• 검색 결과가 없습니다.

Recent Industrial Developments of VPN (Virtual Private Network)

N/A
N/A
Info
다운로드
Protected

Academic year: 2021

Share "Recent Industrial Developments of VPN (Virtual Private Network)"

Copied!
13
0
0

로드 중.... (전체 텍스트 보기)

전체 글

(1)Recent Industrial Developments of VPN (Virtual Private Network)  

(2). S.O. Hwang Y.B. Choi  J.S. Lee 

(3)  K.S. Yoon  M.J. Kim . Internet Service Department

(4) 

(5)  Internet Service Department 

(6) 

(7)  Internet Service Department

(8) 

(9)  Internet Service Department

(10)  

(11)   Internet Service Department

(12)  

(13) . VPN (Virtual Private Network) is an effort to get some of the advantages of public network – cost saving, scalability, flexibility, and efficient network management as well as some advantages of private dedicated network – fast speed and less security threats. We introduce protocols to implement VPN, pros and cons of VPN, and its application areas. We also explain some tasks and classification criteria that should be considered in deploying VPN, available commercial products and recent industrial trends of VPN.. I. Background     

(14)       

(15) 

(16)    

(17)        

(18) 

(19)      

(20)               . 

(21) 

(22)               

(23)  !"           

(24)   #$$%    & '

(25) (.    &'("    )*++   

(26) 

(27)   

(28)  ##+++            

(29)   

(30)  ,.    

(31)   

(32)   

(33)      , .   -  

(34)      

(35)     ,.               

(36)    

(37)   

(38)         

(39)     .       

(40)  /,0

(41)                      

(42)       

(43) . 

(44) /,0

(45)      

(46) .     

(47)                

(48)    1          

(49)     .     2          !

(50)  

(51)   

(52)   . /,0!

(53)  -  /,0 ,!'&     /,0.  /,0 /,0 

(54)        

(55)   /,0 

(56)  

(57)  

(58)  

(59)  /,0.  

(60)   !

(61)  /-   3      /,0!

(62)  /     /,0

(63) . 

(64)  !

(65)  /

(66)  . /,0

(67) 

(68)   

(69)       .

(70)  

(71)  

(72)  

(73)   . !" 

(74) 

(75)  

(76)   

(77)     

(78) $

(79) (.  %  %  &

(80) '. 

(81)  . #  

(82) $

(83). #  

(84) $

(85).   

(86)   

(87)  

(88) 

(89). Fig. 1. Different VPN configuration types..   3  /,0  

(90)  

(91)     !

(92)   / 

(93) 

(94)      2 

(95)   /,0

(96)   . II. Typical VPN Implementations 1      /,0      .  

(97)               /,0      /,0        /,0

(98)    

(99)          

(100)    !     4#"5 •  /,0    

(101)   . 

(102)   

(103)       

(104)   

(105)  ". • (  1

(106)

(107) .  /,0   

(108)          . • '-  /,0   

(109)      .  

(110)   

(111)       . III. VPN and IPSEC        

(112)  .  1

(113) 

(114)  1"

(115)  

(116)   

(117)   

(118) . . 

(119)   -  ,

(120)    .  ,%4    

(121) 

(122)       

(123) ,6 ,%7 ' 4 

(124) '4"       1,!

(125) ,!'&"       -         

(126) 8#$$9, !'& 

(127)      ,%    ,6    ,6 

(128)           

(129)       .

(130) 

(131)   . % 

(132) %  &

(133) '.  ,. 

(134)  . 

(135) $

(136). % 

(137) . 

(138)  . 

(139)    ) 

(140)  *. 

(141)  * )   

(142). 

(143)  * * 

(144). % 

(145)  +*,- 

(146). 

(147)    .

(148)  

(149) *. 

(150)  * )   .  . 

(151)  * * .  . % 

(152)  +* ,- .  . . 

(153) . 

(154) $

(155). Fig. 2. VPN componental architecture using IPSEC..          

(156)  ,!'&  3

(157)   4  -  !:710 !

(158)  7 1  0 " ;#)<  3

(159)     =

(160)  #$$%     ,!'& 

(161)          -   ,!'&  /,0 11>1   1

(162)    > "  11>?

(163)     >  @    4  &        .      

(164)  ,!'& AB    /,0   @ 

(165) #$$%11>

(166)   10C1  0 '-

(167)  " 3

(168)      

(169)    '= '

(170)  

(171)  =  

(172)  "  

(173)      -   .        , /,04 )   

(174)    

(175) 

(176)  /,0  ,!'&    

(177)   # 

(178)        /,0 ) 

(179)       .    /,0  9      /,0 

(180)    6

(181)        

(182)    /,0 

(183)  4  * 

(184)   

(185)  

(186)   

(187)  /,0   

(188)    . 1. Benefits of VPN       -

(189)     /,05. 

(190)  

(191)   

(192)  !

(193)     /,0 

(194)            &,D=,"    

(195)   

(196)        .    4  -  ,!'&            '  ,!'& .      .   

(197)    

(198)     

(199) . 

(200) 

(201)  

(202) 

(203)                 

(204)  

(205)     .                     2  1 

(206)    .   

(207)           

(208)                

(209)      .

(210)  

(211)  

(212)  

(213)   . 

(214) 

(215)    

(216)               .    

(217)          2      

(218)   .  

(219) ! B        /,0      

(220) .  71071 0 "

(221)  

(222)    

(223) 

(224)        /,0      2

(225)    &  .

(226)                   

(227)  

(228)   

(229)              

(230)  

(231)    

(232)    

(233)   

(234)  

(235)  E   

(236) 

(237)      

(238)    .   

(239) 

(240)  

(241)    

(242) 

(243)    

(244)         .    . "#        -  

(245)   

(246) 

(247)               &     

(248)    

(249)   

(250)       

(251)

(252) .  

(253)

(254) . 

(255)   

(256)    .  

(257) 

(258)   

(259)  

(260)            

(261)

(262) .    1        

(263)

(264) .         . 

(265)     . "

(266)  $

(267) !%

(268)  4     

(269)  

(270)      

(271)     F          

(272)    

(273)   4   #+          6* ,/&  ,  / &

(274) " 4  #*+    . ###G* ,/&  7         

(275)  

(276) 

(277)

(278) . ?        . && 

(279)

(280)  1   

(281)  

(282)     

(283)     

(284)                          

(285)             

(286)             

(287) 

(288)    ,  

(289)  ,"

(290)    

(291) 

(292)     . 

(293) . '   1     

(294)

(295) . 

(296)        2                          

(297)

(298) . 

(299)

(300)     

(301)   .  (%   

(302)

(303) . 

(304)      -

(305)        

(306)              

(307)  (  

(308)  

(309)  ;H<     

(310)       

(311)

(312) . 

(313)     .    5        ##6I )+++   

(314)      #*6I  )+++    

(315)       

(316)

(317) .  

(318) .          

(319)       

(320)     3   5 #"

(321)   .

(322)     

(323)

(324) . 

(325)    

(326) 

(327)   

(328)   -    

(329)

(330) .    

(331)    

(332) 

(333) . 

(334)     %)I    

(335)    

(336)   

(337)    .

(338) 

(339)   .   

(340)    

(341)    3 )H  -

(342)  !;$<  J  .  &    !

(343)  /,0 K )" @     

(344)  

(345)  

(346) -  . 

(347)      

(348)

(349) .       .                    

(350)

(351) . 

(352)  . 2. Issues in VPN Development        /,0

(353)  . .     !    !. 

(354)  

(355)       

(356) 

(357)     -        

(358)         

(359) 5.  E 

(360)            L /,0  

(361)     !     

(362)    

(363)   /,0       

(364)  

(365)         

(366)  @                

(367)          

(368)    !          !.     /,0 .   

(369)       &    /,0 

(370)       

(371)    

(372)    -

(373)           /,0 

(374)           

(375) 

(376)  

(377)     

(378)    

(379) ,1@ 4 ( 

(380)   .    

(381)  )* #

(382) ! ) + 

(383) . 

(384) %

(385)  /,0 

(386)        . 

(387) 

(388)  

(389) 

(390)   

(391)    .  

(392) 1       

(393) . 

(394)  

(395)   -  

(396) .   . $

(397) !%

(398)  , 

(399)     ;) 6 *<

(400)        

(401)  

(402)    

(403) .  . 

(404)  !   

(405) 4   

(406) /,0. 

(407)  

(408) 

(409)      

(410)     2   

(411)   

(412)            

(413) 

(414)    "

(415)      

(416)        /,0

(417)     

(418)        . 

(419)      :  

(420)  . 

(421)     

(422)  /,0

(423)     

(424)         

(425)     ;# 9<        3 

(426) 

(427) 4 /,0       M/,0  

(428) N   

(429)          @       

(430)        /,0 

(431)      

(432) 

(433) 

(434)   ,!'&     

(435)      

(436) 

(437)      

(438)         

(439)  /,0   

(440)       

(441)    . "  %

(442)  &  

(443)  

(444) .  

(445)   

(446)    

(447)   

(448) "     

(449)        4  -  =E  (!1 

(450) 

(451)      

(452)     

(453)    

(454)         

(455) 

(456)           

(457)  

(458)   

(459)      E          .   B      

(460)     .

(461)  

(462)  

(463)  

(464)   .   1           

(465) .  /,00     

(466)         

(467)     /,0       

(468)      1        /,0       

(469)       

(470)      -   . 3. VPN Application Fields !   

(471)   /,0

(472)   .    5 • 1  

(473)    

(474)  .      . •   

(475) 

(476)       

(477)     

(478)     . • '

(479)  

(480) 

(481)   

(482)   

(483)  

(484)  

(485)    

(486)  

(487)  

(488)    

(489)    " • O 

(490)         

(491)  

(492)     

(493)   •   

(494)     

(495)  

(496) . • !,!

(497) , "5  

(498) 

(499)   • B  

(500)  • '

(501)  

(502) , . 4. Standard Protocols for VPN Security    

(503) 

(504)  

(505) .   /,0   #.            

(506)     /,0 @

(507)  K  ,,,     7  

(508) 

(509)  

(510)             

(511)    

(512) .  

(513)     O),       ,,,     

(514)  !B&P! . 

(515)

(516) .  

(517)          ,!'&. 0 ,,,   O), 

(518)   

(519)     

(520)        

(521) 

(522)    

(523)  8 #$$G" O),      

(524)     ,!'&    

(525)     ,      -     ,,,             

(526)   ,,,  O),      

(527)  ,   1  ,,, O),     

(528)  

(529)    

(530)  

(531)   ,!'&      1E '!,   D ,,,  O), ,!'& .       

(532)   !1P@,:B  !P, 4    ,!'&   /,0.   ,   

(533)    . 

(534)     

(535)   

(536)            .      ,6 

(537)    

(538)  , 

(539)        .          

(540)      

(541)      - 10C 1  

(542)   

(543)  /,1@,!B&P! .                   !!O       

(544) 

(545)     7    

(546)        

(547)   

(548)     

(549)    !!O    

(550)     

(551) 

(552)        

(553)   

(554)       . 5. VPNs Are Policy Based Networks /,0 

(555)       

(556) . .   -  

(557) 710   

(558)    2  

(559)      

(560) 

(561)    

(562)  

(563)    

(564)       /,0   

(565) >  

(566) .            .

(567) 

(568)   . <Table 1> Standard protocols for VPN security. . 

(569)    .    

(570)    

(571)  

(572) 

(573)      

(574) !" • #.    

(575)  $%  &

(576) &  ' • % 

(577)  

(578)  • (  )       

(579) ! •.     

(580) . •.  *

(581)  '

(582)  '

(583) ) $% • %   

(584) 

(585) + 

(586)  •   !,+-+% ./0 •   &1 

(587)   •   2

(588) 34 

(589)  %!  •   

(590) 

(591)  ) )

(592)    • •.  . ! 

(593)   

(594)  ! 

(595)     .  

(596)  +*

(597)  +5* &

(598) 

(599) ! •   !,+-+#! • 6  &

(600) 

(601) /      

(602)  

(603)  •      • %0%- )2

(604)  

(605) 

(606) ! •   

(607) 

(608)  ) )

(609)    • •. !  ! 

(610)    .  &  /!       

(611) ) )

(612)  •    

(613)    1#(+/ • % &&      ##'+' • /

(614)   

(615) &&        •   & 

(616) )

(617)    • •. /       

(618) .  5.  .%  6   

(619)  

(620)  &7 •  

(621) &

(622)  

(623) &    •. $! #!* # ! *&    . •.  # && 

(624) 

(625)     !,   

(626)  • &       

(627)   • 

(628) 

(629) 

(630)   & 

(631) !, -  • •.  %//!       

(632) 

(633)  • # &   

(634)  )  

(635) 

(636) 

(637) !,0'&

(638)  •  

(639)  

(640)  

(641)  

(642)  • (

(643) 

(644)    &   

(645)  

(646)  •  

(647) &

(648)  

(649) 

(650)   • /9 &    9  $% • •. 8$4  :.      . • •. ! 

(651) 

(652)   %  && 

(653) 

(654)  / 

(655)   

(656) +  

(657) 

(658)     +  

(659) 

(660)    

(661)  

(662) +& 

(663) 

(664)   

(665) .        

(666) 

(667)    .     

(668) "  

(669)  

(670) 

(671)  

(672)  !        1    

(673)  /,0     

(674)   .        );##< . IV. Major Tasks Required to Deploy VPN 1    

(675) 

(676)    

(677)

(678) .  /,0    

(679) 

(680)   .

(681)  

(682)  

(683)  

(684)   . <Table 2> Technologies and standards to Implement VPN policies. $%7;

(685) &      

(686)   $

(687)   

(688) 

(689)  6  $%

(690)  #.   ,%    

(691)    

(692)   #%    

(693)     *9

(694) &

(695) ?

(696) 

(697)   * 

(698) 

(699)    

(700)  

(701) 

(702)

(703)  * 

(704)  

(705)  

(706) 

(707)

(708) . 7 ! 

(709)      

(710) +     

(711) 

(712) + 8 && 0  

(713) 

(714) +  

(715) 

(716) 

(717)  

(718)    &+ 

(719)  

(720) 

(721) 

(722)  )  +'

(723)    

(724) . /+'/+5'/+8/ 8-"4<3+  +7#'0 '#+%'. 

(725) + 

(726)  

(727) +$

(728)  

(729) .    

(730)  

(731) +    

(732) 

(733) + 

(734) 

(735)  9+   

(736)  

(737) . %  # ! 

(738) %#!. 7=>5=. & 

(739) . !#+@. .

(740)  &&. .A+7  . A+ 

(741) &&. '

(742) ) ++*+ ".                      .          /,0       6

(743) .  5   

(744)       

(745)            . 

(746)   . • '-    

(747)     • 1       

(748)  . 

(749)    /,0 

(750)      -  

(751)

(752) .  " • =      ! 

(753) . • !

(754) O1!O1"  • =     

(755)  A   . .

(756)       A  

(757) . • 

(758)    /,0 

(759)  

(760)     -     

(761)  • =    :-      • =           /,0   •.    . • '   

(762)        • !

(763)  

(764)     .  ". &&,  && 

(765) . =    

(766)   

(767)     

(768)

(769) . 

(770)     

(771) . • =    , 

(772)  P  

(773)  ,P". • =   /,0 

(774)  5O),,,, ,!'&!B&P!

(775)  •. 

(776)       . •       

(777)    

(778)  5. (   /,0 

(779)            

(780)   

(781)  .  

(782)    

(783)  • /

(784)   

(785) 

(786)  .      • /,0

(787)    

(788)    • !

(789)      • &

(790)      • (       • &    • & 

(791)  . V. VPN Classification Guide 1/,0          2

(792)  

(793) - 

(794)   .

(795) 

(796)   .        /,0      

(797)        

(798)          

(799)        .   

(800) . 

(801)  

(802)      1- ;##<        .  

(803)       

(804)      /,0

(805)    K      

(806)          /,0 

(807)       2 .

(808)    /,0 

(809) .     *

(810) .    +6"

(811)

(812)         

(813)   

(814)     

(815)       

(816)      

(817)        

(818)   !    

(819)     

(820) /,0

(821) .  . VI. VPN Commercial Products    9

(822)  &!1

(823)  ,!'&  

(824)   4  

(825) 

(826)    3    

(827)               &!1     &   !

(828)  1.

(829)    " ;G<  

(830)    2   

(831)   

(832) .  

(833)  

(834)     

(835) 

(836) 

(837)             

(838)  

(839) 

(840)          

(841) 

(842)  

(843)     &!1 ,     ,!'&, 

(844)  &

(845)      3

(846)                   

(847)          

(848) 

(849)        

(850)  

(851)     

(852)   . VII. Recent VPN Technology Trends    

(853)     /,0 

(854)  .  1 

(855)   . /,0     

(856)    

(857)  

(858)        -

(859) 

(860)  /,0   . .      /,0

(861)   

(862)     .      .     "   

(863)   

(864)       

(865) .    /,0

(866)    

(867)

(868)  

(869)    .    4  

(870) 

(871)     2  

(872)   /,0

(873)      5  @   /,0

(874) 

(875)    

(876)     ,!'&    

(877) =   

(878)   K     

(879)           2  

(880)       1    

(881)       /,0 

(882)    ,!'&         .    /,0      @  

(883)   

(884)   

(885) /,0    

(886)    

(887)     

(888)      

(889)    /,0 

(890)       -      !      

(891)       /,0

(892)               

(893)        

(894) 

(895)  

(896)    

(897)     

(898)    /,0 

(899)      3   @  /,0  

(900)       

(901)     

(902)     

(903)        

(904) . 

(905)    

(906)   

(907)      /!5:: 

(908) "  '  5:: 

(909) " >' &   5::

(910)   

(911) "     5::  

(912) "  &     -

(913) /,0      #"

(914)   

(915)   .

(916)  

(917)  

(918)  

(919)   .  

(920)   .   . 

(921)  

(922)  )"    

(923) . 

(924)   

(925)       .    9"    

(926)    . <Table 3> ICSA-certified IPSEC products (continued on next page). &.  .   &.   $%    

(927) 7  

(928) >"< •    1 / • 8&& 1#8*,  •   %#! • / 

(929) 1'/+5)'/+7 •  

(930) "1*'4+(#= • # 1 )   • $%    

(931) 

(932) 2)=:"< •    1/ • 8&& 1#8*, +8+& / • / 

(933) 17:+#!+'/+5)'/+7#+'(  •  

(934) 1.)'/)*#+*'4+(#)= • # 1 )    

(935) 

(936)  

(937) 

(938)  8 )   •  9 )#.  .# • C

(939)  • '

(940) )) 

(941)  

(942)  

(943)  • / 

(944) 1'/+5'/ •    1/+!+ •    

(945)  ) )

(946)   

(947) ) + 

(948)  ) )6 )  && 

(949) 

(950)  •    1/ • 8&& 1#8*,  • / 

(951) 1'/+5)'/ •  

(952) 1*'4+(#)= • # 1  )       

(953) 

(954)  

(955) 

(956)   8    • !

(957)  

(958)    

(959) 6   

(960)  •    1/ • 8&& 1#8*,  • / 

(961) 1'/+5)'/+#! •  

(962) 1*'4+(#)= • # 1

(963) 

(964)  

(965) 

참조

지금 다운로드하기 ( PDF - 13 페이지 - 244.89 KB )

관련 문서

Supply Chain Management Supply Chain Management

 management of the flow of information, products, and services across management of the flow of information, products, and services across a network of customers,

8. 인터넷 보안연계 키관리 프로토콜 8. 인터넷 보안연계 키관리 프로토콜

l ISAKMP 메시지: 헤더, 보안연계 페이로드, 제안 페이로드(ISAKMP), 트랜스폼 페이로드(오클리 l ISAKMP 메시지: 헤더, 보안연계 페이로드,

제품확산전략

Network Computers Network computer 제조업체 독립된 Java 소프트웨어 Network computer 판매 VS Java 응용기반 Network Network Computers Network computer

5. 공개키 기반구조 5. 공개키 기반구조

q 등록기관: 인증서 신청자의 신원 확인 및 인증서 등록을 대행하는 기관 q 인증기관: 인증서를 발행하는 기관. q 인증기관:

3. 공개키 암호 시스템 3. 공개키 암호 시스템

§ 고속의 처리를 요구하는 IP 보안 프로토콜(IPSec)에 사용 l 암호키 관리: 네트워크에서 소요되는 전체 키의 개수가 많음 l 암호키 분배: 사전에 비밀키가 안전하게

1. 인터넷 프로토콜과 보안 1. 인터넷 프로토콜과 보안

위하여 연결설정(SYN) 요청 à 위조된 IP 주소로 부터 응답(ACK)을 받을 때까지 대기 q 위조된 대량의 연결설정(SYN) 요청 패킷이 수신되면 서버의 대기

Network Security #4

•  A network added between a protected network and an external network, in order to provide an additional layer of security.!. •  허용할 network 접속과 허용하지

Security Clustering Algorithm Based on Integrated Trust Value for Unmanned Aerial Vehicles Network

Based on the initial refined division of the network into clusters by k-means++, nodes of each network cluster can negotiate internally to select the head node of each