VPN (virtual private network) refers to the technology of establishing private data communication network in a public network. In the VPN, the connection between any two nodes is constituted dynamically by using the resources of a certain public network. The VPN can realize the interconnection between the resources and components of different networks, can create a tunnel for the user by using the infrastructure of Internet or other public internets, and provide a safety and function guarantee as same as the private network.
Mobile VPN service is the VPN service realized through the mobile communication network, and can provide a mobile, safe and high quality data channel for the institutions such as enterprises and so on, so that the user can access to the resources of the institutions at any time and any place.
As same as the requirements of fixed network VPN, the mobile VPN also requires network security, performance optimization, and easy management. The security can be realized by means of tunnel encryption, data verification, user verification, fire wall and attack detection and so on; the realization of the performance optimization requires that the existing resources and capacity of the network are fully utilized and the quality of service (QoS) demand of various data services is met as much as possible by a traffic prediction and control strategy and the distribution of the bandwidth resource according to priority; the easy management is embodied as realizing the divisional management of the enterprises and operators on the VPN according to the different demands of the enterprises, and ensuring the VPN has good expansibility, economy and safe reliability.
Tunneling technology is a key factor for establishing the VPN. The existing tunnel protocols mainly comprise a layer-two tunnel protocol (such as layer 2 tunnel protocol L2TP) and a layer-three tunnel protocol (such as general-purpose routing encapsulation GRE, IPSec, multi-protocol label switching MPLS etc.). It is the capacity of the mobile network devices for supporting the above tunnel protocols to be used by the mobile VPN to perform VPN networking, so as to realize the VPN services of the mobile network.
Different from the fixed network VPN, the user uses the mobile communication terminals such as mobile phone, network card and so on to access the resources of the private network of the institutions such as enterprises and so on. The mobile communication terminal can access the resources of the private network at any time and any place. However, along with the conveniences brought about, the difficulties with terminal management are produced as well, such as the use state of the terminal is uncontrollable; the terminal may be lost or be stolen during use; the risk exists that some unauthorized users may use the mobile communication terminal to access the resources of the private network and so on, all of which affect the security of the private network. Therefore, in the technical solution of the mobile VPN, it is desired to propose a corresponding solution for solving the security problems of the mobile communication terminal.