haku: @instructor Beijar, Nicklas / yhteensä: 30
viite: 8 / 30
Tekijä: | Pahlevan, Maryam |
Työn nimi: | Signaling and Policy Enforcement for Co-operative Firewalls |
Julkaisutyyppi: | Diplomityö |
Julkaisuvuosi: | 2013 |
Sivut: | xii + 105 s. + liitt. 14 Kieli: eng |
Koulu/Laitos/Osasto: | Tietoliikenne- ja tietoverkkotekniikan laitos |
Oppiaine: | Tietoverkkotekniikka (S3029) |
Valvoja: | Kantola, Raimo |
Ohjaaja: | Beijar, Nicklas |
Elektroninen julkaisu: | http://urn.fi/URN:NBN:fi:aalto-201305216411 |
OEVS: | Sähköinen arkistokappale on luettavissa Aalto Thesis Databasen kautta.
Ohje Digitaalisten opinnäytteiden lukeminen Aalto-yliopiston Harald Herlin -oppimiskeskuksen suljetussa verkossaOppimiskeskuksen suljetussa verkossa voi lukea sellaisia digitaalisia ja digitoituja opinnäytteitä, joille ei ole saatu julkaisulupaa avoimessa verkossa. Oppimiskeskuksen yhteystiedot ja aukioloajat: https://learningcentre.aalto.fi/fi/harald-herlin-oppimiskeskus/ Opinnäytteitä voi lukea Oppimiskeskuksen asiakaskoneilla, joita löytyy kaikista kerroksista.
Kirjautuminen asiakaskoneille
Opinnäytteen avaaminen
Opinnäytteen lukeminen
Opinnäytteen tulostus
|
Sijainti: | P1 Ark Aalto 1237 | Arkisto |
Avainsanat: | CES NAT NAT traversal CETP tunneling address exhaustion firewall |
Tiivistelmä (eng): | The Internet environment has been changing dramatically during the recent years. Plenty of new requirements and problems such as the IPv4 address shortage, traversing middle boxes and mobility that cannot be solved with the current Internet architecture have emerged. Among those problems, the IPv4 address exhaustion is recognized as one of the key challenges in the original Internet design. The reason is the unprecedented growth in the number of user devices and regular network nodes which are addressed with IPv4 locators.Several solutions including Network Address Translator (NAT) and IPv6 (a new version of IP) have been proposed to alleviate the scalability problem. NAT postpones the depletion of the IP address space by reusing the IPv4 address space and isolating customer networks from the public network; it makes hosts in the private address space unreachable from the public Internet. To be exact, a NAT, like a strict firewall, filters out all inbound data flows while outbound traffic from private hosts can go through it. The proposed NAT traversal techniques by IETF have many disadvantages. The Customer Edge Switching aims to replace NAT with a new device called co-operative firewall and eliminate the problems of existing NAT traversal solutions. A CES device provides global connectivity over the Internet using different types of identifiers, global unique domain names and private addresses.In this thesis, Customer Edge Traversal Protocol (CETP) is introduced as an edge-to-edge protocol and prototyped so as to tunnel data and control information while transporting the source and destination IDs from one customer network to another. This work also includes the policy management of co-operative firewalls. The testing results assure the suitability of CETP for inter-CES communication and edge-to-edge signaling. |
ED: | 2013-05-21 |
INSSI tietueen numero: 46744
+ lisää koriin
INSSI