Distributed Automatic Configuration of Complex IPsec-Infrastructures
Journal of Network and Systems Management
A survey on automatic configuration of virtual private networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
IPsec, the standard suite of protocols to provide security in IP networks, and IKE, the commonly sed key management protocol for IPsec, do not address the more general problem of how security policies should be distributedto IPsec nodes. Recent IETFwork in the area of networksecurity provides a definition of the basic requirements ofan IP Security Policy System (IPSP) and a proposal of aSecurity Policy Protocol (SPP) to exchange security policies. IPSP recommends that traditional mechanisms for distributing network management information (SNMP, COPS)should also be taken into consideration. The first objectiveof this paper is to evaluate the suitability of existing networkmanagement mechanisms to achieve the goals of IPSP. Subsequently, the paper describes and discusses an approachfollowed in the implementation of an IPSP system, with emphasis on the implementation of SPP.