| 基于SNMP的VPN管理 |
| |
| 引用本文: | 曲亚东,韦卫,侯紫峰. 基于SNMP的VPN管理[J]. 计算机工程与应用, 2003, 39(15): 167-170 |
| |
| 作者姓名: | 曲亚东 韦卫 侯紫峰 |
| |
| 作者单位: | 1. 中国科学院计算技术研究所,北京,100080;联想研究院,北京,100085
2. 联想研究院,北京,100085 |
| |
| 摘 要: | 该文在SNMPv3的基础上实现了VPN的远程管理。RFC草案定义的MIB对象并不能很好地解决VPN的管理问题,而且基于SNMPv3的安全模型在重播保护方面也有一定的缺陷。该文实现的设计方案主要就是针对这些不足之处,扩展了相关IPSecMIB草案的对象定义,并改善了SNMPv3的安全模型,以适应添加的MIB对象的要求;另外该文还在保证与原协议兼容的前提下,改进了SNMPv3消息格式的数据结构,以便更好地解决数据包重播问题。最后在Win-dows平台上实现了SNMPv3Manager,与Linux平台下监控VPN网关的Agent协同工作,提供全局VPN设备的状态信息。
|
| 关 键 词: | SNMPv3 管理信息库 重播保护 虚拟私有网 |
| 文章编号: | 1002-8331-(2003)15-0167-04 |
| 修稿时间: | 2002-05-01 |
VPN Management Based on SNMP |
| |
| Qu Yadong , Wei Wei Hou Zifeng. VPN Management Based on SNMP[J]. Computer Engineering and Applications, 2003, 39(15): 167-170 |
| |
| Authors: | Qu Yadong Wei Wei Hou Zifeng |
| |
| Affiliation: | Qu Yadong 1,2 Wei Wei 2 Hou Zifeng 21 |
| |
| Abstract: | As the need for secure electronic transmissions becomes ever more desirable,Virtual Private Networks provide a good and economical solution.But building larger and more complicated VPNs ,people are faced with a chore that grows with the network:effective management.Although IETF has defined some internet drafts for the problems of VPN management ,MIB objects defined by drafts cannot completely solve them,and the security model based on SNMPv3has some deficiencies on replay protection.This paper implements a new solution of VPN remote managements based on SNMPv3.It solves these problems by extending some objects of definition in the draft of IPSec MIBs ,and improving the user -based security model corresponding to these new MIB objects.Then the paper updates data structures of SNMPv3message which are compatible with the old message structure on the user-based security model of SNMPv3.Finally this paper demonstrates this system model:SNMPv3manager entity on Windows platform,and agent entity on Linux platform which runs on VPN gateway. |
| |
| Keywords: | SNMPv3 MIB Replay Protection VPN |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
