Virtual private networks : strong security at what cost? (2001)
Virtual Private Networks (VPNs) are one of the most important developments in data communications in re-cent years, offering enterprises potentially dramatic cost savings and substantial freedom when implementing a secure Wide-Area Network (WAN). This paper examines the implications of VPN technology, which primarily involves using a shared backbone network to connect geographically dispersed sites, and requires a range of security technologies to provide confidentiality, integrity, authentication and non-repudiation to such a configuration. The various implementation and membership alternatives supported by VPNs, and their most important protocols and configuration options are also discussed. Finally, a practical investigation into the performance of a VPN environment when employing varying levels of security is documented. This investigation was conducted on a simple two-site VPN testbed, with performance measured in terms of throughput and latency for file transfers with the file transfer protocol (FTP) and the hypertext transfer protocol (HTTP). This experiment was conducted for a variety of security levels, ranging from no security to strong cryptography applied to authenticated tunnels between firewalls. It was discovered that security mechanisms can have a large impact on performance, particularly in terms of latency. This indicates that it is important to consider the performance levels a proposed VPN will be required to produce, and what hardware will be required to provide this performance, before any investment or implementation takes place.
ANZSRC Fields of Research08 - Information and Computing Sciences::0803 - Computer Software::080303 - Computer System Security
46 - Information and computing sciences::4606 - Distributed computing and systems software::460609 - Networking and communications
RightsCopyright Chris Rodgers
Showing items related by title, author, creator and subject.
Ashton, Paul James; Penny, J. P. (University of Canterbury, 1991)For users of loosely-coupled distributed systems, questions about "performance" commonly involve interactive performance. The problem of measuring components of interactive response times is approached by representing ...
Parish, T. J. (University of Canterbury, 1986)The SSMP definition was released in July 1985 [SSMP85] making it a very recent contribution to the network protocol landscape. Protocols sponsored by large committees produce a great deal of expectation from implementors ...
Juarez A; Bartneck, Christoph; Feijs L (Virtual Worlds Institute, Inc., 2009)Research on virtual worlds and environments has increased tremendously in the last decade, giving birth to a variety of applications spanning over several areas such as virtual reality, human-computer interaction, psychology ...