1 / 8

Dynamic VPN Controller Update

Dynamic VPN Controller Update. Developed by NRNS Inc. November 12, 2003. Modularization of Sub-Systems. The DVC includes the following sub-systems: Firewall IPSec Routing DNS DVC sub-systems have been converted to Perl modules.

tammy
Download Presentation

Dynamic VPN Controller Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dynamic VPN ControllerUpdate Developed by NRNS Inc. November 12, 2003

  2. Modularization of Sub-Systems • The DVC includes the following sub-systems: • Firewall • IPSec • Routing • DNS • DVC sub-systems have been converted to Perl modules. • An interface has been defined for each sub-system to facilitate porting to other platforms.

  3. XML Format Messages • DVC messages exchanged between local DVC processes converted to XML. • The DVC control and status messages converted to XML. • Control messages include proposed security policies by each peer. • Locally defined “expect” policies now assist in validating policies proposed by remote partner. • XML parser implemented as a Perl module with XML::Schema developed by Canon Research Centre Europe Ltd.

  4. XML Based Configuration • DVC configuration file converted to XML. • DVC configuration file includes local and remote security policies for each peer. • DVC is now able to receive configuration updates from the DVC Policy Editor via a secure/authenticated SSL channel. • XML parser implemented as a Perl module with XML::Schema developed by Canon Research Centre Europe Ltd.

  5. DVC Policy Editor • DVC Policy Editor implemented in Java using the Java Architecture for XML Binding (JAXB). • Requires Java 2 SDK version 1.4.1_02 or higher. • Requires Java Web Services Developer Pack (JWSDP) version 1.2. • Tested on Windows XP Professional and Redhat Linux 7.3/8.0.

  6. DVC Policy Editor (continued) • DVC Policy Editor requires that all objects be defined before they can be used within policies. • Defined Objects include: • Services • Local DVC systems • Local Networks • Local Domains and Hosts • Local Servers • Local Services

  7. DVC Policy Editor (continued) • The DVC Policy Editor converts configuration information from its local XML format to the XML format expected by the DVC system. • Pre-defined objects are expanded. • DVC Policy Editor user must possess certificate issued by the local DVC in order to push policy to the DVC. • Policy is pushed using a secure/authenticated SSL channel.

  8. Currrent Work • Porting DVC system to IPv6 including the integration of IPv6 support within the IPSec, Firewall, Routing and DNS subsystems to begin in mid November. • IPv6 port to be completed in January 2004. • Studying the feasibility of providing full key management system (KMS) to DVC with UMU-PKIv6.

More Related