Skip to Main Content
The design of suitable configurations for virtual private networks (VPNs) is usually difficult and error-prone. The abstract objectives of design are given by high level policies representing various requirements and the designers are often faced with conflicting requirements. Moreover, it is difficult to find a suitable mapping of high level policies to those low level network configurations which correctly and completely implement the abstract objectives. We apply the approach of model-based management where the system itself as well as the management objectives are represented by graphical object instance diagrams. A combination of tool and libraries supports their interactive construction and automated analysis. The implementation of the approach focuses on VPNs which are based on the Linux IPsec software FreeS/WAN.
Date of Conference: 2002