Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Using firewalls to realize VPNs in a service provider's IP-network
2003 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

This thesis investigates a possibility of using firewalls to build a Virtual Private Network (VPN) in a Service Providers (SP) backbone. The solution has to fulfil the same basic security requirements as other techniques commonly used to realize VPNs. Providing VPN-services in a SPs backbone using firewalls could imply both economical and technical benefits for a service provider. We evaluated the functionality required in the provider edge (PE) node and based on this we proposed a model. The model ensures confidentiality and integrity for customers by ingress-filtering on address spaces. On the other hand the model requires that the SP has a well- structured address allocation policy. Our firewall based solution was also compared to an IPsec based solution in terms of how confidentiality and integrity is fulfilled. We found that the main difference is that our model must be deployed over an infrastructure where the SP has absolute control regarding address allocation and physical equipment within the backbone. IPsec does not have this kind of requirements and can be deployed on a public infrastructure. Our model could be preferable and cost saving when a VPN is realized within the SP’s backbone only. We implemented our firewall based VPN in a simple system consisting of seven clients and one Network Operation Center (NOC. We showed that there exists alternative solutions to IPsec based VPNs under certain circumstances. The proposed solution can be of interest for a service provider that wants to offer customers the basic security characteristics integrity and confidentiality, and thus a simple VPN within the backbone.

Place, publisher, year, edition, pages
2003.
Keyword [en]
Technology, Firewalls, VPN, Network
Keyword [sv]
Teknik
Identifiers
URN: urn:nbn:se:ltu:diva-53256ISRN: LTU-EX--03/047--SELocal ID: a499fab2-b4a8-4f13-bde1-cf3bbb66bcfdOAI: oai:DiVA.org:ltu-53256DiVA: diva2:1026630
Subject / course
Student thesis, at least 30 credits
Educational program
Computer Science and Engineering, master's level
Examiners
Note
Validerat; 20101217 (root)Available from: 2016-10-04 Created: 2016-10-04Bibliographically approved

Open Access in DiVA

No full text

Search outside of DiVA

GoogleGoogle Scholar

Total: 10 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf