A rising number of companies want to establish data links with their subsidiaries and business partners. The world-wide internet offers an attractive alternative to expensive leased lines. Unfortunately the public nature of the internet does not meet the stringent security needs mandated by business-critical data transactions. The concept of a virtual private network (VPN) offers a solution to most of these security requirements.

The practical implementation of a VPN based on a Linux platform was the main task of our diplom thesis. In a first step, a site-to-site connection with two security gateways as endpoints of a secure internet tunnel was realised. IPSec, a standardized internet security protocol, offering strong cryptography to provide encryption and authentication was used.

Various connection setups using authentication methods based on pre-shared-secrets and digital signatures (i.e. certificates), were analyzed and documented. In order to issue and sign X.509 certificates, a certification authority was installed.

Mobile "road warriors" wanting to connect to their home base from any point on the globe are grateful users of today's VPN's. Therefore we put special emphasis on this important use case and documented several problems we encountered with this important application.

Much weight was given to the thorough analysis of the exchanged data packets by means of a network analyzer. It helped us to demonstrate the security provided by the encrypted internet tunnels.

We implemented a well working VPN system, enabling the user to build secure tunnels through untrusted networks. With regard to an imminent introduction of VPN technology to various application areas, valuable experience and knowledge was gained.

Internet and telecommunications - both expressions increasingly can not be distinguished, instead they seem to blend more and more. The companies deal with the question whether or not it makes sense to replace traditional telephones with H.323-terminals. Some few have already decided on this matter, therefore they now have to handle the question of how to do it.

This thesis lays the foundation of a high standard H.323-terminal, which should highly exceed the possibilities of an ISDN-telephone. The extent features should not only cover basic functions such as park & hold, forwarding, diversion or redialing, but also services like lists of conversation partners or the full integration into internal company processes.

The implementation of the communication protocol H.323 or the compression algorithm G723.1 is impossible due to financial reasons. Our project, the so-called SoftPhone, therefore builds on NetMeeting, which completely implements H.323 and G.723.1 and enables its functionality through several interfaces. The standardization of the communication protocols in order to realize extra features is still under construction. That is why we the latter are implemented by a proprietary solution.

The solution worked out in this thesis fulfills the required functionality and offers a thought-out, solid and fully documented foundation. The use of ActiveX-Technology clearly separates the functionality and intelligence of the graphical user interface and thus enables other providers to adapt their own design of a graphical user interface. Moreover, any kind of user information is stored in a central database, except micro and speaker settings, which are saved on local disk. This solution allows the users to work with their personal settings within the same network, independently from their location.

In our global society not even the possibilities of the mobile phones satisfy the steadily increasing needs for communication. A new product is required, which not only secures internet access, but equally includes the conventional devices like fax and telephone. WAP based services meet these requirements, they are global, easy to handle and independent from the underlying network technology.

These characteristics make WAP one of the most advanced product in mobile communication technology. Information such as rates of exchange or shares, e-mail- and fax message, cityguides, concert dates, sports news, flight plans, hotel reservations... can comfortably accessed with this promising technology.

Our diploma project consisted primarily in developing a service which can make use of the WAP infrastructure. As there is no WAP infrastructure completed so far, our server application was simulated on the Nokia SDK 1.01. The Nokia SDK can be compared with a simple WML Browser.

Our WAP application is able to receive mails, fax- or voice messages. Fax attachments are rerouted when desired to a fax device, voice attachments to a telephone.

Our WAP application is supported by the SNMP network management protocol, which is standardized world-wide and reads and sets statistic and configuration data of network components. Most network components are nowadays SNMP compatible. In our project SNMP is used for the remote configuration of our WAP application on the one hand and on the other for the collection of its statistical data.

It is a fact that several different programs already exist on the CTI-sector, most of which can solely carry out telephonic functions via graphic surfaces or mouseclicks. In our thesis "Work Flow Control", we set the measuring pole yet a little higher and aimed at a real CTI-solution and would use pcs in an ingenious matter. In regard to these specified product requirements, a workstation should provide the following functions:

• If a call comes in through the ISDN-telephone, the program should be able to identify the caller by running his/her telephone-number through either Outlook or, alternatively, the TwixTel-CD. After the caller has been identified, a connection to any existing data will be established in order to inform the recipient about personal information like of the calling party. This way, the recipient will be efficiently and sufficiently informed before accepting or answering a call.
• Ideally, it should be possible to establish a connection via telephone, email, facsimile and SMS when using Outlook. The necessary extensions should be established additionally.

Unfortunately, we were not able to fulfill the specified product requirements. This was not as much our fault as it was due to the following problems:

• The TwixTel-API has been promised us for a long time, yet has never been given to us as of today.
• The EuriTel-TSP does not provide the functions that have been expected.
• The synchronisation of the private and public "contacts" with the handheld organizers proved to be of such difficulty due to the problematic difference of the systems that we disregarded this UseCase altogether.

By applying the steps mentioned above, we have divided the task as imposed by the specified product requirement into part- respectively sub-problems. However, the separation into sub-problems occured according to the technologies being used. The result of this procedure are small and flexible part-system-solutions.