The project mainly studies and applies remote secure access based on distributed SSL VPN. Based on various previous VPNs and invention patents, a distributed SSLVPN system and architecture method, a security system that can ensure remote access and Lan-to-Lan connection in various network environments is developed. The company develops products based on the current Internet network status in China and are used to build point-to-point and point-to-multipoint VPN (Lan2Lan) based on SSL protocol. They are mainly used to interconnect branch nodes of large and medium-sized enterprises or institutions with the headquarters VPN network. It can realize the safe interworking of multiple remote networks and can carry various services such as data, voice, and video. The scientific and technological fields to which the project belongs are: 1. Electronic information (4) Communication products. 3. Wireless access products. The project products mainly adopt the following key technologies: 1. Improvement and development of SSL VPN technology. Make SSL VPN technology support any port and UDP protocol; and realize distributed deployment to strengthen the security of SSL VPN; extend its compatibility with C/S architecture applications, so that it truly supports various TCP/IP protocol-based applications. Invention patent A distributed SSL VPN system and architecture method: This technology can provide users with safe, fast and convenient remote security access means, making VX remote access software not only limited to the remote access field, but also a collection of remote access. A comprehensive security access system integrating remote access, security protection and data encryption provides users with a comprehensive remote security access solution. 2. Security optimization of client controls. Originally, SSL VPN technology did not require client controls, but because it needed to support a large number of C/S architecture applications, an ActiveX control mechanism was introduced. The project product technology has the following innovation points, advancement and technical characteristics: 1. It adopts an application-based proxy mechanism to support all application systems based on the TCP/UDP protocol. Users can integrate seamlessly without making any changes to the original system. 2. It can provide users with a powerful mobile office platform. It has no problems with firewall, NAT traversal, and IP address conflicts. It supports all Internet access methods and ensures that users can achieve mobile office unimpeded in various environments. 3. You can provide multiple forms of identity authentication for the system without making any changes to the original application and server. It not only has a local authentication database, but also can be combined with the original authentication database to be seamlessly compatible with authentication systems such as Windows Active Directory, Windows NT Domain, RADIUS, LDAP, ACE Server and PKI. 4. Encrypted data communication between the client and the server can be realized without making any changes to the original application and server. It supports multiple encryption methods, such as symmetric encryption, asymmetric encryption, and digest. 5. Through various means such as application proxy, hierarchical authorization, and client scanning, it can provide reliable security for various network application systems with weak anti-attack capabilities, so that they can be protected from malicious attacks by hackers and worms. 6. It has two-way access function, which can realize data collection and mutual visits from LAN-LAN and any remote point. Combined with the proxy publishing function of internal network applications, it can fully meet the various needs of large organizations and enterprises for remote secure access. 7. Unique architecture can effectively improve data transmission speed in public networks. It is very suitable for large organizations with branches across the country and even around the world. It can greatly improve network access speed without increasing any link bandwidth. The project has 1 invention patent and 4 software copyrights. Due to the obvious performance and price advantages of the project products, they have a good reputation among telecom operators. At present, domestic industry giants such as China Telecom, China Netcom, Huaneng Group, and Poly Real Estate have all used the VX remote access system.