UCL VPN Update

6NET “To look at the issues surrounding the provision of IPv6 dynamic VPN technology and deploy an IPv6- Enabled VPN Infrastructure”

ICB “To carry out an experimental deployment of an IPv6-Enabled VPN Infrastructure upon which one can experiment on the sort of policies that coalition networks require”

SEINIT “To investigate secured applications. One of the modes of securing them will be via IPv6-Enabled VPNs. Security policies and infrastructures will be studied.”

UCL IPv6 VPN Deployment Requirements IPv6-Enabled IPv6-Enabled VPN/Overlay Deployment Capabilities VPN/Overlay Deployment Capabilities VPN/Overlay Management Capabilities VPN/Overlay Management Capabilities Flexible Security Infrastructure Flexible Security Infrastructure Flexible Policy Infrastructure Flexible Policy Infrastructure Flexible Control Mechanisms Flexible Control Mechanisms Flexible Topology Deployment Capability Flexible Topology Deployment Capability Dynamism During Operation Dynamism During Operation Failure Tolerant Failure Tolerant

Analysis Investigated Various VPN Technologies Investigated Various VPN Technologies  Entrust VPN Connector  Netcelo VPN Manager  ISI X-Bone  DRDC Dynamic VPN Controller (DVC)  UMU Policy Based Network Management (UMU-PBNM)

UCL Current Status – Nov 2003 UMU UMU  Experimented with VPN ETool  Experimented with Policy Tool Set-up One DVC Node Set-up One DVC Node  Part Of A 3-Node Coalition  3 Further Nodes Anticipated X-Bone X-Bone  Experimented with special 3.0-alpha release  Experimenting with 3.0-beta release

Comparisons Installation Installation  External Software Dependencies GUI GUI Policy Tool Policy Tool IPv6 Capability IPv6 Capability Distributed Control Distributed Control PKI PKI Topology Topology

Deployment Scenarios (I) Abstraction of components into 4 domains: Abstraction of components into 4 domains:  Application Domain  Environment Domain  User Domain  Deployment Domain

Deployment Scenarios (II) Application Domain Application Domain  Communication  Computation  Collaboration Environment Domain Environment Domain  Coalition  Collaboration

Deployment Scenarios (III) User Domains User Domains  Government, Defense, International  Financial, Commercial, Regulatory  Academic, Education… … … Deployment Domain Deployment Domain  Security  Initialisation  Configuration

UCL Deployment Short Term Short Term  6NET – X-Bone  ICB – TBD Medium Term Medium Term  Require extensions to existing systems

Essential Extensions for UCL Adoption UMU-PBNM Integration UMU-PBNM Integration X-Bone X-Bone  Operational Dynamism (addition/departure of nodes) DVC DVC  Flexible Topological Deployment  Hierarchic Overlays

UCL Manish Lad