У статті розглядаються методи побудови віртуальних тунелів для забезпечення безпеки зв'язку в Extranet-системах. Досліджено різні протоколи та технології, такі як IPSec, SSL, TLS, SSH, та порівняно їх ефективність та можливості в різних випадках застосування. Також проаналізовано використання VPN-з'єднань та різні типи мережевих топологій для забезпечення стійкості віртуальних тунелів та максимальної продуктивності мережі. Результати досліджень можуть бути корисні для розробників Extranet-систем та адміністраторів мереж, які шукають ефективні методи захисту мережі та забезпечення стійкості тунелів.

Ключові слова: VPN, IPsec, SSL, TLS, SSH.

Brooks, C. J., Grow, C., Craig, P. A., & Short, D. (2018). Protecting the Perimeter.

Sadiku, M. N., & Akujuobi, C. M. (2022). Intranets and Extranets. In Fundamentals of Computer Networks (pp. 71-77). Cham: Springer International Publishing.

Kovalenko, A., Kuchuk, H., & Tkachov, V. (2021). Метод забезпечення живучості комп’ютерної мережі на основі VPN-тунелювання. Системи управління, навігації та зв’язку. Збірник наукових праць, 1(63), 90-95.

Tkachov, V., Bondarenko, M., Ulyanov, O., & Reznichenko, O. (2019, December). Overlay Network Infrastructure for Remote Control of Radio Astronomy Observatory. In 2019 IEEE International Conference on Advanced Trends in Information Theory (ATIT) (pp. 161-165). IEEE.

Обозний, Д. М., & Поштацька, К. В. (2020). Автоматизація розгортання та налаштування програмного забезпечення інфраструктури створеної в середовищі хмарних обчислень. Науковий огляд, 7(70), 7–9.

Jyothi, K. K., & Reddy, B. I. (2018). Study on virtual private network (VPN), VPN’s protocols and security. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 3(5), 919-932.

Hauser, F., Häberle, M., Schmidt, M., & Menth, M. (2020). P4-ipsec: Site-to-site and host-to-site vpn with ipsec in p4-based sdn. IEEE Access, 8, 139567-139586.

Ezra, P. J., Misra, S., Agrawal, A., Oluranti, J., Maskeliunas, R., & Damasevicius, R. (2022). Secured communication using virtual private network (VPN). Cyber Security and Digital Forensics: Proceedings of ICCSDF 2021, 309-319.

Pudelko, M., Emmerich, P., Gallenmüller, S., & Carle, G. (2020, June). Performance analysis of VPN gateways. In 2020 IFIP Networking Conference (Networking) (pp. 325-333). IEEE.

Lopez-Millan, G., Marin-Lopez, R., & Pereniguez-Garcia, F. (2019). Towards a standard SDN-based IPsec management framework. Computer Standards & Interfaces, 66, 103357.

Radivilova, T., Kirichenko, L., Ageyev, D., Tawalbeh, M., & Bulakh, V. (2018, May). Decrypting SSL/TLS traffic for hidden threats detection. In 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT)(pp. 143-146). IEEE.

Liu, A., Alqazzaz, A., Ming, H., & Dharmalingam, B. (2019). Iotverif: Automatic verification of SSL/TLS certificate for IoT applications. IEEE Access, 9, 27038-27050.

Garre, J. T. M., Pérez, M. G., & Ruiz-Martínez, A. (2021). A novel Machine Learning-based approach for the detection of SSH botnet infection. Future Generation Computer Systems, 115, 387-396.

Park, J., Kim, J., Gupta, B. B., & Park, N. (2021). Network log-based SSH brute-force attack detection model. CMC-Computers Materials & Continua, 68(1), 887-901.

Agghey, A. Z., Mwinuka, L. J., Pandhare, S. M., Dida, M. A., & Ndibwile, J. D. (2021). Detection of Username Enumeration Attack on SSH Protocol: Machine Learning Approach. Symmetry, 13(11), 2192.

Sadiku, M. N., & Akujuobi, C. M. (2022). Virtual Private Networks. In Fundamentals of Computer Networks (pp. 79-86). Cham: Springer International Publishing.

Forbacha, S. C., & Agwu, M. J. A. (2023). Design and Implementation of a Secure Virtual Private Network Over an Open Network (Internet). American Journal of Technology, 2(1), 1-36.

Angelo, R. (2019). Secure Protocols And Virtual Private Networks: An Evaluation. Issues in Information Systems, 20(3).

Wen, B., Fioccola, G., Xie, C., & Jalil, L. (2018). A YANG data model for layer 2 virtual private network (L2VPN) service delivery(No. rfc8466).

Patni, S., Sambudas, M., & Sharma, S. A Conceptual Survey of Sturucture, Security and Advantages in Virtual Private Network. International Journal of Computer Applications, 975, 8887.

AL-Dhief, F. T., Sabri, N., Latiff, N. A., Malik, N. N. N. A., Abbas, M., Albader, A., ... & Ghani, A. (2018). Performance comparison between TCP and UDP protocols in different simulation scenarios. International Journal of Engineering & Technology, 7(4.36), 172-176.

Faisal, A., & Zulkernine, M. (2021). A secure architecture for TCP/UDP-based cloud communications. International Journal of Information Security, 20, 161-179.

Kartvelishvili, I., & Todua, T. (2022). ACTUAL ISSUES OF BUILDING SECURE COMMUNICATION CHANNEL CONSIDERING MODERN TECHNOLOGICAL CHALLENGES. Globalization & Business.

Iqbal, M., & Riadi, I. (2019). Analysis of security virtual private network (VPN) using openVPN. International Journal of Cyber-Security and Digital Forensics, 8(1), 58-65.

Vitalii, B., & Anatoly, E. (2022). MPLS VPN TECHNOLOGY. EDITORIAL BOARD, 430.

Zakaria, M. I., Norizan, M. N., Isa, M. M., Jamlos, M. F., & Mustapa, M. (2022). Comparative analysis on virtual private network in the internet of things gateways. Indones. J. Electr. Eng. Comput. Sci, 28(1), 488-497.

Raj, J. R., & Srinivasulu, S. (2022, March). Design of IoT based VPN gateway for home network. In 2022 International Conference on Electronics and Renewable Systems (ICEARS)(pp. 561-564). IEEE.

Dharma, F. W. (2021). Enhancing branch office network availability using cloud EoIP gateway. Procedia Computer Science, 179, 574-581.

Zhu, R., Li, T., & Song, T. (2021, July). iGate: NDN Gateway for Tunneling over IP World. In 2021 International Conference on Computer Communications and Networks (ICCCN) (pp. 1-9). IEEE.

Arashloo, M. T., Shirshov, P., Gandhi, R., Lu, G., Yuan, L., & Rexford, J. (2018). A scalable vpn gateway for multi-tenant cloud services. ACM SIGCOMM Computer Communication Review, 48(1), 49-55.

References:

Brooks, C. J., Grow, C., Craig, P. A., & Short, D. (2018). Protecting the Perimeter.

Sadiku, M. N., & Akujuobi, C. M. (2022). Intranets and Extranets. In Fundamentals of Computer Networks (pp. 71-77). Cham: Springer International Publishing.

Kovalenko, A., Kuchuk, H., & Tkachov, V. (2021). A method for ensuring the survivability of a computer network based on VPN tunneling. Systemy upravlinnia, navihatsii ta zviazku. Zbirnyk naukovykh prats, 1(63), 90-95 [in Ukrainian].

Tkachov, V., Bondarenko, M., Ulyanov, O., & Reznichenko, O. (2019, December). Overlay Network Infrastructure for Remote Control of Radio Astronomy Observatory. In 2019 IEEE International Conference on Advanced Trends in Information Theory (ATIT) (pp. 161-165). IEEE. [in English].

Oboznyi, D. M., & Poshtatska, K. V. (2020). Automation of deployment and configuration of infrastructure software created in a cloud computing environment. Naukovyi ohliad, 7(70), 7–9 [in Ukrainian].

Jyothi, K. K., & Reddy, B. I. (2018). Study on virtual private network (VPN), VPN’s protocols and security. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 3(5), 919-932.

Hauser, F., Häberle, M., Schmidt, M., & Menth, M. (2020). P4-ipsec: Site-to-site and host-to-site vpn with ipsec in p4-based sdn. IEEE Access, 8, 139567-139586.

Ezra, P. J., Misra, S., Agrawal, A., Oluranti, J., Maskeliunas, R., & Damasevicius, R. (2022). Secured communication using virtual private network (VPN). Cyber Security and Digital Forensics: Proceedings of ICCSDF 2021, 309-319.

Pudelko, M., Emmerich, P., Gallenmüller, S., & Carle, G. (2020, June). Performance analysis of VPN gateways. In 2020 IFIP Networking Conference (Networking) (pp. 325-333). IEEE.

Lopez-Millan, G., Marin-Lopez, R., & Pereniguez-Garcia, F. (2019). Towards a standard SDN-based IPsec management framework. Computer Standards & Interfaces, 66, 103357.

Radivilova, T., Kirichenko, L., Ageyev, D., Tawalbeh, M., & Bulakh, V. (2018, May). Decrypting SSL/TLS traffic for hidden threats detection. In 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT)(pp. 143-146). IEEE.

Liu, A., Alqazzaz, A., Ming, H., & Dharmalingam, B. (2019). Iotverif: Automatic verification of SSL/TLS certificate for IoT applications. IEEE Access, 9, 27038-27050.

Garre, J. T. M., Pérez, M. G., & Ruiz-Martínez, A. (2021). A novel Machine Learning-based approach for the detection of SSH botnet infection. Future Generation Computer Systems, 115, 387-396.

Park, J., Kim, J., Gupta, B. B., & Park, N. (2021). Network log-based SSH brute-force attack detection model. CMC-Computers Materials & Continua, 68(1), 887-901.

Agghey, A. Z., Mwinuka, L. J., Pandhare, S. M., Dida, M. A., & Ndibwile, J. D. (2021). Detection of Username Enumeration Attack on SSH Protocol: Machine Learning Approach. Symmetry, 13(11), 2192.

Sadiku, M. N., & Akujuobi, C. M. (2022). Virtual Private Networks. In Fundamentals of Computer Networks (pp. 79-86). Cham: Springer International Publishing.

Forbacha, S. C., & Agwu, M. J. A. (2023). Design and Implementation of a Secure Virtual Private Network Over an Open Network (Internet). American Journal of Technology, 2(1), 1-36.

Angelo, R. (2019). Secure Protocols And Virtual Private Networks: An Evaluation. Issues in Information Systems, 20(3).

Wen, B., Fioccola, G., Xie, C., & Jalil, L. (2018). A YANG data model for layer 2 virtual private network (L2VPN) service delivery(No. rfc8466).

Patni, S., Sambudas, M., & Sharma, S. A Conceptual Survey of Sturucture, Security and Advantages in Virtual Private Network. International Journal of Computer Applications, 975, 8887.

AL-Dhief, F. T., Sabri, N., Latiff, N. A., Malik, N. N. N. A., Abbas, M., Albader, A., ... & Ghani, A. (2018). Performance comparison between TCP and UDP protocols in different simulation scenarios. International Journal of Engineering & Technology, 7(4.36), 172-176.

Faisal, A., & Zulkernine, M. (2021). A secure architecture for TCP/UDP-based cloud communications. International Journal of Information Security, 20, 161-179.

Kartvelishvili, I., & Todua, T. (2022). ACTUAL ISSUES OF BUILDING SECURE COMMUNICATION CHANNEL CONSIDERING MODERN TECHNOLOGICAL CHALLENGES. Globalization & Business.

Iqbal, M., & Riadi, I. (2019). Analysis of security virtual private network (VPN) using openVPN. International Journal of Cyber-Security and Digital Forensics, 8(1), 58-65.

Vitalii, B., & Anatoly, E. (2022). MPLS VPN TECHNOLOGY. EDITORIAL BOARD, 430.

Zakaria, M. I., Norizan, M. N., Isa, M. M., Jamlos, M. F., & Mustapa, M. (2022). Comparative analysis on virtual private network in the internet of things gateways. Indones. J. Electr. Eng. Comput. Sci, 28(1), 488-497.

Raj, J. R., & Srinivasulu, S. (2022, March). Design of IoT based VPN gateway for home network. In 2022 International Conference on Electronics and Renewable Systems (ICEARS)(pp. 561-564). IEEE.

Dharma, F. W. (2021). Enhancing branch office network availability using cloud EoIP gateway. Procedia Computer Science, 179, 574-581.

Zhu, R., Li, T., & Song, T. (2021, July). iGate: NDN Gateway for Tunneling over IP World. In 2021 International Conference on Computer Communications and Networks (ICCCN) (pp. 1-9). IEEE.

Arashloo, M. T., Shirshov, P., Gandhi, R., Lu, G., Yuan, L., & Rexford, J. (2018). A scalable vpn gateway for multi-tenant cloud services. ACM SIGCOMM Computer Communication Review, 48(1), 49-55.