remote access vpn

8/3/2019 Remote Access VPN

1/37

REMOTE ACCESS


2/37

Definition

Remote access is the ability to get access to a

computer or a network from a remote

distance.

Ex. Dial-up connection through desktop,

notebook, or handheld computer modem over

regular telephone lines is a common method

of remote access.


3/37


4/37

Journals

1. Enhancing Mobile Business Through a Task-

Oriented Model for Mobile Remote Access

(Khankan and Steele, 2007)

Main Thought: Facilitating a global remote

access to existing enterprise applications.


5/37

The paper proposes an architecture that provides task

oriented access to existing remote applications in order to

provide mobile users with the functionalities they need

anywhere, anytime.


6/37

Textual and Graphical Task User Interfaces


7/37

Recording Phase


8/37

Architecture and Implementation


9/37

Key Benefits

* Improves mobile services but requires

additional device and network capabilities.* Promotes a simplified task-oriented mobile userinterface

* Exposes the functionalities of desktop

applications as independent services.


10/37

2. Distributed Technologies for Remote Access ofHDF Data (Shasharina,Li, Wang, Pundaleeka,Stein)

Main Thought: Describe several approaches toprovide an access to remote HDF data and

compares their performances.

HDF - Hierarchical Data Format

- data format usually obtained fromfusion, and plasma physics, geosciences,astronomy and medical research. (HDF, HDF4,HDF5)


11/37

PROTOTYPE SOLUTIONS

* COBRA System

- implemented using TAO 1.5.2 (C++ clientand server)

- uses HDF5 C language API functions

which extract the specified data set from agiven HDF5 file

* H5WS System

- built using the C WS of Globus

- has methods for retrieving the metadataof a dataset as well as extracting a dataset.


12/37


13/37

Test Results

With LAN, H5WS has too much overhead and is less efficient.

With WAN, H5ws gives the best results and uses the bandwidth

well.

With ESnet, H5WS seemingly looses if a single stream is used for

GridFTP. But is still better than COBRA.


14/37

The study poses the challenges of using the

WS C Core from the Globus Toolkit and

GridFTP as a means for accesseing remote

HDF5 data.

It further recommends extending the service

capability of the said prototype.


15/37

3. Web Based Remote Access Microcontroller

Laboratory (Cimen, Yabanova, Cinar, Nartkaya,

2008)

Main Thought: Presentation of a web based

remote access microcontroller laboratory.

This is basically a laboratory on-line.


16/37

Remote access provides laboratory interface

through the Web such that students can make

the experiments by connecting to theexperiment set which is connected to the

computer that set as the web server.


17/37

Hardware Architecture


18/37

User Interface


19/37


20/37

Conclusion

A possibility for making microcontroller

experiments independent from the time and place

has been obtained for the students.

Thus, increasing the programming skills of the

students in doing remote experiments.


21/37

VPNs

Virtual Private Networks


22/37

Definition

A virtual private network (VPN) is a secure

way of connecting to a private Local Area

Network at a remote location, using the

Internet or any unsecure public network to

transport the network data packets privately,

using encryption.


23/37

The VPN uses authentication to deny access to

unauthorized users, and encryption to prevent

unauthorized users from reading the private

network packets.

The VPN can be used to send any kind of

network traffic securely, including voice, video

or data.


24/37

Journals

1. Design of Survivable Optical Virtual private

Networks (O-VPNs)

Main Thought: Propose two novel ILP models

namely, ILP-I and ILP-II, which aims to

compromise between the capacity efficiency

and computation time without losing the

ability of addressing QoS requirements in

each O-VPN.


25/37

O-VPN = extends enterprises private intranets

across public networks which provides secure

private interconnections essentially throughprivate tunnels supported by WDM

transmission.


26/37

Proposed Schemes

1. ILP-I

2. ILP-II

The ILP-I is designed to optimally allocate the working

and space capacity in each O-VPN such that the total number

of wavelength channels required for the working and

protection paths is minimized.


27/37

With the exponential increase in the

computation time of the ILP-I as the number

of interconnections increase, the ILP-IIprovides a certain solution.

- Dividing an O-VPN into multiple

protection groups


28/37

Results


29/37

The paper proposed two models for survivable O-VPNs; ILP-I and ILP-II.

ILP-I

- considers each O-VPN as protection groups and performs resource allocationaccording to the traffic matrix.

ILP-II

- an O-VPN is broken down into small protection groups where all the working

light paths in a group are mutually link-disjointedly routed.


30/37

2. A New VPN Routing Approach for Large Scale

Networks

Main Thought: This paper shows that BGP is not

appropriate for large scale VPN routing

because it causes some router to keep statefor all routes in the network.

Border Gateway Protocol (BGP) is the protocol backing the core routing decisions on the

Internet.


31/37

Problem Definition

Provider goals and desired properties Isolation is a key word in the VPN service provisioning. The different VPNs

have to be isolated as if they had dedicated links between their different

sites.

A simple provider network model A VPN is composed of a set of sites that need to be interconnected. A VPN

site is identified by one (or more) site identifier(s). The proposed model is

even capable of determining the CoS (class of service).

Basic VPN routing needs By Routing, we mean the set of procedures that allow a source host to

reach a destination host. By definition, distant VPN sites that want to

communicate do not have direct connectivity. Therefore, routing is done

by the VPN provider.


32/37

Proposed Solution

* Two- Step VPN routing

- an End-to-End signaling approach in which weseparate two concerns: the creation of VPN

topology and the advertisement of VPN site

reachability.


33/37

3. Network Programmability for VPN Overlay

Construction and Bandwidth Management

Main Thought: Present an application of a new

programmable architecture to enable on-

demand VPN construction, bandwidthmanagement, and secure autonomous VPN

control onto shared commercial structure.


34/37

Solution

SXD-PNP is a flexible programmable router

architecture that enables on-demand service

deployment. SXD-PNP services modify thehandling of traffic.

SXD-PNP builds on an abstract node model called

the Hardware Base Abstraction (HBA).


35/37


36/37


37/37

Results

A new platform was presented, SXD-PNP, that

allows practical, secured and true partitioning of

network resources on commercial devices.

remote access vpn

Documents