| Summary: | 博士 === 國立交通大學 === 資訊科學系 === 92 === While the connectivity issues are being resolved for LAN, WAN, and the last mile, the Internet is
moving into the next era in security and QoS networking. Without changing the Internet backbone
infrastructure, the security and QoS mechanisms can be embedded into a gateway, i.e. edge router.
This thesis focuses on (1) discovering the problems by evaluating real security or QoS systems; (2)
transparently solving the problems without introducing any new protocols or changing any Internet
infrastructure, and on (3) integrating the solutions into a real gateway.
As the name suggests, the "highly integrated QoSed security gateway" solves the integration
problems among the Firewall, NAT, VPN, Content Filter, IDS, Routing, and Bandwidth Management. The
thesis begins with an extensive performance/functional comparison among seven popular open-source
and commercial security gateways. Then the powerful One-Time Classifier (OTC) is proposed to
provide an integrated and high-speed classification engine. The next focus lies in another
extensive evaluation of the eight chosen popular open-source and commercial bandwidth management
devices. After that, the innovative PostACK approach is proposed to compete with the patented TCR
approach that is employed in five tested products. Finally, based on the discovery of our
evaluations on Wireless LAN (WLAN) access points, an integrated uplink/downlink WLAN bandwidth
manager is designed to fully control the bandwidth of the wireless link.
This thesis presents the testing, design, implementation, evaluation, and analysis of the
highly-integrated QoSed security gateway.
|
|---|
