Virtual private networks : technologies and solutions
著者
書誌事項
Virtual private networks : technologies and solutions
(Addison-Wesley professional computing series)
Addison-Wesley, 2001
大学図書館所蔵 全1件
  青森
  岩手
  宮城
  秋田
  山形
  福島
  茨城
  栃木
  群馬
  埼玉
  千葉
  東京
  神奈川
  新潟
  富山
  石川
  福井
  山梨
  長野
  岐阜
  静岡
  愛知
  三重
  滋賀
  京都
  大阪
  兵庫
  奈良
  和歌山
  鳥取
  島根
  岡山
  広島
  山口
  徳島
  香川
  愛媛
  高知
  福岡
  佐賀
  長崎
  熊本
  大分
  宮崎
  鹿児島
  沖縄
  韓国
  中国
  タイ
  イギリス
  ドイツ
  スイス
  フランス
  ベルギー
  オランダ
  スウェーデン
  ノルウェー
  アメリカ
注記
Includes bibliographical references (p. 289-302) and index
内容説明・目次
内容説明
VPNs enable any enterprise to utilize the Internet as its own secure private network. In this book, two leading VPN implementers offer a start-to-finish, hands-on guide to constructing and operating secure VPNs. Going far beyond the theory found in most books, Ruixi Yuan and Tim Strayer present best practices for every aspect of VPN deployment, including tunneling, IPsec, authentication, public key infrastructure, and network/service management. Strayer and Yuan begin with a detailed overview of the fundamental concepts and architectures associated with enterprise VPNs, including site-to-site VPNs, remote access VPNs, and extranets. They compare all options for establishing VPN tunnels across the Internet, including PPTP, L2F, and L2TP. Next, they present in-depth coverage of implementing IPsec; establishing two-party or trusted third-party authentication; building a robust public key infrastructure; and managing access control. The book includes expert coverage of VPN gateway configuration, provisioning, and management; Windows and other VPN clients; and network/service management, including SLAs and network operations centers. Finally, the authors preview the future of VPNs, showing how they may be enhanced to provide greater quality of service and network intelligence. For all networking and IT professionals, security specialists, consultants, vendors, and service providers responsible for building or operating VPNs.
目次
Preface.
I. VPN FUNDAMENTALS.
1. Introduction.
Business Communication.
VPN Motivation.
The VPN Market.
VPN Technologies.
VPN Solutions.
2. Basic Concepts.
A Brief History of the Internet.
Network Architecture.
ISO OSI Reference Model.
IP.
Network Topology.
The Need for Security.
Cryptography.
Shared Key Cryptography.
Public Key Cryptography.
Digital Signatures.
Message Authentication Codes.
3. VPN Architectures.
Site-to-Site Intranet VPNs.
Remote Access VPNs.
Extranet VPNs.
A Security Services Taxonomy.
II. VPN TECHNOLOGIES.
4. Tunnels.
Tunneling.
Data Integrity and Confidentiality.
VPN Tunneling Protocols.
PPTP.
L2F.
L2TP.
Ipsec.
MPLS.
5. Ipsec.
Basic IPsec Concepts.
Security Protocols.
Security Associations.
Security Databases.
IPsec and VPNs.
Authentication Header.
Encapsulating Security Payload.
Internet Key Exchange.
Phase 1 Negotiation.
Phase 2 Negotiation.
Key Generation in IKE.
IPsec Implementation.
Inbound Packet Processing.
Outbound Packet Processing.
6. Authentication.
Two-Party Authentication.
PPP Authentication.
RADIUS.
S/KEY and OTP.
Trusted Third-Party Authentication.
Kerberos.
X.509 Public Key Infrastructure.
Pretty Good Privacy Trust Model.
Authentication in VPNs.
Gateway-Gateway Authentication.
Client-Gateway Authentication.
7. Public Key Infrastructure.
PKI Architecture.
Certification.
Validation.
Certificate Revocation.
Trust Models.
Digital Certificate Formats.
X.509 Digital Certificate.
PGP Certificate.
PKCS #6, Extended-Certificate Syntax Standard.
X.509 Attribute Certificate.
Certificate Management System.
Certification Authority.
Registration Authority.
Certificate and CRL Repository.
Certificate Protocols.
Certificate Use in VPNs.
Authentication.
Key Management.
Access Control.
8. Access Control.
Access Control Policy.
Attributes and Conditions.
Access Control Rules.
Access Control Mechanisms.
Access Control Lists.
Capabilities Lists.
Access Control Policy Management.
Distributed Policy Management.
Centralized Policy Management.
Policy Repository.
Access Control in VPNs.
III. VPN SOLUTIONS.
9. VPN Gateways.
VPN Gateway Functions.
Site-to-Site Intranet VPN Functions.
Remote Access VPN Functions.
Extranet VPN Functions.
Forwarding, Routing, and Filtering Functions.
Advanced Functions.
Gateway Configuration and Provisioning.
Gateway Identity Information.
External Device Information.
Security Policy Information.
Gateway Management.
Configuration Management.
Network Monitoring.
Accounting Information.
Gateway Certification.
Interaction with Firewalls.
VPN Gateway and Firewall in Parallel.
VPN Gateway and Firewall in Series.
Hybrid Configurations.
VPN Design Issues.
A VPN Solution Scenario.
10. VPN Clients.
VPN Client Functions.
Operating System Issues.
Microsoft Windows.
Other Operating Systems.
Operational Issues.
Working with the Corporate Firewall.
Working with Network Address Translation.
Fragmentation and MTU Issues.
Private and Public Domain Name Servers.
WINS Server Issues.
VPN Clients for Windows.
Layer 2 Clients.
IPsec Clients.
L2TP/IPsec Combination Clients.
VPN Client Software Installation.
VPN Clients for Other Platforms.
Layer 2 Implementations.
IPsec Implementations.
Alternative VPN Clients.
SSH as VPN Client.
SOCKS and SSL as VPN Client.
User-Level Daemon.
A Remote Access VPN Scenario.
11. VPN Network and Service Management.
Network Management Standards.
Network Management Architecture.
Network Management Station.
Managed Nodes.
Network Management Protocol.
Management Information.
Probes.
6 Other Means of Management.
SNMP.
VPN Management.
Managing Tunnels.
VPN Management in a Service Provider Environment.
Secure Management Tunnel in VPN.
Out-of-Band Access for Management.
Service Management.
Service Level Agreement.
Network Operations Center.
Customer Portal.
International Issues.
12. VPN Directions: Beyond Connectivity.
Evolutions in Network Infrastructure.
Evolutions in VPNs.
Internetworking Beyond Connectivity.
Network Security.
Quality of Service.
Intelligence in the Network.
Acronyms.
References.
Index. 0201702096T04262001
「Nielsen BookData」 より