朕的公主h,对着镜子一颗颗塞荔枝

Copper Bull Net Shield

Product Name <br /> Copper Bull Net Shield

Implementation standards
GB / T26246-2010.

Product features <br /> This product is used for the network security access gateway of enterprises and institutions, and provides a tunnel for secure data transmission between enterprises or between individuals and companies.

Fourth, the scope of application <br /> This product is suitable for normal work at -20 ℃ to 40 ℃.

Five, technical parameters
1. Material: metal.
2. This product has three grades, its performance and specifications are as follows:

3. Encryption Tongniu Shield uses the OpenSSL library to encrypt data and control information: it uses OpenSSL's encryption and verification functions, which means that it can use any algorithm supported by OpenSSL. It provides optional packet HMAC capabilities to improve connection security. In addition, OpenSSL's hardware acceleration can also improve its performance.

4. All communication of the network copper bull network shield is based on a single IP port. By default, the UDP protocol is used for communication, and TCP is also supported. Tongniu Shield connects through most proxy servers and works well in a NAT environment. The server has the function of "pushing" certain network configuration information to the client, such information includes: IP address, routing settings, etc. Tongniu Shield provides two types of virtual network interfaces: universal Tun / Tap drivers, through which you can establish a Layer 3 IP tunnel, or a virtual Layer 2 Ethernet, which can transmit any type of Layer 2 Ethernet network data. The transmitted data can be compressed by the LZO algorithm. The official port assigned by IANA (Internet Assigned Numbers Authority) to Tongniu Shield is 1194.
Tongniu Shield uses the characteristics of common network protocols (TCP and UDP), making it an ideal replacement for protocols such as IPsec, especially when the ISP (Internet service provider) filters certain specific VPN protocols. When selecting a protocol, you need to pay attention to the network conditions between the two encrypted tunnels. If there is a high latency or a large number of packet loss, please select the TCP protocol as the underlying protocol. Due to the connectionless and retransmission mechanism of the UDP protocol, The retransmission of the protocol at the upper layer of the tunnel is very inefficient.

5. Identity verification Tongniu Shield provides multiple authentication methods to confirm the identity of the two parties connected, including:
Pre-shared private key Third-party certificate username / password combination The pre-shared key is the simplest, but at the same time it can only be used to create a point-to-point VPN; PKI-based third-party certificates provide the most complete functions, but require the maintenance of an additional PKI Certificate system. Tongniu Shield introduces a user name / password combination authentication method, which can omit the client certificate, but still needs a server certificate for encryption.

6. Functions and ports All communication of Tongniu Shield is based on a single IP port. By default, it uses UDP protocol for communication, and it also supports TCP. The port of Tongniu Shield is 1194.
Tongniu Shield connects through most proxy servers and works well in a NAT environment.
The server has the function of "pushing" certain network configuration information to the client, such information includes: IP address, routing settings, etc.
Tongniu Shield provides two types of virtual network interfaces: universal Tun / Tap drivers, through which you can create a Layer 3 IP tunnel, or a virtual Layer 2 Ethernet, which can transmit any type of Layer 2 Ethernet data.
The transmitted data can be compressed by the LZO algorithm.

7. The security Copper Bull Shield comes with many security features by nature: it runs in user space without modifying the kernel and network protocol stack; it runs in chroot mode after the initial completion, giving up root permissions; using mlockall to prevent Exchanging sensitive data to disk.