logging in or signing up PRESENT aSGuest62331 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 145 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: August 23, 2010 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide 1: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Submitted & Presented by Ioannis Geraris Supervised by Dr. Tom Buggy MSc Network Security Slide 2: INTRODUCTION Why this project? Aims and Objectives Slide 3: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Why this project ? SSL VPN is very new as a technology - Not even a standard yet. Tunnel support was very recently added to the SSL VPN implementation. Absence of objective academic research on real-time services over SSL. IPsec is the most well established VPN solution today. IPsec is broadly used to securely tunnel voice. Slide 4: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Aims and Objectives Questions: How do SSL VPNs perform with regard to the transport of voice traffic through them ? How do they compare to IPsec VPNs in terms of performance ? Investigation of the technologies involved in the project. Investigation of relevant to the project literature. Conception, creation and validation of a suitable network topology to carry out the experiment on. Accurate results on how do SSL VPNs perform when tunneling voice. Perform the same experiment with IPsec this time and Compare the results. Slide 5: REVIEW SSL IPsec VoIP QoS Slide 6: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Secure Sockets Layer (SSL): A very popular security framework… but not for VPNs so far ! Originally created to secure web transactions - other applications were also modified to use it. Slide 7: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs SSL VPNs: Designed as Remote-Access solution; not a Site-to-Site one. Originally designed as a clientless solution over a web browser. Now also supports tunnel access - therefore supports voice. Issues that SSL VPNs try to address: Flexible Universal Remote-Access Solution. Transparent NAT and Firewall traversal. Slide 8: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs IPsec VPNs: Until recently, the “de facto” solution for VPNs. Main advantage: They provide full network layer access “out of the box”. Slide 9: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Voice Over IP: A real-time service that works the connectionless UDP, with the aid of RTP. Signaling is used for call control. Slide 10: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Quality of Service: Voice QoS Requirements / Assessment: Delay - Jitter - Packet Loss. Subjective MOS - Calculated MOS End-to-End QoS: No QoS implemented over the Internet. Slide 11: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Comparison: SSL vs. IPsec Tunnel mode. Layer 4+ vs Layer 3. TCP vs UDP. Slide 12: THE EXPERIMENT Methodology Design Implementation Slide 13: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Methodology: A testbed approach was decided OPNET did not support most of the protocols & technologies utilized. Similar testbed approaches were found during the literature review, on Voice over IPsec. Testbed Design Step 1: Logical Design. Step 2: Physical Design. Slide 14: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Step 1: Logical Design Identify all the “entities” that would exist in a real-life scenario. Slide 15: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Step 2: Physical Design All attributes of all the identified “entities” are translated into real testbed components. Slide 16: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Components: Software components illustrated in orange color. Slide 17: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Design Validation: Virtual implementation of the testbed topology in Dynamips/GNS3 emulator. Slide 18: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Traffic Scenarios: Multiple flows of UDP, TCP and ICMP traffic were generated in each scenario. Low non-prioritized internet traffic: about 500kbps of bandwidth. Medium non-prioritized internet traffic: about 2Mbps of bandwidth. High non-prioritized internet traffic: about 4Mbps of bandwidth. Very High non-prioritized internet traffic: about 8Mbps of bandwidth. The following were performed in each scenario: Slide 19: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Traffic Generation Software: Distributed Internet Traffic Generator (D-ITG) of the University of Napoli, Italy was chosen for its ability of generating multiple simultaneous traffic flows of different nature and protocol. Slide 20: RESULTS Traffic Capturing and Analysis Results Presentation Slide 21: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Traffic Capturing and Analysis : Traffic Captured with Wireshark. MOS calculated with Omnipeek. You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
PRESENT aSGuest62331 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 145 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: August 23, 2010 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide 1: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Submitted & Presented by Ioannis Geraris Supervised by Dr. Tom Buggy MSc Network Security Slide 2: INTRODUCTION Why this project? Aims and Objectives Slide 3: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Why this project ? SSL VPN is very new as a technology - Not even a standard yet. Tunnel support was very recently added to the SSL VPN implementation. Absence of objective academic research on real-time services over SSL. IPsec is the most well established VPN solution today. IPsec is broadly used to securely tunnel voice. Slide 4: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Aims and Objectives Questions: How do SSL VPNs perform with regard to the transport of voice traffic through them ? How do they compare to IPsec VPNs in terms of performance ? Investigation of the technologies involved in the project. Investigation of relevant to the project literature. Conception, creation and validation of a suitable network topology to carry out the experiment on. Accurate results on how do SSL VPNs perform when tunneling voice. Perform the same experiment with IPsec this time and Compare the results. Slide 5: REVIEW SSL IPsec VoIP QoS Slide 6: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Secure Sockets Layer (SSL): A very popular security framework… but not for VPNs so far ! Originally created to secure web transactions - other applications were also modified to use it. Slide 7: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs SSL VPNs: Designed as Remote-Access solution; not a Site-to-Site one. Originally designed as a clientless solution over a web browser. Now also supports tunnel access - therefore supports voice. Issues that SSL VPNs try to address: Flexible Universal Remote-Access Solution. Transparent NAT and Firewall traversal. Slide 8: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs IPsec VPNs: Until recently, the “de facto” solution for VPNs. Main advantage: They provide full network layer access “out of the box”. Slide 9: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Voice Over IP: A real-time service that works the connectionless UDP, with the aid of RTP. Signaling is used for call control. Slide 10: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Quality of Service: Voice QoS Requirements / Assessment: Delay - Jitter - Packet Loss. Subjective MOS - Calculated MOS End-to-End QoS: No QoS implemented over the Internet. Slide 11: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Comparison: SSL vs. IPsec Tunnel mode. Layer 4+ vs Layer 3. TCP vs UDP. Slide 12: THE EXPERIMENT Methodology Design Implementation Slide 13: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Methodology: A testbed approach was decided OPNET did not support most of the protocols & technologies utilized. Similar testbed approaches were found during the literature review, on Voice over IPsec. Testbed Design Step 1: Logical Design. Step 2: Physical Design. Slide 14: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Step 1: Logical Design Identify all the “entities” that would exist in a real-life scenario. Slide 15: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Step 2: Physical Design All attributes of all the identified “entities” are translated into real testbed components. Slide 16: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Components: Software components illustrated in orange color. Slide 17: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Design Validation: Virtual implementation of the testbed topology in Dynamips/GNS3 emulator. Slide 18: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Traffic Scenarios: Multiple flows of UDP, TCP and ICMP traffic were generated in each scenario. Low non-prioritized internet traffic: about 500kbps of bandwidth. Medium non-prioritized internet traffic: about 2Mbps of bandwidth. High non-prioritized internet traffic: about 4Mbps of bandwidth. Very High non-prioritized internet traffic: about 8Mbps of bandwidth. The following were performed in each scenario: Slide 19: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Traffic Generation Software: Distributed Internet Traffic Generator (D-ITG) of the University of Napoli, Italy was chosen for its ability of generating multiple simultaneous traffic flows of different nature and protocol. Slide 20: RESULTS Traffic Capturing and Analysis Results Presentation Slide 21: Voice over SSL VPNs: Performance evaluation and comparison with IPsec VPNs Traffic Capturing and Analysis : Traffic Captured with Wireshark. MOS calculated with Omnipeek.