網際網路蓬勃發展之後，原先以專線構成的企業網路其經濟性面臨巨大的衝擊，近幾年興起架構在網際網路上虛擬私人網路(Virtual Private Network)的風潮，相關技術、規範不斷被提出，網路業者陸續推出VPN的各種解決方案，企業組織也想透過引進適當的VPN解決方案，以解決企業網路運作的成本。
本研究除了探討回顧現有的VPN應用技術，進一步歸納分析建置VPN的五種構面，如資料的安全完整、存取控制、擴充相容、效能品質、維護管理等。並將現有企業依規模劃分為五種不同的類型，以及各類型可能引用的VPN技術機制，從最基本的通道、加密、認證、憑證管理等技術的引用，以及RADIUS、LDAP等存取控制機制的應用，以及服務品質QoS技術MPLS、RSVP、CoS等等的應用。本研究以一簡單的評估模式來評估不同類型公司所引用的不同技術機制與其相關構面間的關係。以了解現有的應用技術對於建構VPN網路的影響。
最後以國內、外的網路業者為例，探討它們的VPN服務，並歸納分析其構面的實現機制，並提出建構VPN網路的建議。

After the rapid development of the Internet, the enterprise network that was originally build upon dedicated line(s) has been facing great impacts due to its cost efficiency inadequacy. In recent years, setting up VPNs (Virtual Private Networks) on top of the Internet has become a popular trend. Its related specifications and technologies are constantly being introduced. ISPs (Internet Service Providers) are rolling out all kinds of VPN solutions, and enterprises also want to lower the cost of operating a enterprise-level network by the means of introducing VPN solutions into their systems.
This research project will focus on the discussion and reviewing of the currently available VPN application technologies, further analyze and conclude the five layouts regarding the establishment of VPNs such as 1. Data Integrity & Safety 2. Data Access & Control 3. Data Compatibility & Expansion 4. Data Efficiency & Quality 5. Data maintenance & Management. Then divide into five different kinds of categories according to the size of the current enterprise, and the possible VPN technology used in each category. From the used of the most basic technologies such as tunneling, encrypting, authenticating, certificate management, the application of access control mechanism like RADIUS and LDAP; as well as the application of service quality QoS technology, MPLS, RSVP, CoS, etc. This research project will use a simple evaluation module to evaluate the relationship between the different technology mechanisms used by different kinds of companies with its relative layouts, to understand the impact of application technologies on constructing VPNs.
Finally we will use the example of several ISPs from domestic and aboard, discuss their VPN services; to analyze and conclude application mechanism of their layouts, and bring forward some suggestions on constructing VPNs.

[1]張家瑜、曾柏堯，探索VPN，網路通訊，資訊與電腦，2001.9
[2]葉筱楓，IP-VPN技術及應用發展之探討，電信研究雙月刊 第31卷第二期，2001.4
[3]談應衡，企業網路功能需求分析之研究，實踐大學企業管理研究所碩士論文，2001.2
[4]張書馨、范國寶，IP-VPN服務品質管理技術之探討，第93期電腦與通訊，2000.5
[5]羅建昌，企業虛擬私有網路之探討-MPLS技術簡介，電腦科技第55期，1999.12
[6]陳春秀、劉萬鈞，IP-base Virtual Private Network服務與技術，第84期電腦與通訊，1999.11
[7] Bellman,B., “Do-it-yourself VPNs,” Business Communications Review, Vol.32 , pp.28-32 , May 2002.
[8] Wright, A., “Virtual Private Network Security,” Network Security Vol. 2000, Issue: 7, pp. 11-14, July 2000.
[9] Brown, A., “VPNs: Only Part of the Remote Access Security Solution,” Network Security, Vol. 2001, Issue: 1, pp.12-14, January 2001.
[10] Gunter, M., Braun, T. and Khalil, I., “An architecture for managing QoS-enabled VPNs over the Internet,” Local Computer Networks, 1999. LCN ''99. Conference on , 1999 pp. 122 -131
[11] Younglove, R. , “Virtual private networks - how they work,” Computing & Control Engineering Journal , Vol. 11 ,Issue: 6 , pp.260 –262 ,Dec. 2000.
[12] Patton, S. and Smith, B., “A Virtual Private Network Deployment Framework,” Local Computer Networks, Proceedings. 25th Annual IEEE Conference on , 2000, pp.225 -226
[13] Venkateswaran, R. , “Various services and implementation scenarios-Virtual Private Network,” IEEE Communications Magazine, March 2001.
[14] Lee, H., Hwang, J., Kang, B., and Jun, K., “End-To-End QoS Architecture for VPNs：MPLS Deployment in a Backbone Network,” IEEE Electronics and Telecommunications Research Institute, September 2000.
[15] Zhang, G. and Mouftah, H. T., “End-to-End QoS Guarantees Over Diffserv Networks,” IEEE Computing & Control Engineering Journal, January 2001.
[16] Yurcik, W. and Doss D., “A Planning Framework for Implementing Virtual Private Network,” IEEE Communications Magazine ,June 2001.
[17] Perry, B. G., “What is a VPN,” Information Security Technical Report, Vol. 6, No.1 , pp.15-22 , 2001.
[18] Broderick, J. S., “VPN Security Policy,” Information Security Technical Report, Vol. 6 , No.1 , pp.31-34 , 2001.
[19] Alexander, H., Alexander, R.B., Jing Z. and Qun Z., “Value added service-voice, data, frame relay, ATM, and IP all on one,” Communication Technology Proceedings, 2000. WCC - ICCT 2000. International Conference on , Vol.1 , pp.621 -626 , 2000.
[20] Daniel, M., “Next-gen VPNs: The design challenge,” Data Communications, Vol.28 , pp.83-95 , Sep 1999.
[21] Wexler, J., “QOS: What can service providers deliver,” Business Communications Review, Vol.29 , pp.25-30 , Apr 1999.
[22] Braun, T., Guenter, M. and Khalil, I., “Management of Quality of Service Enabled VPNs,” IEEE Communications Magazine, pp.90-98 , May 2001.
[23] De Clercq, J., Paridaens, O., “Scalability implications of virtual private networks,” IEEE Communications Magazine , Vol. 40 , pp.151 –157, May 2002.
[24]“Marketing Opportunity and paths for Implementation, A Guide for Enterprises and Service Providers with Market Forecasts Provided by Infonetics Research,” 1999 by VPNet Technologies Inc.
[25] RFC 2637：Point-to-Point Tunneling Protocol(PPTP)
[26] RFC 2401：Security Architecture for the Internet Protocol
[27] RFC 2402：IP Authentication Header
[28] RFC 2406：IP Encapsulating Security Payload(ESP)
[29] RFC 2408：Internet Security Association and Key Management Protocol
[30] RFC 2409：The Internet Key Exchange (IKE)
[31]“Layer Two Tunneling Protocol (L2TP)”, <draft-ietf-pppext-12tp-11,txt>
[32] http://www.worldcom.com/main.phtml
[33] http://www.ipservices.att.com
[34] http://www.hinet.net/hiproduct/product.htm