The past decade has witnessed unprecedented advances in network based information processing. The number of organisations that have been connected to the open and insecure Internet has been growing steadily at an exponential rate. A large number of these organisations are now moving towards establishing corporate Intranets within the organisations while maintaining access to the Internet. Following an emerging future direction in this line of development, an increasing number of organisations are further extending their corporate Intranets to so-called Extranets. These Extranets would facilitate reliable and secure information sharing and transactions between business partners via the open Internet. The key technology that underpins Intranets and Extranets is virtual private networks (VPNs), and it is particularly important for a network computing professional to understand VPNs and be able to use VPNs to design, implement and manage an Intranet and Extranet for a business organisation. It is therefore timely to introduce a level 5 subject in the Master of Network Computing course that provides students with an opportunity to understand thoroughly the technical details of major protocols and tools used in virtual private networks (VPNs), the knowledge and skills required in using VPNs to design and implement Intranets and Extranets, and fundamental techniques for managing Intranets and Extranets.

The unit was originally proposed in 1999 for a tentative class size of 20. The changes account for the technological developments since then and the impact of a larger class size.

At the completion of this subject, students should have

• a detailed knowledge and understanding of all major protocols used for VPN;
• a detailed knowledge and understanding of VPN architectures including interaction with firewalls.
• an understanding of major issues in implementing the protocols;
• the knowledge and skills to objectively compare and contrast various VPN protocols (eg. L2TP with IPSec and the platform specific variations);
• the knowledge and skills to enable them to design and implement standard and non-standard VPNs.

The students would work in small groups for their second assignment.

Layered structure of networks, security threats in an open network environment, and basic security. Detailed exposition of major tools and protocols used in VPNs, including firewalls, IPSec, Internet Security Association and Key Management Protocol (ISAKMP), Internet Key Exchange (IKE), Point-to-Point Protocol (PPP) and Point-to-Point Tunnelling Protocol (PPTP), Layer 2 Tunnelling Protocol (L2TP), Secure Sockets Layer (SSL), and SOCKS. Exposition of principles and methodologies for the design and implementation of Intranets and Extranets using VPNs. Techniques for managing security, naming and address services, and performance of a VPN.

• Virtual Private Networks: Making the Right Connection

• Building Linux Virtual Private Networks

On-Campus

The concepts covered in the lectures are reinforced during the tutorials with the aid of examples and exerices. Hands-on work is included within the tutorials to link the theory with the practice to enhance the understanding. The assignment work allows students develop research and problem solving skills; individually and within a team environment.

In Summer Semester the subject will have a 3-hour lecture and a 2-hour tutorial (in computer laboratories) per week for ten weeks, for other semesters the lectures and tutorial classes would be of 2-hour duration each per week for 13-weeks.

The lecture stream will present the implementation details and design principles of VPN protocols as well as other relevant networking protocols. It will also show students how to build VPNs. This will address all the five objectives.

The tutorial sessions will reinforce the concepts learned during the lectures through the hands-on work and completion of the exercises relating to the theory covered in the lectures. This will address objectives 1, 2, 3, and 5.

The assessment would be done through assignment work and the practical exercises done during the tutorials. The assignment work would comprise two assignments worth 60% of the marks and the assessment of the tutorial work would be worth the remaining 40% of the marks.

The first assignment would be worth 20% of the total marks for the unit and would have to be completed individually. The assignment would entail in a report written by the student based upon the information available within the lecture notes, the text books, and information obtained by researching of the Internet and the Library. This will address objectives 1 and 2.

The work done in the tutorials would be assessed at the end of the semester and will be worth 40% of the total marks for the unit. This will address objectives 1,2, 3, 4, and 5.

The second assignment would be worth 40% of the total marks for the unit and would be done as in groups. It would entail in a wide range of activities including the research, design, implementation, testing, and presentation of their project in a work-environment-like situation. This will address objectives 2, 3, 4, and 5.

Students are expected to spend an average of 12 hours per week for a semester on this unit, with the following detailed breakdown:

• 2 hours per week: lecture
• 2 hours per week: tutorial/lab
• 8 hours per week: private study and completing assignments

Lecture for 180 students.

9 tutorials for 20 students each.

A laboratory containing approximately twenty (20) personal computers with Internet connection, removable disks, and some additional networking hardware (e.g. hubs, cables, and connectors).

Lecturer, 2 hours per week. Tutor, 2 hour per week per tutorial session.

• Software Title:
• Vendor:
• Version:
• OS: MS Windows XP ( ) and/or LINUX ( )
• License Details: (A valid software license certificate/s or Vendor permission must be available upon request if the software is to be installed for teaching)
• Are we currently licensed: Yes ( ) or No ( ) (If unsure, please check with your local IT support )
• If (Yes), who is the contact person for this software?:
• If (No), will the software license be arranged by: Staff member requesting the software ( ) or Technical Services* ( ) ? *If the latter is selected, please discuss your requirement/s with myself ASAP, prior to finalising your request, as there could be financial or resourcing implications.
• Is the software to be installed and accessed from a: Client/Workstation ( ), or Server ( ) ?
• Type of license: Site License ( ), Freeware ( ), FOSS (Free and Open Source Software) ( ), Shareware ( ), Lab based ( ) # of Licenses needed ____
• In what week will you commence using the software in class? Semester 1 (Week ___ ) and/or Semester 2 (Week ___ ):
• Nominated Staff For Acceptance Testing Software: (Name) (Phone) (Email)
• Additional Information: Special Requirements, Software Configuration/Installation Requirements, etc:

None

Library Impact Statement was completed and sent to library at the submission of the course proposal document.

Originals of signed library impact statements are held by the Faculty of Information Technology Secretariat. Copies may be available on request (Tel. 9903 2726/2983, Fax 99032745, email jillian.oldfield@infotech.monash.edu.au).

100% from the School of Network Computing.

None

None

None

None

Admission to the Master of Network Computing, or equivalent Masters level programs of the Faculty of Information Technology; some programming experience in C, C++ or Java.

Asad I. Khan

Asad I. Khan