Industry - Misurata Date: 5 / 8 / 2008
Outlines
• Research Objectives
• VPN Overview.
• VPN Classification.
• Choosing Proper VPN solution.
• Performance Evaluation.
• Libyan Industrial Sector ( Case Study)
• Conclusions and Future Work.

Research Objectives

Research Objectives
• Identifying the available VPN protocols and solutions.
• Identifying enterprise’s requirements.
• Proposing the proper VPN logic formulas that are used as a basis
which helps an enterprise to select the proper VPN solution.
• Comparing the Performance of some VPN solutions on windows
server 2003, fedora core 6, and e-Live IP-8000VPN Router VPN
servers.
• Proposing a proper VPN solution for Libyan industrial sector
( LISVPN).

VPN Overview

Internet
Internet
What is VPN?
Tunnel
Acme Corp
Site 1
VPN
VPN
Site 2
VPN can be defined as a way to provide secure communication between
members of a group through use of the public telecommunication
infrastructure (usually the Internet), maintaining privacy through the use
of a tunneling protocol and security procedures. VPN systems provide users
with the illusion of a completely private network.

Tunneling
• Method of using an internetwork infrastructure to transfer data
from one network over another network (encapsulation,
transmission, and decapsulation of packets)
Payload
Tunnel endpoints
Internetwork
Payload
Tunnel
Tunneled payload
Internetwork header

Security of VPN
• Authentication
– Authentication ensures that the data is coming from the
source from which it claims to come.

Security of VPN
• Authentication
• Access Control
– Access control concept relates to the accepting or rejecting of
a particular requester to have access to some service or data
in any given system. It is therefore necessary to define a set of
access rights, privileges, and authorizations, and assign these
to appropriate people within the domain of the system under
analysis.

Security of VPN
• Authentication
• Access Control
• Confidentiality
– Confidentiality ensures the privacy of information by
restricting an unauthorized users from reading data carried
on the public network.

• Authentication
• Access Control
• Confidentiality
• Data Integrity
– Data Integrity verifies that a data has not been altered during
its travel over the public network.
Security of VPN

Benefits of VPN
• Cost
– VPN eliminate the fixed monthly charge of dedicated leased
lines.

• Cost
• Scalability
– As the enterprise grows, full-mesh connectivity might be
required between the different offices. This means that the
number of leased lines, and the total cost associated with
deploying them, increases exponentially.
– VPN that utilizes the Internet avoid this problem by simply
using the infrastructure already available.
Benefits of VPN

• Cost
• Scalability
• Security
– Security is not impaired when using VPN since transmitted
data is either encrypted or, if sent unencrypted, forwarded
through trusted networks.
Benefits of VPN

• Cost
• Scalability
• Security
• Productivity
– In addition to cost savings, VPN increases profits by
improving productivity.
– The improved productivity results from the ability to access
resources from anywhere at anytime.
Benefits of VPN

Architecture of VPN
• Remote Access VPN
– User-to-LAN connection used by
enterprises that have employees
who need to connect to their
private network from various
remote locations (e.g. homes,
hotel rooms, airports).
Internet
Internet
Enterprise main
site
Remote
User

• Intranet Site-to-Site VPN
– LAN-to-LAN connection used to
connect enterprise’s offices over
Internet
Enterprise main
site
Enterprise branch
site
Internet
Internet
Architecture of VPN

• Intranet Site-to-Site VPN
• Extranet Site-to-Site VPN
– LAN-to-LAN connection Provides
business partners, suppliers, and
customers access to certain data.
Enterprise main
Site
Internet
Internet
Partner Site
Supplier Site
Architecture of VPN

VPN Tunneling Protocols

VPN Tunneling Protocols (L2)
• Point to Point Tunneling Protocol (PPTP)
– Developed by microsoft and others (RFC 2637).
– Extension of Point to Point Protocol (PPP).
– Clients are included in all versions of Windows since
Windows 95.
– Servers are included in all windows server products since
Windows NT.
– Clients and servers are supported in Linux.

• Layer Two Tunneling Protocol (L2TP)
– Developed by IETF (RFC 2661).
– Combines best features of L2F and PPTP.
– Commonly used with IPSec -> L2TP/IPSec.
– Clients are included in windows xp, 2000, and 2003.
– Servers are included in windows server 2000 and 2003.
– Clients and servers are supported in Linux.

• Internet Protocol Security (IPSec)
– Framework Developed by IETF (RFCs 2401-2411 and 2451 ).
– IPSec is supported in Windows XP, 2000, 2003 and Vista, in
Linux 2.6 and later.
– Many vendors supply IPSec VPN servers and clients.

• Secure Socket Layer (SSL)
– Higher layer security protocol developed by Netscape.
– Used with HTTP to enable secure Web browsing (HTTPS).
• Supported by most browsers and servers
– SSL can also be used to create a VPN tunnel (OpenVpn).
• Open-source VPN package for Linux and Windows.

• Secure Socket Layer (SSL)
• Multiple Protocol Label Switching (MPLS)
– Evolved from numerous prior technologies such as Cisco’s
“Tag Switching” and IBM’s “ARIS” .
– The idea is that a small label, or stack of labels, is inserted
between the data link and network layer headers to make
efficient routing decisions.
VPN Tunneling Protocols (b/w L2&L3)

VPN Classification

Trusted and Secure VPNs (VPN Consortium)
• Trusted VPNs
– Consist of one or more paths leased from a service provider.
– Usually originate and terminate in the provider’s network.
– The privacy and integrity afforded by trusted VPNs is only that
the service provider assures the customer that no one else is
using the same path
– MPLS is an example of technologies used in trusted VPNs.

• Trusted VPNs.
• Secure VPNs.
– Constructed using encryption and other security mechanisms
(e.g. authentication, data integrity).
– The traffic is encrypted at the network edge or sending
computer, before moving over the Internet, and then decrypted
when it reaches the enterprise network or a receiving computer.
– Creating a secure VPN often includes purchasing, configuring
and maintaining hardware and software.
– Examples of secure VPN technologies are PPTP, L2TP, IPSec
and SSL.

• Trusted VPNs.
• Secure VPNs.
• Hybrid VPNs
– Secure VPNs provide security but no assurance of paths.
– Trusted VPNs provide assurance of properties of paths such as
QoS, but no security from snooping or alteration.
– Because of these strengths and weaknesses, hybrid VPNs have
started to appear.
– Traffic can be encrypted before it is sent through the trusted
VPN.

Web-based and Client-based VPNs
• Web-based VPNs.
– Based on SSL, which is considered to be the standard web-
based VPNs technology today.
– Any computer with a web browser installed on it can, thereby,
be used to connect to the enterprise network after the user has
been authenticated.
– Reduce any cost associated with purchasing, installing, and
maintaining the client software.
– Typically support a limited set of Web applications.

• Web-based VPNs
• Client-based VPNs
– Based on PPTP, L2TP, IPSec and SSL.
– Require a client software to be installed on each host that is
remotely connecting to the enterprise network.
– Allow remote access users to get the seamless access to the
enterprise network from their PCs.
– Require purchasing, installing, and maintaining the client
software.
Web-based and Client-based VPNs

CE-based and PE-based VPNs
• CE-based VPNs.
– All the VPN processing takes place in the CE devices.
– A tunnel is simply created between the CE devices, and the PE
devices can be standard routers and switches.
– CE devices require a high amount of management and
configuration.
– Usually, the equipments on the customer premises need to be
upgraded or purchased.

• CE-based VPNs.
• PE-based VPNs
– All the VPN processing takes place in the PE devices.
– CE devices can be standard routers and switches.
– The VPN management and configuration takes place in the PE
devices.
– there is usually no need to upgrade the equipments on the
customer premises.
CE-based and PE-based VPNs

Outsourced and In-house VPNs
• Many enterprises build their own VPNs and many others
outsource their VPNs to managed VPN providers.
• Outsourcing reduces the skills an enterprise’s security staff must
have and reduces internal security labor costs.
• Enterprises that outsource their VPNs lose control over their VPN
security.
• Outsourced VPNs can cost more than internally built and managed
VPNs. Especially if the number of remote users and branch offices
are increasing (since these solutions often charge per user).

VPN Classification
SSL
IPSec
L2TP
PPTP
MPLS
Web-based
Client-based
Hardware-based
Software-based
Trusted
Secure
PE-based
CE-based
Out-source
In-house
VPN solutions

Performance Evaluation

Performance Metrics
• Throughput
– The rate at which bulk of data transfers can be transmitted from
one host to another over a sufficiently long period of time.

• Throughput
• Round Trip Time (RTT)
– The amount of time it takes one packet to travel from one host
to another and back to the originating host.
Performance Metrics

• Throughput
• Packet delay variation (Jitter)
– The variation of packet delay where delays actually impact the
quality of service.
Performance Metrics

• Throughput
• Packet delay variation (Jitter)
• Packet loss
– The portion of packets transmitted but not received in the
destination compared to the total number or packets
transmitted.
Performance Metrics

Wired Testbed Setup ( Windows server 2003 & Fedora core 6 )

Desktop PC equipped with double 2600 MHz
processor, 512 Mbytes of RAM, and VIA Rhine II
Compatible Fast Ethernet Adapter built-in NIC and
loaded with windows server 2003 and configured to
act as a domain controller server.

Desktop PC equipped with double Genuine Intel 3000
MHz processor, 512 Mbytes of RAM, Broadcom
Extreme Gigabit Ethernet built-in NIC, and VIA VT6105
Rhine III Compatible Fast Ethernet NIC, loaded with
windows server 2003 or FC6, and configured to act as
PPTP, L2TP/IPSec, and SSL VPN servers.

Laptop PC equipped with Genuine Intel 1866 MHz
processor, 512 Mbytes of RAM, Broadcom 440x
10/100 Integrated controller built-in NIC and loaded
with windows xp sp/2 and configured to act as PPTP,
L2TP/IPSec, and SSL VPN clients.

D-Link, 10/100 Fast Ethernet Switch.
.

LINKSYS, wireless-G, AP with SES model WAP54G.

Wired Testbed Setup (e-Live IP-8000VPN Router)
OvisLink, e-Live IP-8000VPN Broadband VPN
Router.

Iperf
client
Throughput/Jitter/Losses
Performance measurement Tools (Iperf)
Iperf
server
Throughput/Jitter/Losses

Hrping
Round Trip Time (RTT)
Performance measurement Tools (Hrping)

TCP throughput (wired testbeds)

Round Trip Time (RTT) (wired testbeds)

UDP Throughput (wired testbeds)

Jitter (wired testbeds)

Packet Loss (wired testbeds)

Wired Testbeds Results
OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
25.20
24.55
10.43
10.14
5.41
5.27
3.63
3.49
Packet loss values in multiple of no VPN value
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
385.98
377.18
28.75
24.89
4.83
4.34
3.19
2.53
Jitter values in multiple of no VPN value
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
4.43 %
6.65 %
13.38 %
14.18 %
49.46 %
51.04 %
66.47 %
68.12 %
UDP throughput values in % of no VPN value
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
3.59
3.48
3.01
2.92
2.86
2.52
2.38
1.98
RTT values in multiple of no VPN value
L2TP/IPSec
on e-Live
PPTP
on e-Live
OpenVPN
on W2K3
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2K3
16.37%
18.27 %
52.59 %
54.07 %
55.23 %
56.49 %
80.78 %
82.37 %
TCP throughput values in % of no VPN value

OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
25.20
24.55
10.43
10.14
5.41
5.27
3.63
3.49
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
385.98
377.18
28.75
24.89
4.83
4.34
3.19
2.53
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
4.43 %
6.65 %
13.38 %
14.18 %
49.46 %
51.04 %
66.47 %
68.12 %
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
3.59
3.48
3.01
2.92
2.86
2.52
2.38
1.98
L2TP/IPSec
on e-Live
PPTP
on e-Live
OpenVPN
on W2K3
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2K3
16.37%
18.27 %
52.59 %
54.07 %
55.23 %
56.49 %
80.78 %
82.37 %
Due to the smallest overhead packets
that have been introduced by PPTP,
PPTP on both windows server 2003 and
fedora core 6 have produced the best
performance values for both TCP and
UDP-based user applications.

OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
25.20
24.55
10.43
10.14
5.41
5.27
3.63
3.49
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
385.98
377.18
28.75
24.89
4.83
4.34
3.19
2.53
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
4.43 %
6.65 %
13.38 %
14.18 %
49.46 %
51.04 %
66.47 %
68.12 %
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
3.59
3.48
3.01
2.92
2.86
2.52
2.38
1.98
L2TP/IPSec
on e-Live
PPTP
on e-Live
OpenVPN
on W2K3
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2K3
16.37%
18.27 %
52.59 %
54.07 %
55.23 %
56.49 %
80.78 %
82.37 %
In order to have strong security,
L2TP/IPSec combines L2TP's
tunnel with IPSec's secure channel
which increases the overhead
packets. So, L2TP/IPSec on both
windows server 2003 and fedora
core 6 has produced a good
performance values for both TCP
and UDP-based user applications .

OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
25.20
24.55
10.43
10.14
5.41
5.27
3.63
3.49
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
385.98
377.18
28.75
24.89
4.83
4.34
3.19
2.53
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
4.43 %
6.65 %
13.38 %
14.18 %
49.46 %
51.04 %
66.47 %
68.12 %
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
3.59
3.48
3.01
2.92
2.86
2.52
2.38
1.98
L2TP/IPSec
on e-Live
PPTP
on e-Live
OpenVPN
on W2K3
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2K3
16.37%
18.27 %
52.59 %
54.07 %
55.23 %
56.49 %
80.78 %
82.37 %
Because OpenVPN was written as
a user space daemon rather than a
kernel module, OpenVPN on both
windows server 2003 and fedora
core 6 have produced a lower
performance values in high traffic
environments .

OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
25.20
24.55
10.43
10.14
5.41
5.27
3.63
3.49
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
385.98
377.18
28.75
24.89
4.83
4.34
3.19
2.53
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
4.43 %
6.65 %
13.38 %
14.18 %
49.46 %
51.04 %
66.47 %
68.12 %
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
3.59
3.48
3.01
2.92
2.86
2.52
2.38
1.98
L2TP/IPSec
on e-Live
PPTP
on e-Live
OpenVPN
on W2K3
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2K3
16.37%
18.27 %
52.59 %
54.07 %
55.23 %
56.49 %
80.78 %
82.37 %
Performance of
windows server
2003 platform are
better than the
performance of
fedora core 6
platform.

OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
25.20
24.55
10.43
10.14
5.41
5.27
3.63
3.49
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
385.98
377.18
28.75
24.89
4.83
4.34
3.19
2.53
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
4.43 %
6.65 %
13.38 %
14.18 %
49.46 %
51.04 %
66.47 %
68.12 %
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2K3
3.59
3.48
3.01
2.92
2.86
2.52
2.38
1.98
L2TP/IPSec
on e-Live
PPTP
on e-Live
OpenVPN
on W2K3
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2K3
16.37%
18.27 %
52.59 %
54.07 %
55.23 %
56.49 %
80.78 %
82.37 %
Due to the design process and the lowest
price of e-Live IP-8000VPN Router (hardware-
based VPN solution), it’s performance values
are less than the performance values of both
windows server 2003 and fedora core 6
(software-based VPN solutions).

Wireless Testbeds Results
OpenVPN
on W2K3
OpenVPN
on FC6
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
5.07
5.02
2.14
2.08
1.57
1.51
1.49
1.43
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
44.91
44.76
4.84
4.39
2.30
2.20
1.70
1.64
OpenVPN
on FC6
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
PPTP
on FC6
PPTP
on W2k3
7.69 %
8.44 %
23.59 %
24.89 %
57.09 %
59.98 %
60.90 %
65.68 %
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
OpenVPN
on
FC6
OpenVPN
on
W2K3
L2TP/IPSec
on W2k3
PPTP
on FC6
PPTP
on W2k3
1.92
1.82
1.73
1.65
1.60
1.50
1.45
1.33
OpenVPN
on W2K3
L2TP/IPSec
on e-Live
PPTP
on e-Live
L2TP/IPSec
on FC6
L2TP/IPSec
on W2K3
OpenVPN
on FC6
PPTP
on FC6
PPTP
on W2k3
53.85 %
59.83 %
63.68 %
65.38 %
68.38 %
70.51 %
78.63 %
83.33 %

Conclusion and Future Work

Conclusions
• There are many different VPN solutions out there, and just deciding which
one to choose can be difficult since they all have advantages and
disadvantages.
• Trusted VPNs usually originate and terminate in a service providers
network (i.e. PE-based VPNs). Trusted VPNs are usually outsourced, offer
any-to-any connectivity, and perform well for applications with high QoS
requirements.
• Secure VPNs are constructed using encryption and other security
mechanisms (e.g. authentication, integrity checking). These VPNs
originate and terminate at the network edge (i.e. CE-based VPNs). Secure
VPNs can be managed internally (in-house VPNs) or outsourced VPNs
(managed VPNs).
• In web-based VPNs, a web browser can be used to originate VPN tunnels.
When connections are established with client-based VPNs, more access to
the network is allowed.
• The proposed VPN logic formulas relies on requirements (access, security,
cost, protocols support, QoS, topology) and VPN solutions (client-based,
web-based, trusted VPN, secure VPN).
• The results of the testbeds have indicate clearly that the performance
values of VPN solutions on windows server 2003 are better than the
performance values of VPN solutions on both fedora core 6 and e-Live IP-
8000VPN Router VPN servers.

Future Work
• The evaluation of the proposed solution on the real
Internet world.
• The performance of software-based VPN solutions on
platforms other than windows server 2003 and fedora
core 6 (such as BSD, Mac, and Solaris) can be
evaluated to select the best platform that will be used
to implement the software-based VPN solutions.
• The performance evaluation of hardware-based VPN
solutions using different hardware VPN products
(such as 3Com, ADTRAN, Cisco, and Juniper) should
be investigated as well.

Thank you for your attention

vpnThesis (proper virtual private network).ppt