Vilken mjukvarubaserad fjärranslutningslösning är passande för ett mindre företag?

Hurtig, Andreas, Gisslar, Thomas, Karlsson, Alexander

January 2009

Syftet med denna undersökning är att ta reda på vilken mjukvarubaserad fjärranslutningslösning som passar för ett mindre företag, då de har mindre ekonomiska tillgångar än ett större företag behöver de vara mer noggranna med sina produktval. Arbetet är utfört med litteraturstudier och en enkätundersökning till ett tiotal mindre företag, samt en laborationsmiljö där tester av de olika fjärranslutningslösningarnas egenskaper har utförts. Område valdes då ämnet fjärranslutning knappt behandlads under utbildningstiden, och fördjupar sig därför inom området. Resultatet visar vad mindre företag anser vara de viktigaste egenskaperna med en fjärranslutningslösning. Även de värden som uppkom vid tester i laborationsmiljön kommer att presenteras i resultatet. De samlade resultaten kommer sedan visa på vilken mjukvarubaserad lösning som passar bäst för ett mindre företag. / The purpose of this survey is to figure out which software based remote access solution that fits a smaller company, hence they have less economy assets than a larger company they need to be more thorough with their products of choice. The work is performed with literature studies and a survey of a dozen smaller companies, and also a laboratory environment where properties of the different remote access solutions are performed. This area was chosen because the subject of remote access scarcely was treated during our education, and become engrossed in this area. The result shows what the companies consider to be the most important properties with a remote access and also the products results from the tests. Also the values that occurred during testing in a laboratory environment will be presented in the results. The combined results will then show which software-based solution that is best suited for a small company.

VPN

Remote access

L2TP

IPSec

PPTP

Open Swan

OpenVPN

SSLExplorer

Tunneling

Tunnel

VPN connection

SSL-VPN

VPN

Fjärranslutning

L2TP

IPSec

PPTP

OpenSwan

OpenVPN

SSLExplorer

Fjärråtkomst

Remote access

Tunnling

Tunnel

VPN-anslutning

SSL-VPN

Computer Engineering

Datorteknik

Secure remote access to a work environment

Bergvall, Ricardo

January 2021

This project is about how free, open-source tools can create reasonable, secure and flexible remote access solutions for smaller companies with a limited budget.  Secure remote access to a working environment is a solution for its time, as last year Covid-19 change the working environment for millions of employers and employees. The importance of secure remote access to a working environment became noticeable as offices closed down and employers started working from home. Still, the need for secure access to the company's infrastructure remains. This is where Virtual Private Networks (VPNs) enter the picture, as it has a broad application scope and is particularly useful for secure remote access. My project was subdivided into three parts: How to implement secure remote access to a working environment within the requirements of the chosen company, which are an inexpensive solution with high-security features.  Automate the creation and distribution of all the necessary parts that their employees will need in a VPN structure. Research about the future direction regarding VPN and the importance of cybersecurity to help ensure security preparedness for the company. The chosen solution was OpenVPN and Google authenticator, together with a written bash script. It became a solution that was free, flexible, secure and scalable. But why the need and what about the future?  Research shows that a high percentage of small and medium-sized enterprises are vulnerable to cyberattacks. It also shows that these companies have the lowest cybersecurity. "It wouldn't happen to us" is dangerous but, sadly, a typical mindset throughout the S&M companies. It's primarily because of this S&M's are more exposed than larger companies. The future of VPN's has become more important than ever before, and it's something that during Covid-19 has risen in use all over the world, the research and development of VPNs has accelerated. The research objectives of this project are of high interest to many other organizations in the same position, and the presented work has helped answer the question: "Where will we stand in a few years regarding secure remote work, cybersecurity andencrypted networks?"

secure remote-access

virtual private network servers

multi-factor authentication

encryption

cyber-threats

OpenVPN

Computer and Information Sciences

Data- och informationsvetenskap

VIRTUAL PRIVATE NETWORKS : An Analysis of the Performance in State-of-the-Art Virtual Private Network solutions in Unreliable Network Conditions

Habibovic, Sanel

January 2019

This study aimed to identify the differences between state-of-the-art VPN solutions on different operating systems. It was done because a novel VPN protocol is in the early stages of release and a comparison of it, to other current VPN solutions is interesting. It is interesting because current VPN solutions are well established and have existed for a while and the new protocol stirs the pot in the VPN field. Therefore a contemporary comparison between them could aid system administrators when choosing which VPN to implement. To choose the right VPN solution for the occasion could increase performance for the users and save costs for organizations who wish to deploy VPNs. With the remote workforce increasing issues of network reliability also increases, due to wireless connections and networks beyond the control of companies. This demands an answer to the question how do VPN solutions differ in performance with stable and unstable networks? This work attempted to answer this question. This study is generally concerning VPN performance but mainly how the specific solutions perform under unreliable network conditions.It was achieved by researching past comparisons of VPN solutions to identify what metrics to analyze and which VPN solutions have been recommended. Then a test bed was created in a lab network to control the network when testing, so the different VPN implementations and operating systems have the same premise. To establish baseline results, performance testing was done on the network without VPNs, then the VPNs were tested under reliable network conditions and then with unreliable network conditions. The results of that were compared and analyzed. The results show a difference in the performance of the different VPNs, also there is a difference on what operating system is used and there are also differences between the VPNs with the unreliability aspects switched on. The novel VPN protocol looks promising as it has overall good results, but it is not conclusive as the current VPN solutions can be configured based on what operating system and settings are chosen. With this set-up, VPNs on Linux performed much better under unreliable network conditions when compared to setups using other operating systems. The outcome of this work is that there is a possibility that the novel VPN protocol is performing better and that certain combinations of VPN implementation and OS are better performing than others when using the default configuration. This works also pointed out how to improve the testing and what aspects to consider when comparing VPN implementations.

Virtual Private Network

VPN

WireGuard

IPSec

OpenVPN

Performance

Unreliability

Packet Loss

Delay

Computer and Information Sciences

Data- och informationsvetenskap

Information Systems

Infrastruktura veřejných klíčů / Infrastructure of public keys

Bědajánek, Ondřej

January 2008

The subject of my thesis dscribes function and principles of the public key infrastructure as well as certificate authority. Under the operation system Linux was created self signed certificate authority. Web interface was devoloped in PHP for the purpose of the generation, distribution and rejection certificates. Configuration files for OpenVPN are included in the thesis and wireless security is achived by OpenVPN.

Implementace OpenVPN na platformě Windows CE / Porting OpenVPN to Windows CE Platform

Ešner, Oldřich

January 2008

The motivation for inception of this MSc. thesis which follows on from a term project of the same name was the transfer of the application for building private virtual OpenVPN networks from Windows XP operating system to Windows CE Embedded 6.0 platform. The project deals with virtual private networks in general and looks more closely at its implementation - OpenVPN. It also introduces the basic features of the Windows CE operating system. The project goes on to describe device drivers in NT-based Windows operating systems, the Windows Driver Model used, the NDIS network interface model and also the model of Windows CE drivers - the Stream Interface Model. The project continues with a~description of communication in OpenVPN application and primarily the role of TUN/TAP virtual network interfaces. This is followed by a proposal for transfer of TUN/TAP adapter drivers together with a description of limitations and necessary modifications between both platforms. As a result a TAP network device driver is implemented whose function is verified by test application that emulates the behaviour of a TUN adapter. The project concludes with an evaluation of the achieved results, the possibilities for further work on this theme and with the overall contribution of this project.

Návrh bezpečnostní infrastruktury elektronického archivu / Design of security infrastructure for electronic archive

Doležel, Radek

January 2009

This master's thesis deals with design of security infrastructure for electronic archive. In theoretical part is disscus about technical resources which are based on security services and protocols and methods which are used for protection. On basics of theoretical part is designed model of security infrastructure and it is built in laboratory. Model of security infrastructure is based on Open Source Software and as safety storages for private user authentication data are used cryptographic USB tokens. This master's thesis includes design and construction of real infrastructure of secured electronic archive. In each part of master's thesis is put main emphases on security and clear explanation from the beginning of desing of model of security infrastructure for electronic archive to finish of construction.