计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (22): 129-131.DOI: 10.3778/j.issn.1002-8331.2008.22.038

• 网络、通信、安全 • 上一篇    下一篇

增强普适性的VPN系统设计与分析

罗 昕,张延园,马巍娜   

  1. 西北工业大学 计算机学院,西安 710072
  • 收稿日期:2007-10-15 修回日期:2008-03-05 出版日期:2008-07-11 发布日期:2008-07-11
  • 通讯作者: 罗 昕

Research of strategies to enhance VPN’s adaptability

LUO Xin,ZHANG Yan-yuan,MA Wei-na   

  1. College of Computer Science,Northwestern Polytechnical University,Xi’an 710072,China
  • Received:2007-10-15 Revised:2008-03-05 Online:2008-07-11 Published:2008-07-11
  • Contact: LUO Xin

摘要: 作为较普及的VPN系统,SSL VPN比IPSec VPN更具有维护成本低、组网灵活、操作简便等特点。因此在比较了传统VPN系统的优缺点之后,对基于SSL VPN的产品OpenVPN进行研究,通过结合Ethernet over SSL、Mail Callback、Relay Sever技术,增强了整个VPN系统的普适性,使得系统能够满足更灵活的环境配置需求,并在客户端配置Client Firewall,以降低由远程登陆用户给企业内部网络带来的安全隐患。最后对改进的系统建立了GSPN模型进行性能分析,通过与实际测试结果的比较,可以看出改进的系统同样具备优秀的性能。

关键词: 虚拟专用网, 客户端防火墙, 邮件回调

Abstract: As two kinds of popular VPN system,the SSL VPN is cheaper and easier to deploy and operate than the IPSec VPN.After compared normal VPN systems,the authors investigate OpenVPN,one product based on SSL VPN,and combine the Ethernet over SSL,Mail Callback,Relay Sever technologies to enhance VPN’s adaptability,and propose the Client Firewall strategy to improve the system security.At last through modeling the system with GSPN model,the experiment,which compared the estimative value with the experimental values,proves that the new structure of VPN system has the same outstanding performance.

Key words: VPN, client firewall, mail callback