網際網路蓬勃發展之後,原先以專線構成的企業網路其經濟性面臨巨大的衝擊,近幾年興起架構在網際網路上虛擬私人網路(Virtual Private Network)的風潮,相關技術、規範不斷被提出,網路業者陸續推出VPN的各種解決方案,企業組織也想透過引進適當的VPN解決方案,以解決企業網路運作的成本。 本研究除了探討回顧現有的VPN應用技術,進一步歸納分析建置VPN的五種構面,如資料的安全完整、存取控制、擴充相容、效能品質、維護管理等。並將現有企業依規模劃分為五種不同的類型,以及各類型可能引用的VPN技術機制,從最基本的通道、加密、認證、憑證管理等技術的引用,以及RADIUS、LDAP等存取控制機制的應用,以及服務品質QoS技術MPLS、RSVP、CoS等等的應用。本研究以一簡單的評估模式來評估不同類型公司所引用的不同技術機制與其相關構面間的關係。以了解現有的應用技術對於建構VPN網路的影響。 最後以國內、外的網路業者為例,探討它們的VPN服務,並歸納分析其構面的實現機制,並提出建構VPN網路的建議。 After the rapid development of the Internet, the enterprise network that was originally build upon dedicated line(s) has been facing great impacts due to its cost efficiency inadequacy. In recent years, setting up VPNs (Virtual Private Networks) on top of the Internet has become a popular trend. Its related specifications and technologies are constantly being introduced. ISPs (Internet Service Providers) are rolling out all kinds of VPN solutions, and enterprises also want to lower the cost of operating a enterprise-level network by the means of introducing VPN solutions into their systems. This research project will focus on the discussion and reviewing of the currently available VPN application technologies, further analyze and conclude the five layouts regarding the establishment of VPNs such as 1. Data Integrity & Safety 2. Data Access & Control 3. Data Compatibility & Expansion 4. Data Efficiency & Quality 5. Data maintenance & Management. Then divide into five different kinds of categories according to the size of the current enterprise, and the possible VPN technology used in each category. From the used of the most basic technologies such as tunneling, encrypting, authenticating, certificate management, the application of access control mechanism like RADIUS and LDAP; as well as the application of service quality QoS technology, MPLS, RSVP, CoS, etc. This research project will use a simple evaluation module to evaluate the relationship between the different technology mechanisms used by different kinds of companies with its relative layouts, to understand the impact of application technologies on constructing VPNs. Finally we will use the example of several ISPs from domestic and aboard, discuss their VPN services; to analyze and conclude application mechanism of their layouts, and bring forward some suggestions on constructing VPNs.
