Transcript Technology of encrypted tunnels with practical usage

Technology of encrypted
tunnels with practical usage
Ondřej Bureš, Monika Borkovcová, Petra Poulová
University of Hradec Králové
Introduction
• Searching for an effective, functional and cheap solution for ensuring
corporate computer network
• Astaro technology
•
•
Security Gateway (SG)
Remote Ethernet Device (RED)
• Using IPsec AES256 crypting algorythm – NATO standard
Tested setups
• Data traffic
•
•
RED station on L2 layer + router
RED station as gateway on L3 layer
• Voice traffic
•
•
Voice over Vanguard/SoTCP
Voice over IP and H.323
Tests evaluation
• 10 days of testing
•
•
2 days of L2 layer setup
8 days of L3 layer setup
• Voice over IP and H.323 failed to maintain fax functionality
• ICMP responses met expectations
• Tests proved expected profitability of proposed solution
Conclusion
• We managed to find suitable and cost effective solution while maintaining
current technology of voice convergence
• There might be concerns related to security, but such tests were not
involved in this study – no technology nowadays can be claimed as 100%
safe + we can guess safety level based on NATO standards that are met
• Recommendation of upgrading Internet connection