1 / 26

PSINet Managed VPN 소개

PSINet Managed VPN 소개. 박훈철 대리. PSINet VPN Applications & Requirements. Extranet Business-to-Business. Remote Access. Remote Access. DSL Cable. POP. Remote Access. Intranet Central Site. Intranet Branch. Remote Access  Extension of Dial  ADSL, Cable, ISDN

cynthiae
Télécharger la présentation

PSINet Managed VPN 소개

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PSINet Managed VPN 소개 박훈철 대리

  2. PSINet VPN Applications & Requirements Extranet Business-to-Business Remote Access Remote Access DSL Cable POP Remote Access Intranet Central Site Intranet Branch Remote Access  Extension of Dial  ADSL, Cable, ISDN  User manageablility & deployment scalability Site-to-Site : Intranet & Extranet  Extension of classic WAN  provided by Service Provider  VPN with Firewall service  Enhanced VPN service  Vscalable performance with VSU

  3. Agenda  PSINet Remote Access VPN Service  PSINet Site-to-Site VPN Service  PSINet GIHC VPN Service  PSINet Managed VPN Service  PSINet Case Studies  Q & A

  4. ISP PSINet Remote Access VPN Service NAS POP Gric Roaming Dial-Up Access AAA ISDN Access Service Provider Network AAA ADSL ADSL Access Cable Enterprise or ISP Cable Modem VPDN RequirementsRobust security Simple & easy-to-use VPN client Scalability High availability Integrated management Deployment flexibility

  5. ISP VPN VPN VPN VPN VPN IPSec Tunnel PSINet Remote Access VPN Service VPNremote software NAS POP Dial-Up Access AAA ISDN Access Intranet Server PSINet ADSL ADSL Access VSU Cable Enterprise Netwrok Cable Modem Gric Roaming PSINet Remote Access VPN Sulution Easily deployable and manageable IPSec client software Centralized policy-based management of VPN users provides a high degree of scalability

  6. VPN POP PSINet Remote Access VPN Service Client IP Address Pool AAA Intranet Server @#!1$%2*&%3#&… IPSec Tunnel Remote Access VSU Enterprise Netwrok IP Pool Address VPNremote Client user has random IP address assigned by ISP VSU translates user’s original IP address to one in Client IP Address Pool Packet Filtering Rule VSUs support packet filtering ACL (Access Control List) consist of Client IP Address Pool EncryptionUsing strong(3DES) encryption, VPN’s allow the flow of secure traffic between networks over a public intrastructure such as the Internet.

  7. Gric Roaming VPN VPN POP POP Remote Access PSINet Remote Access VPN Service Web AAA PSINet Mail VSU Groupware

  8. Agenda  PSINet Remote Access VPN Service  PSINet Site-to-Site VPN Service  PSINet GIHC VPN Service  PSINet Managed VPN Service  PSINet Case Studies  Q & A

  9. ISP ISP ISP PSINet Site-to-Site VPN Service Firewall Extranet / Business-to-Business Intranet Server Service Provider Network Firewall Intranet / Branch1 Intranet / Central Site Intranet / Branch2 Site-to-Site VPN RequirementsRobust security Deployment Flexibility Bandwidth Managemet Service-Level Validation Multi-Device VPN Management

  10. VSU VSU VSU IPSec Tunnel PSINet Site-to-Site VPN Service VSU Extranet / Business-to-Business Intranet Server PSINet Intranet / Branch1 Intranet / Central Site Intranet / Branch2 PSINet Site-to-Site VPN Sulution Hardware-based Encryption Greater VPN Security & Reliability Site Specific Scalability Feature Interoperability Device Integration Investment Protection

  11. IP Header IP Header Payload Payload Original IP datagram Original IP datagram VSU VSU VSU VSU Business-to-Business Intranet Server IPSec Tunnel PSINet Branch1 Intranet / Central Site IP Header Payload Tunnel IP Header Tunneling Original IP datagram Branch2 PSINet Site-to-Site VPN Service Enable Routing with Private IP Tunneling IP>traceroute 10.10.1.34 Traceroute 10.10.1.34: 56 data byes 1 117 ms 115 ms 113 ms 10.10.1.34 Trace complete. IP>traceroute 203.235.76.18 Traceroute 203.235.76.18: 56 data byes 1 123 ms 120 ms 121 ms 203.235.76.18 Trace complete.

  12. VSU VSU VSU PSINet PSINet Site-to-Site VPN Service Web Extranet / Business-to-Business Mail VSU Intranet / Branch1 ExtranetGroupware Intranet / Branch2

  13. Agenda  PSINet Remote Access VPN Service  PSINet Site-to-Site VPN Service  PSINet GIHC VPN Service  PSINet Managed VPN Service  PSINet Case Studies  Q & A

  14. PSINet GIHC VPN Service • 센타내 입주한 서버와 관리자 Desktop간에 VPN Remote Client를 이용한 안전한 데이터 전송 및 관리 • 고객 기존 사설망을 VSU를 이용하여 센타내 서버와의 안정한 데이터 전송 • 사설 전용선 (256K ~E1) 을 사용한 입주 서버와의 안전한 데이터 전송 대체 • 고속(100M)의 안전한 데이터 전송가능 • 저렴한 비용으로 안전한 서버관리 및 데이터 관리

  15. PSINet GIHC VPN Service PSINet Public Network Private Network PSINet Backbone Main switch 203.x.x.x Web Server 203.x.x.2 10.x.x.2 Access switch Access switch OSPF Firewall Streaming Server 203.x..x.3 10.x.x.3 VSU= 203.x.x.1 10.x.x.1 Streaming Server 203.x.x.4 10.x.x.4 Database 203.x.x.5 10.x.x.5

  16. Agenda  PSINet Remote Access VPN Service  PSINet Site-to-Site VPN Service  PSINet GIHC VPN Service  PSINet Managed VPN Service  PSINet Case Studies  Q & A

  17. PSINet Managed VPN Service 자체 제작된 별도의 장애 관리 시스템 및 트래픽 관리 시스템을 이용해서 인터넷 사용량을 일간/주간/월간 그래픽으로 볼수 있도록 페이지를 제공

  18. PSINet Managed VPN Service MSG(Managed Service Group)란? PSINet NOC(Network Operation Center)소속의 보안 전문가 그룹으로, 고객사의 보안정책수립 및 네트워크 관리를 총괄하는 조직 • MSG의 역할 및 책임 • 고객사의 보안정책 컨설팅 • 24 X 7 NMS 및 Monitoring 서비스 • Intranet 이나 VPN등의 Managed 서비스 구축 시 작업 전담 • 고객사 측 CPE(Customer Premises Equipment)에 대한 Setting 및 Maintenance 지원 • Router, 인증 및 로그서버 Configuration 지원 • 각 Intranet sites에 대한 장애처리, NMS 전담

  19. PSINet Korea • MSG • ISP사업본부 • 기술운영 • 기술지원 PSINet Managed VPN Service PSINet Korea MSG 운영방안 Call Center 고객사 24X7 NMS Network Monitoring 및 Reporting 보안 정책 컨설팅 보안관련 정보 제공 장애 처리 장애 보상 하드웨어 유지 보수 각종 기술 지원 영업담당자

  20. PSINet Managed VPN Service 장애처리 System 및 장애처리 방안 • 하루 24시간, 주 7일 NOC 운영을 통한 Network Monitoring 및 장애처리 • 자체 장애 처리시스템을 통하여 장애 처리와 관련된 모든 부서에서 장애 확인 및 대처 • Alarm System을 이용한 사전 장애 통보 및 신속대처 • 장애 복구 후 장애 내역을 분석하여 재발되는 장애를 최대한 억제 • 발생한 모든 장애에 대해서는 장애내용, 장애시간, 복구내용을 DB로 관리 및 Report

  21. ISP ISP ISP VPN VPN VPN Dial-Up Access ADSL / Cable Gric Roaming VSU VSU VSU IPSec Tunnel PSINet Managed VPN Service VSU Extranet / Business-to-Business Intranet Server PSINet Intranet / Branch1 Intranet / Central Site Radius / Log / VPNmanager Intranet / Branch2 VSU PSINet Operationg Center

  22. VSU VSU Directory Server .24 .25 .26 .100 .104 .101 .102 .103 .57 .58 .59 PSINet Managed VPN Service PSINet Operationg Center B1 IP Pool 217.207.101.10 217.207.101.11 217.207.101.12 217.207.101.13 203.255.113.0/24 VPNmanager Directory Server SNMP, SSL, Syslog A1 217.207.101.0/24 PSINet Backbone VSU R2 R1 D1 C1 Remote Account IP ? 210.128.239.0/24 C1 A1 VPN (Tunnel Group) 210.128.239.57,58,59  217.207.101.102,103D1 A1 VPN (Tunnel Group) (Remote) ID,PW 217.207.101.10,11,12,13  217.207.101.104 B1 A1 VPN (Tunnel Group1) 203.255.113.24  217.207.101.100B1 A1 VPN (Tunnel Group2) 203.255.113.25,26  217.207.101.101,102,103

  23. Agenda  PSINet Remote Access VPN Service  PSINet Site-to-Site VPN Service  PSINet GIHC VPN Service  PSINet Managed VPN Service  PSINet Case Studies  Q & A

  24. VSU ISP ISP ISP PSINet Case Studies CASE 1 : 한국타이어 일본 지사 Web 210.238.254.0 / 255.255.255.224 1 T1 Mail VSU VSU F/W 호주 지사 203.42.125.48 / 255.255.255.240 Groupware IP Group203.31.6.0 203.31.7.0 203.31.17.0 서울본사 VSU 독일 지사 192.169.202.0 / 255.255.255.0

  25. VPN VPN VPN VPN VPN ISP ISP ISP ISP ISP PSINet Case Studies CASE 2 : LG-EDS VPNremote software 600명부분적 사용자별 Access Point 개별 설정 Dial-Up Access Web VSU 1 F/W ISDN Access Mail F/W ADSL Access Groupware VSU Cable Modem IP Group210.103.148.0 210.103.149.0 210.103.150.0 서울본사 Gric Roaming

  26. Q & A

More Related