摘要
IPSec虚拟专用网在使用IPSec的加密、认证和封装等功能后,将会导致其服务质量(QoS)明显下降。为研究加密和认证这两个影响最大的因素,分析了目前IPSec虚拟专用网常用的加密算法和认证算法对QoS的影响,利用OPNET仿真工具建立了IPSec虚拟专用网的仿真模型,把不同组合的常用加密算法和认证算法对QoS的影响分别进行仿真,并对仿真结果做了对比分析。结果表明,在隧道方式下,采用ESP/DES/MD5算法组合的IPSec_F irewall_VPN1的QoS性能最好,而加密对QoS的影响较大。今后在网络运行过程中,可以参考仿真优化结果提高网络安全和服务质量,按需求,灵活选择,使运行达到最佳的效果。
QoS of IPSec VPN will clearly decrease if it uses IPSec encryption, authentication and encapsulation functions. This paper focuses on encryption and authentication, the two most special and influential factors, analyzes the effect of current IPSec VPN encryption algorithms and authentication algorithm on QoS. It uses OPNET simulation tools to set up an IPSec VPN model and simulates the influences of different and widely used encryption and authentication methods on QoS. Finally, it compares and analyzes the results of the simulation. The results show that in the tunnel way and by using the combined ESP/DES/MD5 algorithm, the IPSec_Firewall_VPN1 will have the best QoS performance, while the influence of eneryption is bigger than that of authentication. In the future, in the process of implementing IPSee, encryption algorithm and authentication algorithm can be chosen flexibly according to the actual needs of security and quality of service to achieve the best results.
出处
《计算机仿真》
CSCD
北大核心
2009年第8期137-142,共6页
Computer Simulation
基金
广西教育厅科研项目(200808LX052)
第一批校级立项项目
关键词
虚拟专用网
服务质量
加密
认证
仿真
Virtual private network(VPN)
Quality of service
Encryption
Authentication
Simulation
