| VPN(virtual private network),a technology to provide security tunnels by special hardware and software, people can construct a virtual private network through public network such as Internet. VPN is an efficient way to solve end-to-end security problem in network and is widely used in network security.Along with the VPN service's expansion,it is inevitable to deploy more and more VPN equipments and how to manager and deploy them become network administrator's top priority. Policy-based Network Management seperate management and enforcement through policy mechanism.Policy is a collection of a set of rules.How to apply Policy-based Management mechanism in VPN management is the core content of this paper.Administrator is responsible for the definition and storage of policy. Then Gateway download policy from policy database and automatically carry out pre-setting tasks according to those policy.Gateway also dynamically update local policy to policy database. Policy in system's generation, distribution, storage and implementation were designed while policy's update process was explanated.Consistency of policy is guaranteed through global database and policy collision detection.Network will be divided into different secure domain,which makes level-to-level administration.Through encryption, authentication, windows and other technical, policy transmission's security and stability between system is ensured!it was implementated in communication module. And how to design the data and database will influent the efficiency of the system, this were analyzed in data module.Finally, throuth experiment system's feasibility and reliability is verified,and the results also indicate that the system has significant improvements for saving management and deploy cost.The system also display a very good effect in function test and performance test. |
PDF Full Text Request