Virtual private networks (VPN) offer a secure data exchange over public networks. Despite being cheaper than leased lines, growing sizes and dynamic behavior of VPN nodes, e.g., for mobility or reasons of denial-of-service-attacks, make a manual configuration of large, dynamic VPN expensive.
Consequently, a number of different VPN auto-configuration approaches have been invented and partially deployed over the last decade. This article identifies a comprehensive set of objectives to be fulfilled by IP-based VPN auto-configuration, explains and groups mechanisms, and analyzes their strengths and weaknesses with regards to the objectives. Finally, it identifies potential future directions of autonomous VPN deployment.

• 出版日期2011-6-1