Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networks Research Group Deployment of an IPv6-Enabled Dynamic VPN Infrastructure.

Published byRalf Russell Modified over 8 years ago

Similar presentations

Presentation on theme: "Networks Research Group Deployment of an IPv6-Enabled Dynamic VPN Infrastructure."— Presentation transcript:

1 Networks Research Group Deployment of an IPv6-Enabled Dynamic VPN Infrastructure

2 3 September 2003Networks Research Group Seminar2 Current Work Projects Projects  Past  ANDROID  RADIOACTIVE  Present  6NET  ICB  Future  SEINIT VPN Technologies  Netcelo VPN Manager  ISI - X-Bone  DRDC - DVC  UMU - PBNM  Entrust VPN Connector

3 6NET VPN Infrastructure Deployment “To look at the issues surrounding the provision of IPv6 dynamic VPN technology and deploy an IPv6- Enabled VPN Infrastructure”

4 International Collaboration Board (ICB) “To carry out an experimental deployment of an IPv6-Enabled VPN Infrastructure upon which one can experiment on the sort of policies that coalition networks require”

5 3 September 2003Networks Research Group Seminar5 Netcelo VPN Management Deployed During ANDROID Deployed During ANDROID Single VPN Manager Single VPN Manager Full Mesh Topology Full Mesh Topology Tested with Multicast Conferencing Tested with Multicast Conferencing  Active Networking (Funnelweb)  Transcoding Active Gateway Proprietary System Proprietary System

6 3 September 2003Networks Research Group Seminar6 ISI X-Bone UCL extended X-Bone for IPv6 capability during RADIOACTIVE UCL extended X-Bone for IPv6 capability during RADIOACTIVE Overlay Managers & Resource Daemons Overlay Managers & Resource Daemons Invitation-Based Set-Up Invitation-Based Set-Up Choice Of Topology Choice Of Topology Recursive Overlays Recursive Overlays Demonstrated at DANCE - May 2002 Demonstrated at DANCE - May 2002  3 sites - Star Topology Possibility of sub-optimal topology Possibility of sub-optimal topology

7 3 September 2003Networks Research Group Seminar7 DRDC DVC “Provides secure/authenticated out-of-band channels to establish, monitor and dismantle VPNs” “Provides secure/authenticated out-of-band channels to establish, monitor and dismantle VPNs” Based On Ideas From X-Bone Based On Ideas From X-Bone Coalition-Based Coalition-Based Full Mesh Topology Full Mesh Topology Exchange of Security Policies Exchange of Security Policies

8 3 September 2003Networks Research Group Seminar8 UMU-PKIv6 UMU-PKIv6  CA Provides X.509 Certificate Enrollment And Lifecycle Management for IPv6  Supports LDAPv6, OCSP and SCEP UMU-PBNM UMU-PBNM  Policy Management Tool (PMT)  Policy Decision Point (PDP)  Policy Enforcement Point (PEP)  VPN Enforcement Tool (VPN ETool) UMU-PBNM COPS

9 3 September 2003Networks Research Group Seminar9 Issues No clear globally accepted VPN definition No clear globally accepted VPN definition Scope of a VPN Scope of a VPN Uncertainty in: Uncertainty in:  What is required  How to develop it  The Current status of each of the projects VPN Workshop – July 2003 VPN Workshop – July 2003  Aim to discuss and resolve issues of confusion  Aim to encourage collaboration

10 3 September 2003Networks Research Group Seminar10 Building An Ideal System Each system excels in its particular area of focus Each system excels in its particular area of focus  X-Bone – Overlay Hierarchy, Topology  DVC – Distributed, Localised Control  UMU-PBNM – Security Infrastructure Want the best of all worlds Want the best of all worlds

11 3 September 2003Networks Research Group Seminar11 Ideal System – Existing Features Localisation and Security of DVC Localisation and Security of DVC Distributed Nature of DVC Distributed Nature of DVC Platform Independence of DVC/X-Bone Platform Independence of DVC/X-Bone Hierarchic Nature of X-Bone Hierarchic Nature of X-Bone Topological Flexibility of X-Bone/UMU Topological Flexibility of X-Bone/UMU Policy Management of UMU Policy Management of UMU Security Management of UMU Security Management of UMU

12 3 September 2003Networks Research Group Seminar12 Ideal System – New Features Dynamic Topology Dynamic Topology (Secure?) Routing over VPN (Secure?) Routing over VPN Multicast Capability Multicast Capability QoS Provision QoS Provision

13 3 September 2003Networks Research Group Seminar13 VPN Workshop – Summary X-Bone X-Bone  Expected to be IPv6-Enabled October  Dynamic Overlay Routing  Node Re-visitation  Provides capability for topological definition  Does not allow addition/deletion of nodes to as existing overlay  Combination with other systems looks promising

14 3 September 2003Networks Research Group Seminar14 VPN Workshop – Summary cont. DVC DVC  Good model for flexible use of policies  Agreed to move to IPv6 – target date November  Currently moving toward XML based policy definition  Discussing combination with UMU

15 3 September 2003Networks Research Group Seminar15 VPN Workshop – Summary cont. UMU UMU  Security Management Infrastructure  Policy Management Infrastructure  VPN definition limited to 6WIND

16 3 September 2003Networks Research Group Seminar16 VPN Workshop – Summary cont. Cisco Cisco  Presented various approaches for large scale VPN deployment  Stated IPv6 IPSec solutions not planned before mid-2004

17 3 September 2003Networks Research Group Seminar17 VPN Workshop – Outcome Updated parties on status of projects Updated parties on status of projects Discussions conducted on problems and issues Discussions conducted on problems and issues Consensus reached over issues of confusion Consensus reached over issues of confusion All parties agreed on collaboration All parties agreed on collaboration Plans for hosting a further VPN Workshop during November Plans for hosting a further VPN Workshop during November

18 3 September 2003Networks Research Group Seminar18 Future Work Re-evaluate X-Bone With Enhancements Re-evaluate X-Bone With Enhancements Initial Deployment Potentially X-Bone Initial Deployment Potentially X-Bone VPN Management System VPN Management System  Dynamic Tunnel Establishment & Management  Dynamic Topology (Bootstrapping) Policy Definition Policy Definition  Types of policies

19 Networks Research Group Manish Lad m.lad@cs.ucl.ac.uk Department of Computer Science University College London

Download ppt "Networks Research Group Deployment of an IPv6-Enabled Dynamic VPN Infrastructure."

Similar presentations

Secure Internet Solutions Geoff Huston Chief Scientist, Internet Telstra.

Secure Internet Solutions Geoff Huston Chief Scientist, Internet Telstra.
Technical Services Develop Integrate Operate APNIC technical infrastructure.

Technical Services Develop Integrate Operate APNIC technical infrastructure.
All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.

All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.
Joe Touch USC/ISI July 10, 2003 1 The X-Bone ICB Meeting July 10, 2003 Joe Touch Director, Postel Center for Experimental Networking Computer Networks.

Joe Touch USC/ISI July 10, The X-Bone ICB Meeting July 10, 2003 Joe Touch Director, Postel Center for Experimental Networking Computer Networks.
Identifying MPLS Applications

Identifying MPLS Applications
Lawrence Berkeley National LaboratoryU.S. Department of Energy | Office of Science Network Service Interface (NSI) Inder Monga Co-chair, Network Services.

Lawrence Berkeley National LaboratoryU.S. Department of Energy | Office of Science Network Service Interface (NSI) Inder Monga Co-chair, Network Services.
Deployment of MPLS VPN in Large ISP Networks

Deployment of MPLS VPN in Large ISP Networks
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
L. Alchaal & al. Page 1 2002 Offering a Multicast Delivery Service in a Programmable Secure IP VPN Environment Lina ALCHAAL Netcelo S.A., Echirolles INRIA.

L. Alchaal & al. Page Offering a Multicast Delivery Service in a Programmable Secure IP VPN Environment Lina ALCHAAL Netcelo S.A., Echirolles INRIA.
TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_b Subnetting,Supernetting, CIDR IPv6 Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.

TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_b Subnetting,Supernetting, CIDR IPv6 Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.
IP EDGE DEVICES A solution for the Internet Migration Patrick Cocquet, 6WIND CEO, IPv6 Forum VP www.6wind.com Dubai IPv6 Forum Summit – February 2001.

IP EDGE DEVICES A solution for the Internet Migration Patrick Cocquet, 6WIND CEO, IPv6 Forum VP Dubai IPv6 Forum Summit – February 2001.
Defence R&D Canada R et D pour la défense Canada Dynamic VPN Controller Developed by NRNS Inc. July 2, 2003.

Defence R&D Canada R et D pour la défense Canada Dynamic VPN Controller Developed by NRNS Inc. July 2, 2003.
UCL VPN Update. 6NET “To look at the issues surrounding the provision of IPv6 dynamic VPN technology and deploy an IPv6- Enabled VPN Infrastructure”

UCL VPN Update. 6NET “To look at the issues surrounding the provision of IPv6 dynamic VPN technology and deploy an IPv6- Enabled VPN Infrastructure”
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
The New Face of Enterprise Collaboration Trends, Observations, and Lessons Learned.

The New Face of Enterprise Collaboration Trends, Observations, and Lessons Learned.
Dynamic Routing Scalable Infrastructure Workshop, AfNOG2008.

Dynamic Routing Scalable Infrastructure Workshop, AfNOG2008.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Designing Networks with Route Reflectors.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Designing Networks with Route Reflectors.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
The UMU-PBNM Antonio F. Gomez Skarmeta Gregorio Martínez

The UMU-PBNM Antonio F. Gomez Skarmeta Gregorio Martínez
UCL Overview of VPN Work. 10/11 July 2003VPN Workshop2 Current Work Projects Projects  Past  ANDROID  RADIOACTIVE  Present  6NET  ICB VPN Technologies.

UCL Overview of VPN Work. 10/11 July 2003VPN Workshop2 Current Work Projects Projects  Past  ANDROID  RADIOACTIVE  Present  6NET  ICB VPN Technologies.

Similar presentations

Ads by Google