Unigroup's May 2010 Meeting Announcement

Computer Network Security: IPsec Configuration and EZ-VPN

Maritza Johnson,
Graduate Research Assistant and PhD Student,
Department Computer Science, Columbia University

Wednesday, 26-MAY-2010      (** SPECIAL 4th Wednesday Meeting **)

The Cooper Union
School of Engineering   (*** NEW BUILDING ***)
41 Cooper Square    (3rd Avenue @ 7th Street, between 6th & 7th Streets)
East Village, Manhattan
New York City
Meeting Room: 504CS   (Note: Room Changes Month-to-Month)
** Please RSVP **

6:15 - 6:30 PM Registration
6:30 - 6:45 PM Ask the Wizard - Questions, Answers and Current Events
6:45 - 7:00 PM Unigroup Business
7:00 - 9:30 PM Main Presentation

Please see the Fee Schedule below.


Unigroup's May 2010 presentation will be on "EZ-VPN", which is an IPsec Configuration Tool described in the paper "EZ-VPN: Simple IPsec Configuration" by Shreyas Srivatsan and Stephen M. Bellovin. Our speaker, Maritza Johnson, has been working with these individuals on an empirical evaluation of this tool as part of a research project at Columbia University.

The abstract of the EZ-VPN paper says:
The IPsec protocol promised easy, ubiquitous encryption. That has never happened. For the most part, IPsec usage is confined to VPNs for road warriors, largely due to needless configuration complexity and incompatible implementations. We have designed a simple VPN configuration language that hides the unwanted complexities. Virtually no options are necessary or possible. The administrator specifies the absolute minimum of information: the authorized hosts, their operating systems, and a little about the network topology; everything else, including certificate generation, is automatic. Our implementation includes a multi-target compiler, which generates implementation-specific configuration files for two different platforms; others are easy to add.

Maritza Johnson intends to do a hands-on demonstration of the EZ-VPN tool, with audience participation regarding downloading and using the tool, then having a subsequent review of the generated IPsec configurations. If you bring a notebook computer with WiFi Internet Access to the Unigroup meeting, we hope to have you participate in downloading and using the EZ-VPN tool. Requirements to participate in the demo: gcc, lex, yacc (bison), openssl. Optional: graphviz to display generated topology.


   To REGISTER for this event, please RSVP by using the
       Unigroup Registration Page.

   This will allow us to automate the registration process.
   (Registration will also add you to our mailing list.)
   Please avoid emailed RSVPs.

   Please continue to check the Unigroup web site and THIS page,
   for any last minute updates concerning this meeting.  If you
   registered for this meeting, please check your email for any last
   minute announcements as the meeting approaches.  Also make sure
   any anti-spam white-lists are updated to _ALLOW_ Unigroup traffic!
   If you block Unigroup Emails, your address will be dropped from
   our mailing list.

   Also, if you have an interest in Unigroup, be sure to receive
   Unigroup information DIRECTLY from Unigroup, via direct receipt
   of Emails and by visiting the Unigroup Web Site.  NO OTHER SOURCE
   provides timely, accurate and complete Unigroup information.

   Please RSVP as soon as possible, preferably at least 2-3 days
   prior to the meeting date, so we can plan the food order.
   RSVP deadline is usually the night before the meeting day.

   Note: RSVP is requested for this location to make sure the guard
         will let you into the building.  RSVP also helps us to
         properly plan the meeting (food, drinks, handouts,
         seating, etc.) and speed up your sign-in at the meeting.
         If you forget to RSVP prior to the meeting day, you may
         still be able to show up and attend our meeting, however,
         we cannot guarantee what building security will do if
         you are "not on the list".


      The Cooper Union  (http://www.cooper.edu)
      School of Engineering  (*** New Building ***)
      41 Cooper Square (3rd Avenue @ 7th Street, between 6th & 7th Streets)
      East Village, Manhattan
      New York City
      Meeting Room: 504CS

   Located on the East side of Cooper Square.  Look for the
   new building with the non-traditional appearance.
   Entrance is at the corner of 3rd Avenue and 7th Street.

   Building lobby sign-in is required at the guard's desk.
   Enter the building, check in with the guard at the lobby for
     directions to the Unigroup Meeting Room.

   Nearest mass transit stations are:
     '6'           to Astor Place (stops right at The Cooper Union),
                   then walk 1 block East and 1 block South.
     'R'           to 8th Street, then walk about 2 blocks East
                   then 1 block South.
     '4/5/6/R/N/Q' to Union Square, then walk South and East.
     'B/D/F/V'     to Broadway-Lafayette, then walk North and East.

   Free street parking in the area becomes available at 6pm.

   There are also parking lots on Broadway, at (or just south of)
     Astor Place (8th Street).


Topic: Computer Network Security: IPsec Configuration and EZ-VPN

Talk Outline:

The EZ-VPN tool provides a simple configuration language to generate IPsec configuration files. A primary goal was to reduce the overhead and decisions involved in configuring IPsec. The tool makes "smarter" default decisions and provides a configuration language for changing the defaults.

References & Web Resources:

   1) Maritza Johnson:

   2) GraphViz:


Maritza Johnson is a PhD student in the Department of Computer Science at Columbia University. Her research interests are in Security and Human-Computer Interaction, more specifically usable policy management. Her research adviser is Steve Bellovin and she is a member of the Systems Security Center at Columbia University. She is also the president of Columbia Women in Computer Science and is the finance chair for GSAC. She studied computer science at University of San Diego as an undergrad.


The Systems Security Center (SSC) is a research organization in network/systems security at Columbia University. Our research emphasis spans a wide diversity of security-related topics, with an objective to provide security and robustness guarantees for systems and networks in response to anomalous conditions and malicious attacks.

For more information about Columbia University, visit: http://www.cs.columbia.edu.


We have some OpenSolaris Books and CD-ROMs from our friends at the local NYC Sun Microsystems Office.


Unigroup is a Professional Technical Organization and User Group, and its members pay a yearly membership fee. For Unigroup members, there is usually no additional charges (ie. no meeting fees) during their membership year. Non-members who wish to attend Unigroup meetings are usually required to pay a "Single Meeting Fee".

         Yearly Membership (includes all meetings):      $ 50.00
         Student Yearly Membership (with current! ID):   $ 25.00
         Non-Member Single Meeting:                      $ 20.00
         Non-Member Student Single Meeting (with! ID):   $  5.00

       * Payment Methods: Cash, Check, American Express.

       ! Students: We are looking for proof that you are
         currently enrolled in classes (rather than working
         full-time), and as such, your Student ID should show
         a CURRENT date.  We have been presented Student IDs
         containing NO dates whatsoever, and in the
         current environment, perpetual/non-expiring access
         to university facilities just does not feel right.
         If your ID contains no date, please bring
         additional proof of current enrollment.  Thanks.

NOTE: Simply receiving Unigroup Email Announcements does NOT indicate membership in Unigroup.

Members: Remember to bring your membership card with you to the meeting, to confirm your yearly renewal date!


Complimentary Food and Refreshments will be served. This includes "wraps" such as turkey, roast beef, chicken, tuna and grilled vegetables as well as assorted salads (potato, tossed, pasta, etc), cookies, brownies, bottled water and assorted beverages.

Please join us for this meeting, you won't want to miss it!

[Unigroup Home]

Webmaster (unilist@unigroup.org)

Copyright © 2010 Unigroup of New York, Inc., All rights reserved.