet, kompatibilitet, RFC-stöd och krav från DGC som tas hänsyn till i utvärderingen avden bäst lämpade lösningen.Utvärderingen har gett ett resultat i form av ett rekommenderat scenario som är implementerbartenligt uppsatta mål.Tekniker som skulle kunna påverka valet av bäst lämpade lösning, men som inte är tillgängliga,diskuteras och presenteras för att poängtera vad som kan behövas tas i beaktande för framtiden.Full migration to IPv6 brings the need to adjust datacommunication services for the new generationof IP protocols with maintained or expanded functionality. This thesis’ goals is to submitone or more solutions that meets requirements and the technical conditions that enables thecompany DGC:s to expand the service IP-VPN for IPv6. This includes address assignmenttechniques like prefix delegation and automatic address configuration in existing network infrastructure.Solutions are presented in six scenarios that have been investigated considering tests, analysis andexperienced problems. The investigation formed the criteria scalability, configuration complexity,compatibility, support by RFC:s and requirements stated by DGC that adds to the evaluationof the most suitable solution.The evaluation has resulted in a recommended scenario that is implementable according to givengoals.Techniques that may influence the choice of most suitable solution, but that is not yet available,are discussed and presented to point out what may needed to be considered in the future.
8
Ховріна, М. А. "VPN технології для реалізації концепції високозахищеного віддаленого доступу". Master's thesis, Сумський державний університет, 2020. https://essuir.sumdu.edu.ua/handle/123456789/82257.
Testo completoAbstract (sommario):
Pозглянуто основні характеристики та класифікацію VPN, проаналізовано основні протоколи VPN на різних рівнях моделі OSI, порівняно технології побудови VPN мережі, визначено способи підсилення захисту мережі. Розроблено модель найбільш захищеного доступу віддалених співробітників до корпоративної мережі з розподіленими офісами за допомогою IPSec VPN та SSL VPN.
9
Krigh, Oskar, e Markus Lewin. "Mobil klientsäkerhet". Thesis, Linnéuniversitetet, Institutionen för datavetenskap, fysik och matematik, DFM, 2008. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-9494.
Testo completoAbstract (sommario):
Denna rapport har i syfte att öka förståelsen om hur man kan öka säkerheten på ett företag som använder sig av mobila klienter. Att arbeta på distans blir allt vanligare, och med de så ställs allt högre krav på tekniken som tillhandahåller möjligheterna för detta. När ny teknik utvecklas kommer ofta säkerheten i andra hand, det man fokuserar på är funktionaliteten. Frågorna man då ställer sig och vilket läsaren kommer skaffa sig mer kunskap om under rapprotens gång är: Hur skall en klient kunna hållas uppdaterad när den är utanför företagets väggar? Hur skall kommunikation kunna ske med företaget på ett enkelt sätt, samtidigt som det också ska vara säkert? Det kommer visa sig att administratören inte är den pusselbiten i säkerheten på ett företag. Företaget kan ha en mycket gedigen och bra säkerhetspolicy, men med en användare som handskas vårdslöst med sina användaruppgifter så spelar inte denna någon roll.The aim of this paper is to give new information on how to increase the security at a company that uses mobile clients. Tele-work and E-work is becoming more common, therefore, the technology used must have the utmost reliability. In general, when technology is being developed, the primary focus is on the functionality of the product and less on the aspect of security. Key questions that will be raised and answered are: How should a mobile client be kept up to date with a company’s current software updates? How can this type of communication be achieved in a simple and secure way? Furthermore, the paper will illustrate that the success rate of all levels of security in a company does not depend solely on the administrator. Without the proper use of the security policy by the user, its reliability decreases.
10
Miliauskas, Edvinas. "Naujos generacijos intelektualių tinklų orientuotų IMS architektūrai demonstracinės paslaugos kūrimas". Master's thesis, Lithuanian Academic Libraries Network (LABT), 2010. http://vddb.laba.lt/obj/LT-eLABa-0001:E.02~2010~D_20100826_110105-35324.
Testo completoAbstract (sommario):
Susipažinti su telekomunikacijų sritimi, sukurti jai paslaugą. Paslauga veikia „Mobicents“ JSLEE platformoje. Realizuota paslauga – VPN (angl. Virtual private numbering). Vartotojas savo ilgam numeriui (pvz. 5866694112234) gali nusistatyti trumpą (pvz. 555). Skambinant trumpu numeriu, paslauga suranda siekiamo adresato tikrąjį numerį ir su juo sujungia. Atlikti tyrimai ir matavimai įvertinti paslaugos tobulinimo galimybes, jos įtaką platformos darbui.During course of this project we developed an telecommunications service - virtual private numbering. It allows users to create, manage and be accessible by short numbers. At first we analysed telecommunication field, then - possible platforms for SIP based service and chose open source JSLEE certified „Mobicents“. In next step, there were formulated requirements, designed architecture, developed and tested service. After that, we investigated possibilities to improve service execution parameters and it's current use of resources, influence to platform. Lastly investigation were checked by experiments.
11
Афанасьєв, Д. С. "Особливостi застосування технологiї VPN". Thesis, КНТУ, 2016. http://dspace.kntu.kr.ua/jspui/handle/123456789/5123.
Testo completo
12
Pokorný, Fridolín. "Optimalizace výkonu VPN v Linuxu". Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2016. http://www.nusl.cz/ntk/nusl-255416.
Testo completoAbstract (sommario):
Tato práce se zabývá analýzou stávajících a aktivních VPN řešení, jejich výkonu a slabých stránek. Výsledkem práce je jaderný modul pro Linux, který implementuje datový přenos pomocí protokolů TLS a DTLS na základě konfigurace ustanoveného spojení v chráněném režimu. Primárním cílem bylo odstranit datové kopie a změny kontextu z chráněného režimu do režimu jádra během datových přenosů ve VPN řešeních založených na protokolech TLS a DTLS. Práce analyzuje cenu těchto operací a na základě analýz lokalizuje další kroky nutné k využití implementovaného jaderného modulu ve VPN řešeních. Práce se dále zabývá analýzou dalších možných využití implementovaného jaderného modulu mimo VPN řešení.
13
Akinola, Azeez Paul, e zhang chong. "Tunnel comparison between Generic Routing Encapsulation (GRE) and IP Security (IPSec)". Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-17610.
Testo completoAbstract (sommario):
Since the introduction of networks, they have been used amongst home users, companies and organizations and most damage on the network is due to inappropriate security configurations. To secure networks, a protocol suite can be used to encrypt and authenticate all IP packets of a session. Therefore, this report will include the advantages and possible solution of some techniques used to offer increased network security such as scalability and data confidentiality. Captures of traffic sent using the two security techniques, IPSec/VPN and GRE-Tunnel will be monitored. The objective behind this project is to configure a network with these two different tunneling techniques and compare the security and network performance. The report also describes the security problems encountered by networks such as the ignorance of network users, vulnerabilities and the security of the devices.IPSecis a standard security protocol solution for TCP/IP, and it provides security through authentication, encryption and data integrity. GRE encapsulates packets and create a logical hub-and spoke topology of virtual point-to-point connections. The Jperf-tool is used to measure network performance and show specific details while another tool, Wireshark is used to analyze the information captured during transmission of data sent using IPSEC and GRE. The comparison further finds that IPSec-tunnel technique makes data transfers very secure but causes network performance disadvantages in comparison to a GRE solution.
14
Jeppsson, Fredrik. "Konfiguration av VPN med Netconf/Yang och Python". Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-30885.
Testo completoAbstract (sommario):
Rapporten behandlar en fiktiv internetleverantör som vill undersöka om protokollet Netconf kan användas för konfiguration av VPN-tjänster. Netconf används tillsammans med datamodelleringsspråket Yang som beskriver vad som kan konfigureras på en viss nätverksenhet. Netconf/Yang utvärderas genom att en lösning för konfiguration av MPLS Layer 3 VPN tas fram. Traditionella metoder för konfiguration av nätverksenheter är CLI och expect-baserade skript. Syftet är att undersöka om Netconf kan ersätta dessa metoder. För att öka trovärdigheten i lösningen har en nätverksarkitekt med erfarenhet av denna typ av lösningar involverats som kravställare. Internetleverantörens nätverk består av routrar från både Cisco och Juniper och projektets lösning tar hänsyn till detta. Utvecklingsarbetet har skett mot en labbmiljö bestående av de virtuella routrarna Juniper vMX 17.1R1.8 och Cisco IOS XRv 6.1.2. Projektets lösning består av indata som beskriver vilka parametrar som ska gälla för en L3VPN. Denna indata är oberoende av routertyp. Indatan valideras mot en egenutvecklad yangmodell, vilket är nödvändigt för att försäkra sig om att den är korrekt formaterad. Därefter skickas indatan till tre olika pythonskript som kan testa, lägga till eller ta bort en L3VPN. Projektets huvudsakliga slutsats är att Netconf/Yang kan ersätta CLI, givet att den önskade funktionaliteten är implementerad i nätverksenheternas yangmodeller.This report discusses a fictitious Internet Service Provider (ISP) that wants to evaluate whether the Netconf protocol can be used to configure VPN services. Netconf is used in conjunction with Yang, a data modeling language that is used to describe the features that can be configured on a particular network device. Netconf/Yang is evaluated by developing a solution focused on the configuration of MPLS Layer 3 VPNs. Traditional methods for network device configuration are using the CLI and expect based scripts. One purpose of the evaluation is to determine if Netconf/Yang can be used instead. To increase the credibility of the results, a network architect with industry experience has been involved by setting requirements for the Netconf/Yang solution. The ISP in question uses routers from both Juniper and Cisco, something that the proposed solution takes into account. Development has been done against the virtual routers Juniper vMX 17.1R1.8 and Cisco IOS XRv 6.1.2. The proposed solution involves creating script input data that describes a L3VPN in a vendor neutral way. The input data is validated against a custom yang model to ensure that it follows the expected format. The data is then used as an argument to three different scripts that either tests, adds or deletes a L3VPN based on the input data. The main conclusion is that Netconf/Yang can replace configuration using the CLI, given that the desired features have been implemented in the yang models of the network devices.
15
Norin, Anders, e Henrik Ohlsson. "VPN : Virtual Private Network i Windows 2000". Thesis, University West, Department of Informatics and Mathematics, 2002. http://urn.kb.se/resolve?urn=urn:nbn:se:hv:diva-483.
Testo completo
16
Sabbagh, Mohammed, e Ahmad Anbarje. "Evaluation of WireGuard and OpenVPN VPN solutions". Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-98059.
Testo completoAbstract (sommario):
This project evaluates two types of VPN solutions–WireGuard and OpenVPN.The evaluation is done by four different experiments to measure the maximum throughputof each of the VPN solutions, and a theoretical study on the encryption techniquesthat each VPN solution use. Experiments were conducted using a network performancemeasurement tool called IPerf. By applying static parameters that control themeasurements, such as transferring regular and zip file types, measuring throughputwhen the compression is enabled on the VPN channel and when it is disabled, also,applying measurements with the conditions of the same parameters but with differentoperating systems when using both VPN solutions.one of the measurement results shows that the throughput is about 93 Mbps forWireGuard comparing it with 56 Mbps and 59Mbps for OpenVPN when sendingregular and compressed files respectively.In conclusion, throughput can vary slightly depending on the measurement tooland the version of the software used. Also, the buffer of the measurement tool hasan important role when measuring the throughput, it gives different throughput andpacket loss results which depends on the size of that buffer. Moreover, According to atheoretical study, throughput can also vary depending on the speed of the encryptionalgorithm used. Both VPN solutions use many encryption algorithms, such as AESin OpenVPN, while WireGuard uses ChaCha20 with Poly1305.
17
Berndtsson, Andreas. "VPN Mesh in Industrial Networking". Thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-18160.
Testo completoAbstract (sommario):
This thesis report describes the process and present the results gained while evaluating available VPN mesh solutions and equipment for integration into Industrial systems. The task was divided into several sub steps; summarize the previous work done in the VPN mesh area, evaluate the available VPN mesh solutions, verify that the interesting equipment comply with the criteria set by ABB and lastly verify that the equipment can be integrated transparently into already running systems. The result shows that there is equipment that complies with the criteria, which can also be integrated transparently into running systems. The result also shows that IPSec should be used as the VPN protocol since IPSec can make use of the crypto hardware whereas TLS based VPNs currently cannot. Even though the implementation of secure gateways would provide authentication and authorization to the network, the cost of implementing these gateways would be great. The best solution would be to present the evaluated equipment as an optional feature instead of making it standard equipment in each system.Denna examensarbetesrapport beskriver den process, samt presenterar de resultat som har insamlats, när tillgängliga VPN-mesh-lösningar- och utrustning har utvärderats för integrering i Industriella system. Uppgiften var uppdelad i ett flertal delmoment, varvid det första bestod i att summera tidigare utfört arbete inom VPN-mesh-området. De efterföljande delmomenten bestod i att utvärdera tillgängliga VPN-mesh-lösningar, verifiera att den utvärderade utrustningen uppfyller de krav som fastställts av ABB samt verifiera att utrustningen har stöd för transparent integrering i system under drift. Resultatet visar att det finns utrustning som uppfyller ABB’s krav, vilken även kan bli transparent integrerade i system under drift. Resultatet visar även att IPSec bör användas som VPN-protokoll eftersom IPSec kan nyttja krypto-hårdvara medan TLS-baserade VPN-lösningar för tillfället saknar denna funktionalitet. Implementeringen av säkra gateways medför autentisering och auktorisering till nätverket, dock är kostnaden att implementera dessa hög. Den bästa lösningen vore att erbjuda de utvärderade produkterna som möjliga tillägg, istället för att göra dem till standardutrustning vid köp av ett industriellt system.
18
Rezende, Edmar Roberto Santana de. "Segurança no acesso remoto VPN". [s.n.], 2004. http://repositorio.unicamp.br/jspui/handle/REPOSIP/276400.
Testo completoAbstract (sommario):
Orientador : Paulo Licio de GeusDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação
Made available in DSpace on 2018-08-03T22:36:31Z (GMT). No. of bitstreams: 1 Rezende_EdmarRobertoSantanade_M.pdf: 2943568 bytes, checksum: 6019b3715a66d6b36f72aa5836ddec79 (MD5) Previous issue date: 2004
Resumo: As Redes Privadas Virtuais (Virtual Private Network { VPN) são um componente importante dentro de um ambiente cooperativo, principalmente em seu aspecto econômico, ao permitirem que conexões dedicadas e estruturas de acesso remoto, que possuem custos bastante elevados, sejam substituídas por conexões publicas. Contudo, a conseqüente utilização de uma rede publica para o trafego de informações privadas e a extensão do perímetro de segurança das organizações, trazem consigo serias implicações de segurança. O acesso remoto VPN, onde o usuário remoto acessa diretamente os recursos da organização, possui implicações de segurança especas ainda mais serias que precisam ser consideradas. Neste contexto, a escolha de um conjunto de mecanismos de segurança capazes de prover uma solução adequada para os diversos possíveis cenários de acesso remoto constitui uma decisão fundamental para a segurança do ambiente cooperativo. Neste trabalho foi realizado um amplo estudo dos diversos aspectos envolvidos na elaboração de uma solução segura e viável de acesso remoto VPN. Através desta analise foi possível identificar os principais requisitos e avaliar algumas das soluções existentes que compõem esse complexo cenário. Como resultado da avaliação desses fatores foi possível desenvolver uma solução de acesso remoto VPN utilizando o software FreeS/WAN, uma implementação Open Source do protocolo IPSec baseada em Linux. Devido _a expressiva parcela de mercado ocupada por produtos Microsoft, também foram abordadas algumas soluções de clientes VPN baseados em Windows
Abstract: A Virtual Private Network (VPN) is an important component in a cooperative computing environment, since it allows expensive dedicated connections and remote access infrastructures to be substituted by cheaper public connections. However, the use of a public network for transporting private information, and the consequent extension of an organization's security perimeter, brings serious implications for information security. Remote access VPN, in which a remote user has direct access to an organization's resources, has even more serious, speci_c, security implications that must be addressed. In this context, the choice of the most appropriate security mechanisms for enabling remote access whilst ensuring the security of the cooperative environment, in a diverse range of possible scenarios, is a fundamental decision. This work presents the results of a detailed study of the diverse aspects involved in the elaboration of a secure and viable remote access VPN solution. From this study, it has been possible to identify the principal requirements for remote access VPN and review some of the existing solutions available for this complex scenario. Using these results, a remote access VPN solution has been developed using the FreeS/WAN software, an opensource implementation of the IPSec protocol for Linux. Due to the signi_cant market share occupied by Microsoft products, some Windows based client VPN solutions are also discussed.
Mestrado
Ciência da Computação
Mestre em Ciência da Computação
19
Брайко, В. В. "Дослідження принципів роботи технологій VPN". Thesis, КНТУ, 2016. http://dspace.kntu.kr.ua/jspui/handle/123456789/5098.
Testo completo
20
Larsson, Dennis. "Fjärrbackup : Ett komplement till ordinarie backup". Thesis, University of Skövde, School of Humanities and Informatics, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-3445.
Testo completoAbstract (sommario):
Denna rapport inriktar sig till ett mindre företag som vill tillhandahålla en egen fjärrbackuplösning. Backupen ska göras från en server placerad i företagets lokal till en lagringsenhet i någon av ägarnas hem med hjälp av VPN-förbindelse. För detta krävs ett program som har stöd för att göra uppkoppling automatiskt via VPN på en Windows 2008 Server, 64-bit plattform. Utöver det ska kryptering, komprimering och funktion för full och inkrementell backup finnas tillgängligt i programmet. Fyra fjärrbackupprogram har därför utsetts för jämförelse av hur de kan lösa företagets krav. Där samtliga program visade sig uppfylla funktionerna som eftersträvades, men endast programmet File Back PC 4 Enterprise har stöd för att göra VPN anslutning i själva programmet. Medan Handy Backup 6.2 Home, Cobian Backup 9 samt SyncbackSE 5.6.0.34 är tvungna att köra externa program för att lösa denna uppgift. Praktisk utvärdering av programmen och hur det hela ska lösas rent hårdvarumässigt återstår.
21
Vyshnavi, Bandaru. "Virtual VPN in the Cloud : Design and Modelling of an IPSec VPN in Virtualized Environment". Thesis, Blekinge Tekniska Högskola, Institutionen för kommunikationssystem, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-10801.
Testo completo
22
Wagner, Edward Dishman. "Public Key Infrastructure (PKI) And Virtual Private Network (VPN) Compared Using An Utility Function And The Analytic Hierarchy Process (AHP)". Thesis, Virginia Tech, 2002. http://hdl.handle.net/10919/32685.
Testo completoAbstract (sommario):
This paper compares two technologies, Public Key Infrastructure (PKI) and Virtual Private Network (VPN). PKI and VPN are two approaches currently in use to resolve the problem of securing data in computer networks. Making this comparison difficult is the lack of available data. Additionally, an organization will make their decision based on circumstances unique to their information security needs. Therefore, this paper will illustrate a method using a utility function and the Analytic Hierarchy Process (AHP) to determine which technology is better under a hypothetical set of circumstances. This paper will explain each technology, establish parameters for a hypothetical comparison, and discuss the capabilities and limitations of both technologies.Master of Arts
23
Rana, Bilal Zahid, e Shahid Ali. "OPNET Analysis of VoIP over MPLS VPN with IP QoS". Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3404.
Testo completoAbstract (sommario):
There are many disadvantages (cost, lack of security, difficult to manage large networks, support to non-sensitive applications, delay, etc.) associated with traditional networking, IP network, ATM and Frame relay networking. To solve this, an MPLS-based VPN networking is introduced that can work with existing deployed backbones and allow organizations to interconnect the dispersed sites and remote workers through secure links by using public internet. In this thesis, we are trying to build a better understanding to MPLS VPN and we researched to analyze the behavior of OSPF and RIPv2 based MPLS-BGP VPN architectures by using intense VoIP traffic. Then it comes with an OPNET simulation process and scenarios for MPLS-BGP VPN. At last, the conclusion is made: OSPF based MPLS-BGP VPN architecture has lower VPN delay, background traffic Flow delay, LSP delay and point-to-point Queuing delay, and has better performance in VPN load and VPN throughput that can acquire customer satisfaction and confidence as compared to the RIPv2 based MPLS-BGP VPN architecture.Det finns många nackdelar (kostnader, bristande säkerhet, svåra att hantera stora nätverk, stöd till icke-känsliga tillämpningar, delay, etc.) i samband med traditionella nätverk, IP-nätverk, ATM och Frame Relay nätverk. För att lösa detta, är ett MPLS-baserat VPN nätverk införs som kan arbeta med befintliga sättas samman och låter organisationer för att förbinda de spridda platser och distansarbetare genom säkra länkar genom att använda publika Internet. I denna avhandling försöker vi bygga en bättre förståelse för MPLS VPN och vi forskat för att analysera beteendet hos OSPF och RIPv2 baserad MPLS-VPN BGP arkitekturer med hjälp av intensiv VoIP-trafik. Då kommer med en OPNET simulering process och scenarier för MPLS-BGP VPN. Äntligen är den slutsatsen: OSPF bygger MPLS-VPN BGP arkitektur har lägre VPN dröjsmål bakgrund trafikflödet dröjsmål, LSP dröjsmål och punkt-till-punkt Queuing dröjsmål, och har bättre prestanda i VPN-belastning och VPN som kan få kunden tillfredsställelse och förtroende jämfört med RIPv2 baserad MPLS-VPN BGP arkitektur.
24
Вовк, В. В. "L2 VPN в мережі MPLS на обладнанні Cisco". Master's thesis, Сумський державний університет, 2018. http://essuir.sumdu.edu.ua/handle/123456789/72317.
Testo completoAbstract (sommario):
Здійснено огляд принципів роботи популярних мережевих симуляторів, одним з яких є GNS3; досліджено суть поставленої задачі та предметна область; проаналізовано уже існуючі аналоги, визначено їх слабкі і сильні сторони та розроблена веб-орієнтована інформаційна система, графічний інтерфейс якої дозволяє налаштувати на маршрутизаторах CISCO конфігурацію L2 VPN мережі MPLS.
25
Tryggvason, Thorir. "Analysis of the PPTP and IPSec protocols in Virtual Private Networks". Thesis, University of Skövde, Department of Computer Science, 2000. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-415.
Testo completoAbstract (sommario):
Today increasing numbers of individuals are working away from the ordinary workplace while still requiring access to the server located at the workplace. New technology is meeting this demand allowing for safe and secure transmission of the data over the Internet. The aim of this project is to analyse two protocols that are used within the Virtual Private Network (VPN) structure today, with the focus on installation, transmission speed on both Local Area Networks (LAN) and via telephone line and security aspects of the protocols.
The results show that it is quite complicated to setup a VPN network and to get operational. The results also show that there are security compromises within the VPN structure that indicate that if proper precaution is not taken it may give a false sense of security, where the user believes that it is a secure communication when in reality it is not.
26
Andersson, Tommy, Mattis Torkelsson e Gustav Wärlinge. "3DES, AES i hårdvara - Förmåga att skala i en växande miljö". Thesis, Linnaeus University, School of Computer Science, Physics and Mathematics, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-5783.
Testo completoAbstract (sommario):
Den här rapporten beskriver arbetet och utförda studier inom området kryptering och VPN. Fokus ligger på hur väl krypteringsalgoritmerna Triple Data Encryption Standard (3DES) och Advanced Encryption Standard (AES) skalar i en förutbestämd miljö. Huvudfokus har varit att svara på frågan: Vilken av krypteringsalgoritmerna AES och 3DES kräver minst systemresurser? Under utbildningstiden har det flera gånger framförts att 3DES-algoritmen skulle vara mer krävande för krypteringsenheterna att utföra jämfört med AES. Denna rapport söker finna om det är så det förhåller sig och i så fall hur stor skillnaden är mellan algoritmerna. För att söka svar på frågorna genomfördes ett flertal experiment. Dessa syftade till att påvisa eller vederlägga ovan beskrivna påståenden kring 3DES och AES. Resultatet av utförda experiment blev att ingen större skillnad kunde noteras mellan 3DES och AES. Detta står i stark kontrast till de påståenden som ofta florerar kring krypteringsalgoritmerna 3DES och AES
This report describes the work and studies carried out in the field of encryption and VPN. The focus is on how well the encryption algorithms Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) perform in a predetermined environment. The main focus has been to answer the question: Which of the encryption algorithms AES and 3DES requires less system resources. During the period of studies, lectures and literature have several times claimed the 3DES algorithm to require more resources of encryption devices, compared to AES. This report tries to find if it is a fact and if so how big is the difference between the algorithms. To seek answers to the questions, a number of experiments was performed. These experiments were intended to demonstrate or refute the above claims about 3DES and AES. The results of the performed experiments shows no major differences between 3DES and AES. This differs from what have been publicly accepted concerning facts regarding encryption algorithms 3DES and AES.
27
Persson, Erik. "Omdesign av Intranät : vid Svenska Kyrkan i Norrköping". Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-31958.
Testo completoAbstract (sommario):
Svenska Kyrkan i Norrköping upplever idag att de har ett virtuellt intranät som skulle kunna fungera bättre. Problematiken tycker de ligger i underliga trafikflöden, utarmning av IP-adresser och hög komplexitet. Därtill undrar de om det inte är hög tid att höja bandbredden ut från flera av byggnaderna. Min målsättning med arbetet är att utifrån de största församlingarna samt Kyrkans Hus – där organisationens IT-kontor och serverfarm är belägna – kunna ge rekommendationer på åtgärder och förändringar som ska kunna avhjälpa denna problematik och förhoppningsvis framtidssäkra några av dessa aspekter. Under mitt arbete har jag tagit ut rudimentära baselinemätningar, IP-adresseringstabeller och sammanställningar av trafikflöden i syfte att skapa en nulägesanalys. Jag har också ämnat illustrera den problematik som låg till grund för arbetets utformning. I min rapport har jag också behandlat moderna IT-trender såsom tunna klienter, virtualiseringsmiljöer och BYOD, Bring Your Own Device. Detta arbete har resulterat i ett generellt designförslag med redundanslänkar, gästnätverk och stöd för Ipv6 med olika alternativ inom samtliga aspekter, vilka kan användas för att skräddarsy implementeringen av de olika teknologierna. För en mer allomfattande, grundlig och slutgiltig design av intranätet som helhet skulle en mer omfattande dokumentation behövas, tillsammans med uppskattning av nätverksanvändning, IP-adressering samt budgetering.The Church of Sweden in Norrköping are currently faced with a virtual intranet that they feel could be improved. Some of the problems they have identified are unusual traffic forwardin patterns, exhaustion of the IP adress pool and a high level of complexity. In addition, they feel that it might be time to increase the bandwidth that some of the buildings have access to. My goal with this paper – based on the largest parishes and Kyrkan Hus, where the organization’s IT office and server farm lies – is to give recommendations in terms of actions and changes that could mitigate these issues and hopefully provide a more future proof solution. During my work I have taken some rudimentary baseline readings, IP addressing tables and compilations of network flows, in order to create a current situation analysis, which I have used to draw some of my conclusions. I have also aimed to illustrate the problems that have formed the foundation for this work. In my report I have also discussed some modern IT trends, such as thin clients, virtual environments and BYOD, Bring Your Own Device. This assignment has resulted in a general design proposal with redundant links, guest networks and Ipv6 support, with different alternatives withing each aspect, which can be used to further tailor the implementations of the different technologies. For a more all encompassing, thorough design of the intranet as a whole we’d need a more complete documentation, together with approximations and evaluations regarding network usage, IP addressing and budget.
28
Flores, Baldes Jorge Eduardo. ""Análisis del desempeño de MPLS VPN L2 y L3"". Tesis, Universidad de Chile, 2018. http://repositorio.uchile.cl/handle/2250/168460.
Testo completoAbstract (sommario):
Magíster en Ingeniería de Redes de ComunicacionesLa conmutación de etiquetas multiprotocolo (MPLS por sus siglas en inglés, Multiprotocol Label Switching) surge como un mecanismo de convergencia para los protocolos que operan sobre los niveles 2 y 3 del modelo OSI. Su capacidad para proveer y administrar diversos servicios con garantías de calidad de servicio y disponibilidad sobre una infraestructura común, ha hecho que MPLS sea un estándar en las redes de transporte de los proveedores de servicios. La interconexión de data centers y en general de redes LAN y MAN corporativas, se realiza a través de servicios MPLS VPN considerando solamente la topología de la red. En este contexto, resulta útil proporcionar información adicional para seleccionar modelos VPN en función del tipo de tráfico que se desea transportar. En este trabajo se diseña e implementa escenarios experimentales para proporcionar métricas que permiten ese contraste; el resumen de cada capítulo se detalla a continuación. En el primer capítulo se describen tecnologías, métricas de desempeño, herramientas de modelación y herramientas estadísticas. En el segundo capítulo se describen los procesos de diseño, implementación y simulación de los escenarios experimentales. Los escenarios garantizan que el desempeño de los servicios MPLS VPN se ponga a prueba bajo las mismas condiciones. Esas condiciones comprenden nodos de borde y políticas de QoS comunes para los servicios que se contrastan. Además, los escenarios consideran la capacidad de los nodos emulados por Dynamips como restricción y el tráfico que atraviesa una red operativa como condición inicial. Este tráfico se modela con redes neuronales artificiales y para poder generarlo con IPERF, se utiliza BoxCox y Bootstrapping sobre el modelo para obtener estadísticos representativos. Los procesos de implementación y simulación se realizan sobre GNS3; este último comprende la ejecución simultanea y recurrente de IP SLA, kron, IPERF, Wireshark, NTP y TFTP. En el tercer capítulo se presenta el resultado de los test estadísticos aplicados sobre las métricas de estudio. Además, se utilizan herramientas de simulación para estimar los intervalos de confianza de la media y obtener una representación gráfica del desempeño de los servicios MPLS VPN. En el cuarto capítulo se exponen las conclusiones de este trabajo, estas analizan los resultados de los test estadísticos asociados a los objetivos e hipótesis planteadas. Para finalizar se exponen algunas apreciaciones sobre trabajos futuros.
29
Marleta, Marcelo Honorato. "Projeto de uma VPN(Rede Privada Virtual) baseada em computação reconfigurável e aplicada a robôs móveis". Universidade de São Paulo, 2007. http://www.teses.usp.br/teses/disponiveis/55/55134/tde-18062007-101411/.
Testo completoAbstract (sommario):
Este trabalho apresenta uma implementação de VPN utilizando-se dos circuitos reprogramáveis do tipo FPGA (Field Programmable Gate Array) que são a base da computação reconfigurável. VPNs utilizam criptografia para permitir que a comunicação seja privada entre as partes. Assim, todo o custo computacional decorrente desta prática é executado em nível de hardware, procurando-se atingir um alto desempenho e voltado para as aplicações de sistemas embutidos. O uso desta solução, VPN por hardware, será na interligação de um robô (em desenvolvimento no Laboratório de Computação Reconfigurável - LCR do Instituto de Ciências Matemáticas e de Computação da Universidade de São Paulo) ao seu servidor de configuração e tarefas, através de linhas privadas. O emprego de uma VPN em robótica permitirá a utilização de um sistema de comunicação, com ou sem fio, e toda a infra-estrutura da Internet para a comunicação com o robô (e no futuro entre os robôs) a qualquer distância de forma segura e confiável. O hardware reconfigurável utilizado para a VPN deste trabalho proporciona flexibilidade no modo de implementação, possibilitando que o sistema seja adequado para satisfazer situações que exijam alto desempenho. Além disso, a arquitetura proposta possibilita que parte das operações sejam executadas em software (no caso, foi utilizado o sistema operacional ?Clinux e ferramentas para se estabelecer a VPN) e parte das operações executadas em hardware (um coprocessador criptográfico AES). As principais ferramentas de software são o conjunto ipsec-tools que foram desenvolvidas para serem executadas com o IPSec nativo do Kernel e devidamente portadas para o ?ClinuxThis work designs a system that implements a VPN using FPGA (Field Programmable Gate Array) reprogrammable circuits, which are the basis of reconfigurable computing. VPNs use cryptography to allow private communication between parts. In this manner, the computational cost of the cryptography is handled by the hardware, achieving great performance and allowing its usage on embedded systems applications. The system proposed in this thesis has been used to establish secure communication between a PC and a mobile robot (that is in development at Reconfigurable Computing Laboratory - LCR of Institute of Mathematics and Computer Science of Univesity of São Paulo). The use of VPN in robotics will allow a communication, either wired or wireless, using Internet?s infrastructure with the robot (and in the future among robots), in a secure and trustable manner. The reconfigurable hardware used in this work allows flexibility in the implementation, making possible its usage in situations that requires high performance. Furthermore, the proposed architecture allows part of applications executing in software (using ?Clinux operating system and tools to establish the VPN) and other parts in hardware (a cryptographic coprocessor AES). The main software tools are the ipsec-tools that were developed to execute with native Kernel IPSec?s implementation and were properly ported to ?Clinux
30
Berg, Leonhard, e Olle Montelius. "Barnsäkring av Smartphones". Thesis, Högskolan Dalarna, Datateknik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:du-28229.
Testo completoAbstract (sommario):
Genom detta arbete demonstreras hur man, genom att kombinera tillgängliga gratistjänster, samt med lite egen kod, kan åstadkomma en prototyp av ett säkert och barnanpassat heltäckande system för användande av Android-enheter. Internettrafik från den mobila enheten dirigeras genom VPN-tunnel till hemmanätverket vilket ger minskad attackyta och minskad avlyssningsrisk, och genom användning av DNS-filtrering kan olämpliga webbsidor på förhand blockeras. Enheten kan användas för samtal (och med ytterligare modifiering SMS) men inkommande samtal från icke-godkända avsändarnummer, samt SMS blockeras. Genom Applocker, en sorts låsmekanism för applikationsåtkomst, förhindras olämpliga applikationer att installeras eller användas på enheten, likväl som inställningar förhindras att ändras av annan än administratör. Genom användande av en App-launcher kan begränsningen stramas åt ytterligare. Den sammantagna lösningen renderar i ett system där en Smartphone på ett fördelaktigt sätt kan handhas av barn och där utvalda funktioner går att använda på vanligt sätt men där, i förväg spärrade, funktioner har eliminerats från enheten. Vad som krävs utöver en Smartphone, är ett fungerande hemmanätverk och en enklare - alltid påslagen - ”server”-dator, förslagsvis en Raspberry Pi.In this work, the ability to create a prototype for a throughout secure and childproof system for Android is shown. This is done by combining already available products combined with some own code. Internet traffic is being pushed through a VPN tunnel to an already existing LAN in the own home. This mitigates the risks of eavesdropping attacks and other threats, and by using DNS Filtering, unwanted web pages can be blocked beforehand. The mobile unit can be used for calls (and with further development SMS) but incoming calls from unknown numbers, and SMS, will be blocked. With the addition of Applocker, a sort of locking mechanism for software access, the use of unwanted application will be restricted. By adding a custom App-Launcer, this restriction can be even more firm. The complete solution brings a system where the Smartphone preferably can be handled by a child and where chosen functions can be used in their regular manner but where, predetermined, functions has been eliminated from the unit – or is only accessible by the administrator. What is needed for this prototype, besides of a Smartphone, is a working LAN in the home, and an always-on computer that acts like a server, preferably a Raspberry Pi.
31
Larsson, Rasmus. "Creating Digital Twin Distributed Networks Using Switches With Programmable Data Plane". Thesis, Linköpings universitet, Programvara och system, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-175359.
Testo completoAbstract (sommario):
The domain specific language P4 is a novel initiative which extends the Software-Defined Networking (SDN) paradigm by allowing for data plane programmability. Network virtualisation is a class of network technologies which can be used to abstract the addressing in a network, allowing multiple tenants to utilise the network resources while being agnostic to the underlying network and the other tenants. In other words, twins of tenants using the same addresses can co-exist on the same underlying network. If a twin is a distributed network, it may even be spread out across multiple sites which are connected to a common backbone. In this study, network virtualisation using P4 is evaluated with emphasis on scalability in terms of number of twins and sites. A set of potential network virtualisation technologies are identified and categorised. Based on this categorisation, two variations of network virtualisation are implemented on the P4 capable software switch BMv2 and the performance of both variations are evaluated against the non-P4 solution Linux bridge. Linux bridge was found to yield 451 times more useful bandwidth than the best performing P4 implementation on BMv2, while also learning MAC addresses faster and generating less traffic on the backbone. It is concluded that the performance of network virtualisation implemented and running on BMv2 is worse compared to the non-P4 solution Linux bridge.
32
Wikström, Alexander, Mark Thomson e Lolita Mageramova. "Virtual Private Networks: : A feasibility study of secure communications between remote locations". Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-24550.
Testo completoAbstract (sommario):
Virtual Private Networks (VPNs) are an integral part of protecting company communications from unauthorized viewing, replication or manipulation. In order for employees to remotely conduct business in an effective and secure manner from a branch location or while traveling, Virtual Private Networks can be viewed as an absolute necessity. Starting with a certain set of network communication requirements, our project's hypothesis was that the most suitable VPN implementation for Cheap Flats (a fictitious company we created) would be an IPSec client VPN. Included in the report are basic definitions, implementations and tests for three different types of VPNs that were used to confirm this hypothesis: 1) Site-to-site: Tunnel mode connection between VPN gateways. The process of encrypting and transferring data between networks is transparent to end-users. [1] 2) IPSec client: Network Layer VPN for both network-to-network and remote-access deployments. End-users will need to run either Cisco or Open Source VPN software on their PCs. 3) Clientless SSL: “Remote-access VPN technology that provides Presentation Layer encryption services for Applications through local redirection on the client.” [2] VPN communications are established using a browser rather than specific software installed on the end-user’s device. The test results from the above VPN implementations have been published and comparisons were made between the different types of VPNs regarding the time taken to apply network device/end-user configurations, expenses incurred in procuring additional equipment/software to implement the VPN (if any), impact on end-users, scalability and lastly, the overall functionality of the VPN solution as it relates to the day-to-day business operations. Following the testing phase, a discussion of the merits and drawbacks of each of the VPN implementations was drafted. After which, a final recommendation was presented regarding the VPN solution that best fit the needs of the hypothetical company described in the paper.
33
Lindberg, Magnus, e Anders Nilsson. "Virtually@Home". Thesis, KTH, Kommunikationssystem, CoS, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91480.
Testo completoAbstract (sommario):
With today's rapid development of technology and IT systems the demand for security and accessibility by both companies and individuals has increased. More and more people want access to their private files and services even when they are not at home. Geographical limitations can be a problem, and some such limitations have been deliberately added to a number of new services on the Internet, such as IPTV and other media services. Today it is neither safe nor appropriate to send sensitive information over public connections, such as the Internet. Because of this, several solutions including IPsec, SSL / TLS, and several other technologies have been developed and implemented. With these, you can create encrypted connections between two endpoints over an internet protocol. This implies in turn that you can access files and services just as you would have done if you actually been at home – you are “Virtually@home”. The report shows a solution to the problem of how to be virtually at home in a simple, cost-effective and safe manner by using a proxy server and a VPN. We review how each of the relevant technologies work and why we believe that this solution is an optimal solution to this problem.Med dagens snabba utveckling av teknik och informationsteknologiska system har krav ställts på säkerhet och tillgänglighet hos både företag och privatpersoner. Fler och fler vill ha tillgång till sina privata filer och tjänster även när de inte är hemma. Geografiska begränsningar kan vara ett problem, och har medvetet lagts till på ett flertal nya tjänster på internet. såsom IPTV och andra mediaprodukter. Idag är det varken säkert eller lämpligt att skicka känslig information över publika anslutningar, såsom Internet. På grund av detta har ett flertal lösningar såsom IPsec, SSL/TLS, med flera andra tekniker utvecklas och implementerats. Med hjälp av dessa kan man skapa krypterade anslutningar mellan två ändpunkter genom att använda TCP/IP protokollet. Detta går sedan i sin tur att utnyttja för att komma åt filer och tjänster som man skulle gjort om man faktiskt varit hemma – du är Virtually@home. Rapporten visar hur man skapar en lösning till detta problem på ett enkelt, kostnadseffektivt och säkert sätt med hjälp av en proxy och ett VPN. Vi går igenom hur olika tekniker fungerar och varför vi anser att denna lösning är optimal för vårt syfte.
34
Brusnický, Pavel. "Útoky na bezdrátovou síť". Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2010. http://www.nusl.cz/ntk/nusl-218580.
Testo completoAbstract (sommario):
Objective of this thesis is to point out to almost everywhere present flaw in realization of second level network security access to WiFi networks with using traffic tunneling over DNS protocol. Realization has been accomplished by existing utilities OzymanDNS, DNS2TCP, NSTX, Iodine, Heyoka. Measurements were done on realistic traffic on the network. The effort was to show outline of these implementations. Transfer speeds in some implementations can be marked as applicable thanks to high speeds, which are on the same level as broadband internet. Functionality was tested on WiFi network, where was also compromised PPTP VPN tunnel, its function was to provide security of the communication on wireless network due to absence of first level security mechanisms such as WPA, WPA 2 and so on, with the help of Asleap, which comes out of Cisco LEAP attack. At the end of the work are suggested possible countermeasures for securing network by the topology change of the network infrastructure or by implementing IDS.
35
Xu, Chen, e chen8002004@hotmail com. "Building mobile L2TP/IPsec tunnels". RMIT University. Electrical and Computer Engineering, 2010. http://adt.lib.rmit.edu.au/adt/public/adt-VIT20100329.160455.
Testo completoAbstract (sommario):
Wireless networks introduce a whole range of challenges to the traditional TCP/IP network, especially Virtual Private Network (VPN). Changing IP address is a difficult issue for VPNs in wireless networks because IP addresses are used as one of the identifiers of a VPN connection and the change of IP addresses will break the original connection. The current solution to this problem is to run VPN tunnels over Mobile IP (MIP). However, Mobile IP itself has significant problems in performance and security and that solution is inefficient due to double tunneling. This thesis proposes and implements a new and novel solution on simulators and real devices to solve the mobility problem in a VPN. The new solution adds mobility support to existing L2TP/IPsec (Layer 2 Tunneling Protocol/IP Security) tunnels. The new solution tunnels Layer 2 packets between VPN clients and a VPN server without using Mobile IP, without incurring tunnel-re-establishment at handoff, without losing packets during handoff, achieves better security than current mobility solutions for VPN, and supports fast handoff in IPv4 networks. Experimental results on a VMware simulation showed the handoff time for the VPN tunnel to be 0.08 seconds, much better than the current method which requires a new tunnel establishment at a cost of 1.56 seconds. Experimental results with a real network of computers showed the handoff time for the VPN tunnel to be 4.8 seconds. This delay was mainly caused by getting an IP address from DHCP servers via wireless access points (4.6 seconds). The time for VPN negotiation was only 0.2 seconds. The experimental result proves that the proposed mobility solution greatly reduces the VPN negotiation time but getting an IP address from DHCP servers is a large delay which obstructs the real world application. This problem can be solved by introducing fast DHCP or supplying an IP address from a new wireless access point with a strong signal while the current Internet connection is weak. Currently, there is little work on fast DHCP and this may open a range of new research opportunities.
36
Birgersson, Christoffer. "Site to Cloud lösning i Microsoft Azure". Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-65764.
Testo completoAbstract (sommario):
I dagens samhälle så blir vi allt mer och mer beroende av den teknik vi utvecklar, därför är det av större vikt att vi alltid skall ha tillgång till den information som vi behöver för att kunna göra våra dagliga sysslor. Detta lägger större press på att de system som utvecklas skall fungera felfritt och man skall ha snabba responstider för att allt ska flyta på så bra som möjligt och om det så skulle bli en kritisk systemkrasch så skall inte informationen gå helt förlorad. Därför har det blivit populärt att ändra från att ha personliga servrar till att köra allt mer och mer applikationer och information i det så kallade ”molnet”. Därför är det av allt större intresse att ha koll på några av de större leverantörerna av molntjänster och hur man kan använda dessa för att få en bättre verksamhet. Därför kommer denna rapport att handla om hur ett arbete utförts på TeamNorrs begäran för att göra en jämförelse mellan Microsoft Azure, Google Cloud Platform och Amazon Web Services. Den kommer även gå igenom hur responstiderna ser ut till några av världens datacenter med en utgångspunkt från TeamNorrs huvudkontor i Umeå. Rapporten går även igenom hur man själv kan testa på Microsoft Azure, Google Cloud Platform och Amazon Web Services, och hur man i Microsoft Azure kan göra en så kallad ”Site to Cloud” lösning med en VPN tunnel för att kunna skapa en MSSQL backup i molnet. Sedan diskuteras för och nackdelar med det arbete som utförts, samt vilka förbättringar som skulle kunna vara aktuella i framtiden.In todays society we become more and more dependent on the technology we develop, so it is of greater importance that we always have access to the information we need to do our daily tasks. It is more pressing than ever that the developed systems should work well and that you should have quick response times for everything to flow as smooth as possible and if there would be a critical system crash, the information should not be completely lost. Therefore, it has become more popular to go from, having personal servers to use more and more applications and information in the so-called "cloud". That´s why it is becoming increasingly important to keep track of some of the major cloud service providers and how to use them to archive a better business. This report will be about how a work was done at TeamNorrs request to make a comparison between Microsoft Azure, Google Cloud Platform and Amazon Web Services. It will also review the response times to some of the worlds data centers with a starting point from TeamNorrs headquarters in Umeå. It also describe how you can put up your own environment to test Microsoft Azure, Google Cloud Platform and Amazon Web Services, and how to do a so-called "Site to Cloud" solution with a Virtual Private Network tunnel in Microsoft Azure, where it will also show you how you can create an MSSQL backup in the cloud. Then discusses the pros and cons of the work done and what improvements could be relevant for the future.
37
Loutocký, Tomáš. "Hardwarové kryptografické moduly pro zabezpečení LAN". Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2008. http://www.nusl.cz/ntk/nusl-217282.
Testo completoAbstract (sommario):
The thesis deal with the problems of virtual private network (VPN). The first part of the thesis is focused on the description of the basic terms of computer security which are useful for better understanding the other parts. There is a description of VPN technology and its separation of VPN by various aspects in the second part of the thesis. The next chapter is dedicated to the description of realization of VPN by using IPSec. There is shown how to secure laboratory network by using of the products of the Safenet Company in the practical part of the thesis. There are also stated the modular techniques how to use products in the network in practical part. Some of the modular techniques describe security weaknesses of the products which are possible to exploit in the laboratory network and they also describe the ways how to protect them against misusage.
38
Boava, Adão. "Estrategia de projeto de VPN MPLS com QoS". [s.n.], 2004. http://repositorio.unicamp.br/jspui/handle/REPOSIP/276326.
Testo completoAbstract (sommario):
Orientador: Mauricio Ferreira de MagalhãesDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação
Made available in DSpace on 2018-08-04T00:07:15Z (GMT). No. of bitstreams: 1 Boava_Adao_M.pdf: 1628286 bytes, checksum: ed4b516176dad68cc79e3c264490e71a (MD5) Previous issue date: 2004
Resumo: A garantia de níveis de serviço das Redes Privadas Virtuais (VPNs) depende fundamentalmente da presença de um modelo de projeto que seja função, não somente dos recursos da rede, como também dos serviços de comunicação (fim a fim) das estações e das aplicações. Esse modelo deve ser de fácil atualização e flexível o suficiente para a implantação rápida e eficiente de novas funcionalidades. As tecnologias VPN/MPLS e DiffServ têm sido propostas para o provimento de qualidade de serviço para a próxima geração das VPNs. Esta dissertação apresenta uma estratégia para o projeto de redes VPNs baseada nestas tecnologias. O trabalho proposto utiliza um ambiente de teste desenvolvido para esta dissertação com o objetivo de validar a implementação de VPNs MPLS com DiffServ. Foram realizados três tipos de testes voltados para a geração de dados referentes à conectividade, isolamento e qualidade de serviço. Esses dados permitiram a realização de análises do desempenho das VPNs MPLS. O trabalho apresenta também o desenvolvimento, o uso e implementação do modelo de projeto de VPNs MPLS para várias classes de serviços. O modelo descreve uma estratégia simplificada para dimensionamento das classes de serviços por VPN. De forma geral, é capaz de representar o desenvolvimento de VPNs MPLS para várias classes com qualidade de serviço fim a fim, as quais transportam tráfegos de diversas aplicações: tráfego melhor esforço (best effort), tráfego com prioridades (AFI, AF2, AF3, AF4) e tráfego de voz (EF). Os conceitos relacionados à conectividade e ao isolamento dos roteadores virtuais utilizados nas VPNs MPLS também são abordados neste trabalho. A tendência do mercado de VPNs IP é também apresentada, sendo estas comparadas às VPNs de nível 2 predominantes no mercado e, normalmente, baseadas na tecnologia Frame Relay
Abstract: The guarantee of degrees of VPN service depends largely on the existence of a project model that is a function of network resources, as well as of communication services (end-to-end), stations and applications. This model must be easily updated and flexible enough so that new functions may be added to it when necessary. VPN MPLS and DiffServ are being analyzed for the provision of service quality necessary to the next VPN generation. This work proposes a strategy for the project based on VPNs in these technologies. This work is based on an environment of tests, which was developed to this work and had as its objective to investigate the viability of implementing a VPN/MPLS with DiffServ. Three tests were performed in such environment and provided data referring to the connectivity, isolation and quality of service. This data permitted to analyze some VPN MPLS performance. This work also shows the development, application and implementation of the VPN IP MPLS model in several degrees of services. Such model offers a simplified ethodology of VPN IP MPLS projects. Besides that, it permits to measure the type of services by VPN. In general, this model is able to represent the VPN IP MPLS development to several degrees of services with the quality of end-to-end services, which transport traffic of diverse applications: Data (Best Effort), Data with priority (AFI, AF2, AF3, AF4) and Voice (EF). The ideias about connectivity and isolation of Router Virtuals of VPN IP MPLS are analyzed in this work. The VPN IP market's tendency is also presented, comparing VPN IP to those of level 2, which prevail an market
Mestrado
Mestre em Ciência da Computação
39
Hauzner, Peter. "Doplňkové datové a hlasové služby nad MPLS VPN". Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2009. http://www.nusl.cz/ntk/nusl-222057.
Testo completoAbstract (sommario):
My work deals with integration of complementary multimedia services into virtual private network in the company VÁHOSTAV-SK, a.s. It covers the possibilities of voice transfer and videoconferencing integration into the system.
40
Schreiber, Alexander. "EDV-Paranoia unter Linux". Universitätsbibliothek Chemnitz, 2000. http://nbn-resolving.de/urn:nbn:de:bsz:ch1-200000549.
Testo completo
41
Adigozalov, Niyaz. "The Intelligent Use of Multiple Interfaces". Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2013. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-22689.
Testo completoAbstract (sommario):
Long-Term Evolution (LTE) is the latest development in wide area cellular mobile network technology. In contrast with the earlier generations of circuit-switched mobile networks, LTE is all-IP packet-switched network. Both voice and data are sent inside IP packets. Voice over IP (VoIP) is used to provide voice service to LTE users. The speech frames are encapsulated into real-time protocol (RTP) packets and sent over the network. The underlying UDP and IP layers prepend their headers to this small RTP packet resulting in a relatively high overhead. The small size of the RTP packets containing voice/audio leads to an overhead problem as the protocol overhead is in addition to the large LTE frame overhead, thus wasting network resources. This master?s thesis project proposes to multiplex RTP and data packets at the user?s device as a solution to reduce the overhead. Moreover, the capability of modern user devices to switch between several interfaces (such as LTE and WLAN), is taken into account and the multiplexing of multiple traffic flows or a single traffic flow are studied in the case of a vertical handover. Performance and cost metrics are used to evaluate different potential demultiplexing points, and then the best possible demultiplexing point is identified. The results of this evaluation show that several demultiplexing points can be used based on the operator?s needs. The increased packet payload size increases the energy efficiency of LTE and may avoid the need of the UE to switch to WLAN to save power. In addition, to ensure high quality of service for VoIP traffic, the simultaneous use of multiple interfaces is efficient if the multiplexer is enabled. The multiplexing solution proposed by this thesis is also fully compatible with any virtual private network encapsulation protocol.
42
Corfiati, Matteo. "Valutazione sperimentale di tecnologie per la creazione di VPN in ambito LAN/WAN". Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2012. http://amslaurea.unibo.it/4548/.
Testo completoAbstract (sommario):
Il documento riporta, con prove sperimentali, un confronto tra le prestazioni che diverse tecnologie VPN hanno all'interno dello scenari wired e wireless. Il protocollo di tunneling utilizzato per la creazione delle VPN incide in modo particolare sulle performance della rete. L'obiettivo è proprio quello di valutare il protocollo che fornisce una qualità migliore a livello prestazionale, il tutto tramite un insieme mirato di test.
43
Dotzky, Jesper, e Jon Wiklund. "Extern Web-service-lösning vid SSAB Tunnplåt i Borlänge- för kommunikation med sina distributions lager". Thesis, Högskolan Dalarna, Informatik, 2004. http://urn.kb.se/resolve?urn=urn:nbn:se:du-401.
Testo completoAbstract (sommario):
Detta examensarbete har utförts på SSAB- Tunnplåt i Borlänge under vårterminen 2004 och omfattar 10 veckors arbete.SSAB sköter idag sin kommunikation med distributionslagren via fax, telefon eller e-post. Eftersom detta är ett ganska tidskrävande kommunikationssätt, vill SSAB ha en smidigare och snabbare kommunikationslösning. Den lösning som SSAB vill ha är en extern Web-service-lösning för att upprätta en säker kommunikation med sina distributionslager.Parallellt med byggandet av Web-service-lösningen arbetades en förvaltningsmodell fram. Den beskriver hur förvaltningsorganisationen med dess rutiner kan se ut vid implementering av lösningen.För att skapa en säker förbindelse med Web-servicen skall en webbklient användas som i sin tur anropar en COM+ komponent. Detta för att kunna skicka med certifikatet ifrån webbklienten till webbservern där Web-servicen ligger. COM+ komponenten måste få tillgång till en användarprofil när den kommunicerar med Web-servicen. Detta för att kunna upprätta en SSL-förbindelse i det inledande skedet. SSL-förbindelsen skall läggas i den VPN-tunnel som mVPN tillhandahåller via WSSAL.
44
Wu, Xiao. "SIP on an Overlay Network". Thesis, KTH, Kommunikationssystem, CoS, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91491.
Testo completoAbstract (sommario):
With the development of mobile (specifically: wide area cellular telephony) technology, users’ requirements have changed from the basic voice service based on circuit switch technology to a desire for high speed packet based data transmission services. Voice over IP (VoIP), a packet based service, is gaining increasing attention due to its high performance and low cost. However, VoIP does not work well in every situation. Today Network address translation (NAT) traversal has become the main obstruction for future VoIP deployment. In this thesis we analyze and compare the existing NAT traversal solutions. Following this, we introduce a VoIP over IPSec (VOIPSec) solution (i.e., a VoIP over IPSec virtual private network (VPN) scheme) and an extended VOIPSec solution mechanism. These two solutions were tested and compared to measure their performance in comparison to a version of the same Session Initiation Protocol (SIP) user agent running without IPSec. In the proposed VOIPSec solution, the IPSec VPN tunnel connects each of the SIP clients to a SIP server, thus making all of the potential SIP participants reachable, i.e., solving the NAT traversal problem. All SIP signaling and media traffic for VoIP calls are transmitted through this prior established tunnel. This VPN tunnel provides the desired universal means for VoIP traffic to traverse NAT equipment. Additionally, the IPSec VPN also guarantees the security of VoIP calls at the IP level. In order to improve the security level of media streams for the VOIPSec solution, we deployed and evaluated an extended VOIPSec solution which provides end-to-end protection of the real time media traffic. In this extended VOIPSec solution, we used SRTP instead of RTP to carry the media content. This extended method was shown to provide all of the advantages of VOIPSec and SRTP without any additional delay for the media traffic (as compared to the VoIPSec solution). Note that the solution proposed in this thesis may be of limited practical importance in the future as more NATs become VoIP capable; but the solution is currently essential for facilitating the increasing deployment of VoIP systems in practice. For VoIP calls that do not need end-to-end security, we recommend the use of the VOIPSec solution as a means to solve the NAT traversal problem and to protect traffic at the IP level. When application to application security is not needed we prefer the VOIPSec solution to the extended VOIPSec solution for the following reasons: (1) our test results show that the time for call setup for the extended VOIPSec solution is twice time the time needed for the VOIPSec solution and the extended VOIPSec solution requires the use of user agents that support SRTP. While, the VOIPSec solution does not require a special user agent and all VoIP clients in the market are compatible with this solution. However, when more SIP user agents add support for SRTP, the extended VOIPSec solution will be applicable for users of these SIP user agents.Med utvecklingen av mobil (specifikt: wide area cellulär telefoni)-teknik, har användarnas krav ändras från den grundläggande röst-tjänst som bygger på krets kopplad teknik till att vilja ha hög-hastighets paket baserade dataöverföringstjänster. Voice over IP (VoIP) som vinner allt mer uppmärksamhet på grund av sin höga prestanda och låga kostnader är en paket baserad telefon tjänst. Däremot fungerar VoIP inte bra i alla situationer. Network address translation (NAT) har blivit det största hinder för en framtida användning av VoIP. I denna avhandling analyserar vi och jämför nuvarande NAT lösningar. Efter detta inför vi en VoIP över IPSec (VOIPSec) lösning (dvs. ett VoIP över IPSec Virtual Private Network (VPN) system) och en utvidgad VOIPSec lösnings mekanism. Dessa två lösningar testas och jämfördes för att mäta prestationer i förhållande till en version av samma SIP User Agent som körs utan IPSec. I den föreslagna lösningen VOIPSec ansluter IPSec en VPN-tunnel till varje SIP-klient och SIP-server, vilket gör att alla de potentiella SIP deltagarna kan nås, dvs eventuella NAT problem löses. All SIP-signalering och media trafik för VoIP-samtal överförs via denna etablerade tunnel. Denna VPN-tunnel ger allmänna medel för VoIP-trafik att passera NAT utrustningen. Dessutom ger IPSec VPN också garanterad säkerheten för VoIP-samtal på IP-nivå. För att förbättra skyddsnivån för mediaströmmar med VOIPSec, skapade vi och utvärderade en utsträckt VOIPSec lösning som innehåller end-to-end skydd av realtids media trafik. I denna utökade VOIPSec lösning, använde vi SRTP stället för RTP för att bära medieinnehåll. Denna utvidgade metod visade sig ge alla fördelar VOIPSec och SRTP kunde erbjuda utan ytterligare dröjsmål för media trafiken (jämfört med VoIPSec lösningen). Observera att den lösning som föreslås i denna avhandling kan vara av begränsad praktisk betydelse i framtiden då fler NAT lösningar blir VoIP kapabla, men lösningen är idag nödvändigt för att underlätta den ökande användningen av VoIP-system i praktiken. För VoIP-samtal som inte behöver end to end säkerhet rekommenderar vi användning av VOIPSec lösningen som ett sätt att lösa NAT problem och för att skydda trafiken på IP-nivå. När end to end säkerhet inte behövs föredrar vi VOIPSec lösningen av följande skäl: (1) våra testresultat visar att tiden för samtal inställning för det förlängda VOIPSec lösningen är dubbelt den tid som krävs för VOIPSec lösningen och den utökade VOIPSec lösningen kräver användning av användarprogram som stödjer SRTP. Medan VOIPSec lösningen inte kräver en speciell användar agent och alla VoIP-klienter på marknaden är kompatibla med denna lösning. Men när fler SIP användaragenter får stöd för SRTP, kommer den förlängda VOIPSec lösning tillämpas för användare av dessa SIP användarprogram.
45
Кубрак, М. О. "Система захисту інформаційно-комунікаційних мереж". Thesis, Чернігів, 2021. http://ir.stu.cn.ua/123456789/22643.
Testo completoAbstract (sommario):
Кубрак, М. О. Система захисту інформаційно-комунікаційних мереж : дипломна робота : 125 - Кібербезпека / М. О. Кубрак ; керівник роботи Т. А. Петренко ; НУ "Чернігівська політехніка", кафедра кібербезпеки та математичного моделювання. – Чернігів, 2021. – 75 с.Дана кваліфікаційна робота присвячена вирішенню задачі захисту інфор-мації в інформаційно-комунікаційних системах, шляхом застосування комплек-сних заходів для захисту від можливих кібератак. Метою кваліфікаційної роботи є проведення аналізу безпеки інформацій-но-комунікаційних мереж, виділення методів їх захисту та розробка системи по забезпеченню безпеки ІКМ з використанням досліджуваних методів. Об'єкт дослідження: інформаційна безпека в ІКМ. Предмет дослідження: методи захисту інформації в ІКМ. Методи дослідження: Для розв’язання поставлених завдань використову-вався комплекс методів, які зумовлені об’єктом, предметом, метою та завдан-нями дослідження, до яких входять систематизація та узагальнення, описовий, експериментальний метод, метод узагальнення, статистичний метод, метод ана-лізу і синтезу. Використання цих методів дозволило провести аналіз особливо-стей захисту інформації в ІКМ та розробити систему захисту інформації в ІКМ. Результати та новизна: систематизовано та узагальнено інформацію про захист інформації в ІКМ що міститься в наукових роботах та інших інформа-ційних матеріалах. Досліджені основні принципи функціонування ІКМ. Про-аналізовані проблеми захисту ІКМ, загрози, вразливості та кібератаки на безд-ротові мережі. Систематизовано сучасні методи захисту ІКМ, виділені їх пере-ваги та недоліки. Розроблена система захисту інформації в ІКМ підприємства. Новизна даної розробки полягає в тому, що розроблена система захисту інформації в ІКМ є унікальною і об’єднує в собі основні методи захисту інфор-мації в ІКМ, застосування яких дозволяє підвищити рівень безпеки інформації в ІКМ. Практична цінність даної розробки в тому, що отримані теоретично і практично результати рекомендуються до впровадження в організаціях, що використовують ІКМ для передачі конфіденційної інформації.
46
Ляшенко, Г. Є., e В. В. Шевчук. "Дослідження можливостей міжмережних екранів нового покоління NGFW". Thesis, ФОП Петров В. В, 2021. https://openarchive.nure.ua/handle/document/18677.
Testo completo
47
Luks, Jesper. "Automation för att skapa klientkonfigurationer : för OpenVPN med PiVPN". Thesis, Mittuniversitetet, Institutionen för informationssystem och –teknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-39377.
Testo completoAbstract (sommario):
Våren år 2020 spred sig viruset COVID-19 över hela världen. Detta ledde till att behovet att arbeta hemifrån ökade. Ett verktyg för att utföra sitt arbete hemifrån kan vara en VPN-anslutning. Med VPN-anslutningen är det möjligt att hemifrån ansluta till arbetsplatsens lokala nätverk och komma åt de resurser som finns där. Detta arbete beskriver kortfattat om VPN-teknologin OpenVPN och hur det använder certifikat för autentisering av klient och server. Det har även utvecklats ett skript som skapar klientkonfigurationer. Dessa konfigurationsfiler gör det möjligt att ansluta till en OpenVPN-server. Ett av de verktyg som används för att skapa en konfigurationsfil i detta arbete är PiVPN. PiVPN utvecklas och underhålls av användare på GitHub. Informationen som skriptet använder sig av för att skapa konfigurationsfiler kommer från en CSV-fil. Tester visar att det utvecklade skriptet är snabbare och mer effektivt än nuvarande tillgängliga metoder. Då det valda skriptspråket inte är anpassat för bearbetning av filinnehåll borde det kanske ha varit ett annat.
48
Kiška, Martin. "Technologie MultiProtocol Label Switching v sítích Ethernet". Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2014. http://www.nusl.cz/ntk/nusl-220653.
Testo completoAbstract (sommario):
In the introduction of this thesis the reasons for transition from older to a new technology called MultiProtocol Label Switching are mentioned – the modern technology enables simple network extension. The theoretical part contains basic principles of this techno- logy and their practical application for supplying private networks to the customers using provider’s network. In practical part packets are analyzed considering the theory. In addi- tion. All the technologies tested on a real network. Experience gained while working on this thesis are assessed during creating laboratory task for class Architecture of Networks intended for students of Bachelor’s study programme.
49
Tan, Guan Chye. "A performance analysis of BGP/MPLS VPN failover functionality". Thesis, Monterey, Calif. : Naval Postgraduate School, 2006. http://bosun.nps.edu/uhtbin/hyperion.exe/06Dec%5FTan_Guan.pdf.
Testo completoAbstract (sommario):
Thesis (M.S. in Computer Science)--Naval Postgraduate School, December 2006.Thesis Advisor(s): Geoffrey Xie. "December 2006." Includes bibliographical references (p. 91-93). Also available in print.
50
Peterkin, Raymond. "A reconfigurable hardware architecture for VPN MPLS based services". Thesis, University of Ottawa (Canada), 2006. http://hdl.handle.net/10393/27283.
Testo completoAbstract (sommario):
Internet applications are becoming increasingly resource intensive and perform poorly in the presence of significant congestion. Increased bandwidth cannot provide long-term congestion relief so Internet traffic must be prioritized and efficiently routed. Multiprotocol Label Switching (MPLS) [12] provides the means to process traffic quickly and reserve resources for applications with specific requirements. However, MPLS must provide the same resilience mechanisms as ATM [18] over SONET [46] to become an acceptable alternative for assigning and switching label switched paths (LSPs). This thesis proposes a reconfigurable architecture and a prototype of a hardware processor for MPLS to improve its overall performance. Establishing LSPs and label management are the central tasks of the processor. It is used to describe LSPs and perform packet switching. A significant subset of RSVP-TE is implemented in the processor to provide the necessary mechanisms of a signaling protocol. Functionality is also available for Traffic Engineering (TE) allowing a user to configure the allocation of resources available for MPLS. The processor is designed to interact with software so it can become part of an embedded system. Results and analysis for the processor are provided describing its resource usage and performance. Resource intensive tasks are identified through analysis and determinations are made about the worst case performance improvement compared to software implementations which depend on the number of LSPs considered and network size.