IPsec Configuration – Tonight 5/26 @ Cooper Union

Unigroup’s May 2010 presentation will be on “EZ-VPN”, which is an IPsec Configuration Tool described in the paper “EZ-VPN: Simple IPsec Configuration” by Shreyas Srivatsan and Stephen M. Bellovin. Our speaker, Maritza Johnson, has been working with these individuals on an empirical evaluation of this tool as part of a research project at Columbia University.

The abstract of the EZ-VPN paper says:
The IPsec protocol promised easy, ubiquitous encryption. That has never happened. For the most part, IPsec usage is confined to VPNs for road warriors, largely due to needless configuration complexity and incompatible implementations. We have designed a simple VPN configuration language that hides the unwanted complexities. Virtually no options are necessary or possible. The administrator specifies the absolute minimum of information: the authorized hosts, their operating systems, and a little about the network topology; everything else, including certificate generation, is automatic. Our implementation includes a multi-target compiler, which generates implementation-specific configuration files for two different platforms; others are easy to add.

Maritza Johnson intends to do a hands-on demonstration of the EZ-VPN tool, with audience participation regarding downloading and using the tool, then having a subsequent review of the generated IPsec configurations. If you bring a notebook computer with WiFi Internet Access to the Unigroup meeting, we hope to have you participate in downloading and using the EZ-VPN tool. Requirements to participate in the demo: gcc, lex, yacc (bison), openssl. Optional: graphviz to display generated topology

When:  WEDNESDAY, May 26th, 2010    6:15pm
Where:  The Cooper Union  <http://www.cooper.edu>
Topic:  Computer Network Security: IPsec Configuration and EZ-VPN

More info: http://www.unigroup.org/