Global ETD Search

31	Omdesign av Intranät : vid Svenska Kyrkan i Norrköping Persson, Erik January 2017 (has links) Svenska Kyrkan i Norrköping upplever idag att de har ett virtuellt intranät som skulle kunna fungera bättre. Problematiken tycker de ligger i underliga trafikflöden, utarmning av IP-adresser och hög komplexitet. Därtill undrar de om det inte är hög tid att höja bandbredden ut från flera av byggnaderna. Min målsättning med arbetet är att utifrån de största församlingarna samt Kyrkans Hus – där organisationens IT-kontor och serverfarm är belägna – kunna ge rekommendationer på åtgärder och förändringar som ska kunna avhjälpa denna problematik och förhoppningsvis framtidssäkra några av dessa aspekter. Under mitt arbete har jag tagit ut rudimentära baselinemätningar, IP-adresseringstabeller och sammanställningar av trafikflöden i syfte att skapa en nulägesanalys. Jag har också ämnat illustrera den problematik som låg till grund för arbetets utformning. I min rapport har jag också behandlat moderna IT-trender såsom tunna klienter, virtualiseringsmiljöer och BYOD, Bring Your Own Device. Detta arbete har resulterat i ett generellt designförslag med redundanslänkar, gästnätverk och stöd för Ipv6 med olika alternativ inom samtliga aspekter, vilka kan användas för att skräddarsy implementeringen av de olika teknologierna. För en mer allomfattande, grundlig och slutgiltig design av intranätet som helhet skulle en mer omfattande dokumentation behövas, tillsammans med uppskattning av nätverksanvändning, IP-adressering samt budgetering. / The Church of Sweden in Norrköping are currently faced with a virtual intranet that they feel could be improved. Some of the problems they have identified are unusual traffic forwardin patterns, exhaustion of the IP adress pool and a high level of complexity. In addition, they feel that it might be time to increase the bandwidth that some of the buildings have access to. My goal with this paper – based on the largest parishes and Kyrkan Hus, where the organization’s IT office and server farm lies – is to give recommendations in terms of actions and changes that could mitigate these issues and hopefully provide a more future proof solution. During my work I have taken some rudimentary baseline readings, IP addressing tables and compilations of network flows, in order to create a current situation analysis, which I have used to draw some of my conclusions. I have also aimed to illustrate the problems that have formed the foundation for this work. In my report I have also discussed some modern IT trends, such as thin clients, virtual environments and BYOD, Bring Your Own Device. This assignment has resulted in a general design proposal with redundant links, guest networks and Ipv6 support, with different alternatives withing each aspect, which can be used to further tailor the implementations of the different technologies. For a more all encompassing, thorough design of the intranet as a whole we’d need a more complete documentation, together with approximations and evaluations regarding network usage, IP addressing and budget. Intranet redundancy virtualization vpn byod ipv6 Intranät redundans virtualisering vpn byod ipv6 Computer Engineering Datorteknik
32	Qualitative analysis about the experience of VPN from people with software expertise in Sweden Gerdtsson, Markus, Nielsen, Erik January 2022 (has links) VPN is primarily used to encrypt your network traffic and identity online securely from a private location. This can be used as a safety measure to prevent theft of personal data. It also allows its user to change the geolocation to wherever they want which unlocks the possibility to use another country's services. Related work has shown that there are also downsides to using VPN services. Some VPN solutions do have security problems that its user could be unaware of. This study explored the experience and beliefs surrounding the usage of VPN while browsing the internet from people with software expertise. Interviews were conducted with people in different areas surrounding usage of VPN services to get a deeper understanding of why VPN is used and to what extent they believe VPN is providing anonymity and security of their data. The findings from this study is that the main reason to use a VPN is to access unavailable services. These services can vary from content online that is not available in the region from where you access the internet to services that are work related and locked to specific networks. Another finding was also that among these people the belief that the use of a VPN was enough to make a user anonymous by itself is controversial. VPN Virtual Private Network VPN Virtuellt privat nätverk Computer Systems Datorsystem
33	IPv6-adresshantering och prefixdelegering i MPLS VPN-nät / IPv6 adress management and prefix delegation in MPLS VPN network Dahlberg, Axel, Francén, Jonas January 2013 (has links) För full migrering till IPv6 behöver utbudet av datakommuniktionsstjänster anpassas för den nyagenerationens IP-protokoll med bevarad eller utökad funktionalitet. Detta examensarbetes mål äratt ta fram en eller flera lösningar som möter krav och tekniska förutsättningar för att utöka företagetDGC:s tjänst IP-VPN för IPv6. Detta innefattar adresstilldelningstekniker som prefixdelegeringoch automatisk adresskonfigurering i befintlig nätinfrastruktur.Lösningarna presenteras i sex framtagna scenarier som har undersökts utifrån tester, analys ocherfarna problem som uppstått. Undersökningen formade kriterierna skalbarhet, konfigurationenskomplexitet, kompatibilitet, RFC-stöd och krav från DGC som tas hänsyn till i utvärderingen avden bäst lämpade lösningen.Utvärderingen har gett ett resultat i form av ett rekommenderat scenario som är implementerbartenligt uppsatta mål.Tekniker som skulle kunna påverka valet av bäst lämpade lösning, men som inte är tillgängliga,diskuteras och presenteras för att poängtera vad som kan behövas tas i beaktande för framtiden. / Full migration to IPv6 brings the need to adjust datacommunication services for the new generationof IP protocols with maintained or expanded functionality. This thesis’ goals is to submitone or more solutions that meets requirements and the technical conditions that enables thecompany DGC:s to expand the service IP-VPN for IPv6. This includes address assignmenttechniques like prefix delegation and automatic address configuration in existing network infrastructure.Solutions are presented in six scenarios that have been investigated considering tests, analysis andexperienced problems. The investigation formed the criteria scalability, configuration complexity,compatibility, support by RFC:s and requirements stated by DGC that adds to the evaluationof the most suitable solution.The evaluation has resulted in a recommended scenario that is implementable according to givengoals.Techniques that may influence the choice of most suitable solution, but that is not yet available,are discussed and presented to point out what may needed to be considered in the future. DHCPv6 MPLS prefixdelegation IPv6 address management IPv6 IP MPLS-VPN VPN Communication Systems Kommunikationssystem Telecommunications Telekommunikation
34	Creating Digital Twin Distributed Networks Using Switches With Programmable Data Plane / Skapande av digitala tvillingar till distribuerade nätverk genom användning av switchar med programmerbart dataplan Larsson, Rasmus January 2021 (has links) The domain specific language P4 is a novel initiative which extends the Software-Defined Networking (SDN) paradigm by allowing for data plane programmability. Network virtualisation is a class of network technologies which can be used to abstract the addressing in a network, allowing multiple tenants to utilise the network resources while being agnostic to the underlying network and the other tenants. In other words, twins of tenants using the same addresses can co-exist on the same underlying network. If a twin is a distributed network, it may even be spread out across multiple sites which are connected to a common backbone. In this study, network virtualisation using P4 is evaluated with emphasis on scalability in terms of number of twins and sites. A set of potential network virtualisation technologies are identified and categorised. Based on this categorisation, two variations of network virtualisation are implemented on the P4 capable software switch BMv2 and the performance of both variations are evaluated against the non-P4 solution Linux bridge. Linux bridge was found to yield 451 times more useful bandwidth than the best performing P4 implementation on BMv2, while also learning MAC addresses faster and generating less traffic on the backbone. It is concluded that the performance of network virtualisation implemented and running on BMv2 is worse compared to the non-P4 solution Linux bridge. P4 Programmable switches SDN Network Virtualisation Ethernet VPN VPN BMv2 Communication Systems Kommunikationssystem Computer Systems Datorsystem
35	Multipath transport for virtual private networks Lukaszewski, Daniel 03 1900 (has links) Approved for public release; distribution is unlimited / Virtual Private Networks (VPNs) are designed to use the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) to establish secure communication tunnels over public Internet. Multipath TCP (MPTCP) extends TCP to allow data to be delivered over multiple network paths simultaneously. This thesis first builds a testbed and investigates the potential of using MPTCP tunnels to increase the goodput of VPN communications and support seamless mobility. Based on the empirical results and an analysis of the MPTCP design in Linux kernels, we further introduce a full-multipath kernel, implementing a basic Multipath UDP (MPUDP) protocol into an existing Linux MPTCP kernel.We demonstrate the MPUDP protocol provides performance improvements over single path UDP tunnels and in some cases MPTCP tunnels. The MPUDP kernel should be further developed to include more efficient scheduling algorithms and path managers to allow better performance and mobility benefits seen with MPTCP. / Outstanding Thesis / Lieutenant, United States Navy MPTCP multipath TCP MPUDP multipath UDP VPN OpenVPN mobility
36	Extern Web-service-lösning vid SSAB Tunnplåt i Borlänge- för kommunikation med sina distributions lager Dotzky, Jesper, Wiklund, Jon January 2004 (has links) Detta examensarbete har utförts på SSAB- Tunnplåt i Borlänge under vårterminen 2004 och omfattar 10 veckors arbete.SSAB sköter idag sin kommunikation med distributionslagren via fax, telefon eller e-post. Eftersom detta är ett ganska tidskrävande kommunikationssätt, vill SSAB ha en smidigare och snabbare kommunikationslösning. Den lösning som SSAB vill ha är en extern Web-service-lösning för att upprätta en säker kommunikation med sina distributionslager.Parallellt med byggandet av Web-service-lösningen arbetades en förvaltningsmodell fram. Den beskriver hur förvaltningsorganisationen med dess rutiner kan se ut vid implementering av lösningen.För att skapa en säker förbindelse med Web-servicen skall en webbklient användas som i sin tur anropar en COM+ komponent. Detta för att kunna skicka med certifikatet ifrån webbklienten till webbservern där Web-servicen ligger. COM+ komponenten måste få tillgång till en användarprofil när den kommunicerar med Web-servicen. Detta för att kunna upprätta en SSL-förbindelse i det inledande skedet. SSL-förbindelsen skall läggas i den VPN-tunnel som mVPN tillhandahåller via WSSAL. Web service SSL VPN Client certificate COM+ Förvaltning
37	Návrh IT architektury firmy / company IT architecture design Drozd, Martin January 2016 (has links) This diploma thesis deals with the design of the new IT architecture of small businesses. The aim of this work is to propose the new network structure, hardware, software and to compare the different solutions. It also contains the proposal of bussines processes which use the Information System of the company. Finally, the work considers the possibility of using the CMS and proposes the design of web presentation. In the first part, the basic concepts are defined. They are important for processing the practical part of the work. The second part describes the practical proposal of the new IT architecture based on the theoretical data from the first part.
38	Algoritmos para aprovisionamento de Redes Privadas Virtuais baseadas em QoS usando o modelo Hose Mariz Timóteo de Sousa, Denio January 2004 (has links) Made available in DSpace on 2014-06-12T15:52:46Z (GMT). No. of bitstreams: 2 arquivo4713_1.pdf: 4490241 bytes, checksum: 43c09e5e8bf876499ee8c3ff91a473bf (MD5) license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2004 / Uma Rede Privada Virtual, ou Virtual Private Network (VPN) é uma rede privada construída sobre uma infra-estrutura de rede pública, tal como a Internet, que emula uma WAN com grande economia de custos. Por usarem conceitos e tecnologias de tunelamento, criptografia e autenticação, as VPNs eram tradicionalmente implantadas como solução de conectividade para redes em que os requisitos de segurança são elevados. Atualmente, as VPNs são também alvo de clientes que buscam redes dimensionadas sob demanda para as necessidades de Qualidade de Serviço (QoS) das suas aplicações. Do ponto de vista dos provedores de serviços de comunicação, a oferta do serviço de VPN é um negócio atraente porque além de rentável por si só, impulsiona a venda de outros serviços de alto valor agregado, tais como consultoria, suporte, gerenciamento de segurança e outros serviços avançados. Neste trabalho, consideramos o problema de aprovisionar a VPN, ou seja, encontrar uma rota que conecte os pontos terminais da VPN, alocando nos enlaces utilizados uma de largura de banda suficiente para o tráfego entre os pontos terminais de maneira que os requisitos de QoS solicitados sejam atendidos e que a soma das larguras de banda alocadas nos enlaces seja a menor possível. O aprovisionamento de VPNs para atendimento de contratos de nível de serviço (Service Level Agreements - SLAs) que envolvam requisitos de QoS, entretanto, é um problema NPcompleto. Para encontrar soluções viáveis, analisamos algoritmos baseados em heurísticas já utilizadas em outras áreas de conhecimento, com as devidas adaptações para lidar com VPNs e com as restrições de QoS impostas. Propomos e avaliamos também novas heurísticas para o problema. Além disso, baseados no modelo teórico conhecido como Hose, propomos e avaliamos o modelo Hose Seletivo, que permite a especificação de VPNs com requisitos adicionais de QoS e demandas diferenciadas de tráfego entre os pontos. Para dar suporte à análise dos algoritmos e do modelo Hose Seletivo, duas ferramentas são desenvolvidas: uma Linguagem de Descrição de VPNs (VPN-DL) e uma ferramenta com interface gráfica (VPNViewer) que computa as rotas e o custo das VPNs usando os algoritmos selecionados. Usando essas ferramentas, comparamos os algoritmos e os modelos Hose e Hose Seletivo para cenários diferentes através de simulações baseadas em topologias reais e aleatórias. Os resultados desta comparação mostram que o Hose Seletivo reduz o custo de aprovisionamento das VPNs em relação ao Hose quando as demandas de tráfego são especificadas com maior precisão
39	Konfiguration av VPN med Netconf/Yang och Python Jeppsson, Fredrik January 2017 (has links) Rapporten behandlar en fiktiv internetleverantör som vill undersöka om protokollet Netconf kan användas för konfiguration av VPN-tjänster. Netconf används tillsammans med datamodelleringsspråket Yang som beskriver vad som kan konfigureras på en viss nätverksenhet. Netconf/Yang utvärderas genom att en lösning för konfiguration av MPLS Layer 3 VPN tas fram. Traditionella metoder för konfiguration av nätverksenheter är CLI och expect-baserade skript. Syftet är att undersöka om Netconf kan ersätta dessa metoder. För att öka trovärdigheten i lösningen har en nätverksarkitekt med erfarenhet av denna typ av lösningar involverats som kravställare. Internetleverantörens nätverk består av routrar från både Cisco och Juniper och projektets lösning tar hänsyn till detta. Utvecklingsarbetet har skett mot en labbmiljö bestående av de virtuella routrarna Juniper vMX 17.1R1.8 och Cisco IOS XRv 6.1.2. Projektets lösning består av indata som beskriver vilka parametrar som ska gälla för en L3VPN. Denna indata är oberoende av routertyp. Indatan valideras mot en egenutvecklad yangmodell, vilket är nödvändigt för att försäkra sig om att den är korrekt formaterad. Därefter skickas indatan till tre olika pythonskript som kan testa, lägga till eller ta bort en L3VPN. Projektets huvudsakliga slutsats är att Netconf/Yang kan ersätta CLI, givet att den önskade funktionaliteten är implementerad i nätverksenheternas yangmodeller. / This report discusses a fictitious Internet Service Provider (ISP) that wants to evaluate whether the Netconf protocol can be used to configure VPN services. Netconf is used in conjunction with Yang, a data modeling language that is used to describe the features that can be configured on a particular network device. Netconf/Yang is evaluated by developing a solution focused on the configuration of MPLS Layer 3 VPNs. Traditional methods for network device configuration are using the CLI and expect based scripts. One purpose of the evaluation is to determine if Netconf/Yang can be used instead. To increase the credibility of the results, a network architect with industry experience has been involved by setting requirements for the Netconf/Yang solution. The ISP in question uses routers from both Juniper and Cisco, something that the proposed solution takes into account. Development has been done against the virtual routers Juniper vMX 17.1R1.8 and Cisco IOS XRv 6.1.2. The proposed solution involves creating script input data that describes a L3VPN in a vendor neutral way. The input data is validated against a custom yang model to ensure that it follows the expected format. The data is then used as an argument to three different scripts that either tests, adds or deletes a L3VPN based on the input data. The main conclusion is that Netconf/Yang can replace configuration using the CLI, given that the desired features have been implemented in the yang models of the network devices. Netconf Yang Python Ncclient VPN L3VPN Computer Engineering Datorteknik
40	Virtual Private Network Communication over a session layer socket protocol (SOCKS) Soler Avellén, Carl Richard January 2011 (has links) SYSTeam is an IT solutions supplier company that wants to develop a product which permits users to communicate with each other, over the Internet, in a secure way. The solution creates communication between two subnets which are connected through a Virtual Private Network (VPN) Gateway. The security of the communication is implemented at the application layer by using the Secure Socket Layer (SSL) protocol which carries, encrypted within it, a session layer technology called Sock-et-s (SOCKS). The communication prototype is developed in a Linux platform with the Integrated Development Environment (IDE) Eclipse and Java programming language. There are many similar software-hardware based products in the market, but these solutions usually demand high budgets. This thesis shows the development of a communication prototype of a new, and low cost, alternative product. This report also describes how the Java SOCKS methods are increased with further functionality in order to reach the designed communication infrastructure. The entire implementation is tested by using a network analyzer software called Wireshark and a log function which writes out messages in order for us to know which part of the code is running. VPN SOCKS JAVA Socket SSL Computer Sciences Datavetenskap (datalogi)

Search results