6月 072012
 

Google首席互联网推广官、TCP/IP合作者Vint Cerf在官方博客解释为什么互联网需要升级到IPv6中文)。 IPv4提供了2^32(约40亿)IP地址,今天的网民有大约25亿,联网设备110亿,IPv4地址空间日益枯竭,超过40亿台设备在共享地址。而 IPv6能提供2^128(约340 兆兆兆个)个地址,足以让每一个人都拥有数十亿个IP地址。

2012年6月 6日,包括Google在内的互联网服务商和设备供应商开始全面启用IPv6。除了推动互联网继续增长外,它还能帮助打击互联网犯罪因为IPv6及IPSEC将废除互联网的匿名性。网络安全专家称,理想的政府、个人和企业应该在互联网上承担同等的责任,“现在我们甚至能看着国家利用网络战武器对付公民和对手。”

6月 022011
 

  虚拟专用网络(VPN)已经成为了公司合作伙伴或员工远程安全访问公司资源的事实标准。在本文中,我们将试图解释两种特定的VPN类型,即IPSec VPN和SSL VPN,以及这两种类型应该如何选择。

  然而,在深入研究这两个不同类型之前,需要首先对VPN技术进行一个简要的概述。VPN是指有利于远程访问公司资源的一系列技术。这种技术的主要用户,是试图在家或者其他公共场所访问公司资源的公司雇员,以及在公司的基础架构内支持各种系统的合作伙伴或第三方。VPN一般通过在远程站点和公司网络之间建立一个加密通道的方式,利用公共长途IP网络来进行数据传输,这些远程站点包括雇员的笔记本电脑或者第三方系统。 Continue reading »

12月 282010
 

by Kaushik Das   

What is IPSec?

IPSec, is a framework of open standards (from IETF) that define policies for secure communication in a network. In addition, these standards also describe how to enforce these policies.

Using IPSec, participating peers (computers or machines) can achieve data confidentiality, data integrity, and data authentication at the network layer (i.e. Layer 3 of the Open Systems Interconnection 7-layer networking model). RFC 2401 specifies the base architecture for IPsec compliant systems.

This RFC says that “the goal of the architecture is to provide various security services for traffic at the IP layer, in both the IPv4 and IPv6 environments.” See also RFC 2402, RFC 2406 and RFC 2407 for more details on IPSec.

The main purpose of IPSec is to provide interoperable, high quality, cryptographically-based security for IPv4 and IPv6. It offers various security services at the IP layer and therefore, offers protection at this (i.e. IP) and higher layers. These security services are, for example, access control, connectionless integrity, data origin authentication, protection against replays (a form of partial sequence integrity), confidentiality (encryption), and limited traffic flow confidentiality. Continue reading »