Altiga VPN Concentrator Series
Altiga Networks
124 Grove St., Ste. 309
Franklin, MA 02038-3206
877-4-ALTIGA
This next-gen VPN communications platform is meant for enterprise deployment at a
central site for single users and remote office connections. The high availability VPN
Concentrator Series offers four expansion slots for easy upgrade as well as support for up
to 5,000 concurrent connections in the C50 model. The platform provides encrypted
throughput of up to 100 Mbps, and comes standard with 32 MB of SRAM with expansion of up
to 256 MB possible.
Other features include a 300 MHz Motorola PowerPC 603e processor, and four Altiga
Scaleable Encryption Processing (SEP) Modules. The platform is compatible with Windows
software, as well as Altiga?s IPSec client. It features support for PPTP, IPSec with AH,
ESP, and IKE, L2TP, and L2TP tunneling in IPSec. The VPN Concentrator series also comes
with an embedded management interface for easy administration, monitoring, and accounting
functions. For more information, visit Altiga's Web site at www.altiga.com.
Intraport Carrier Family
Compatible Systems Corporation
P.O. Box 17220
Boulder, CO 80308
800-356-0283
This Layer 3-to-Layer 2 VPN gateway from Compatible Systems supports IPSec-based
connections through dial-up, xDSL, IDSN, and cable modems. The Intraport carriers can be
accessed remotely through client software over a secure, encrypted connection through any
ISP to the network service provider's (NSP) facility. The VPN is terminated there, and the
packets are decrypted and routed to the private network via a frame relay PVC. The
Carrier-2 model of the gateway is scalable, through two hot-swappable I/O cards that each
support up to 5,000 connections, as well as planned ATM support. The Carrier-8 can
accommodate up to eight slots, for a maximum of 40,000 users.
Intraport client software will run on Windows, Power Macintosh, Solaris, and
Intel-based Linux computers. Remote management is possible through Telnet or CompatiView,
Compatible's software, which is included with the system. For additional information,
visit the Compatible Systems Web site at www.compatible.com
Everest VISTA
NetCore Systems, Inc.
187 Ballardvale St.
Wilmington, MA 01887
987-694-1555
NetCore's Virtual IP Service and Transport Administration (VISTA) technology
enables the company's Everest terabit-scale switch/router to function as numerous
individual routers. The routers then segment increments of the public IP network and treat
them as individual networks as needed, for rapid provisioning of VPNs that maintain all of
the features of a company's own network. VISTA basically allows private networks to
perform addressing, security, and protocol support functions while running parallel to the
public Internet.
VISTA provides maximum quality of service (QoS) for voice over IP (VoIP) through
service level agreements (SLAs), and uses ATM switching to partition off individual
networks. The technology allows service providers to offer business-class IP VPNs with the
security of circuit-based solutions. For more information, visit NetCore's Web site at www.netcoresys.com
Envoy VPN 21000
Ennovate Networks, Inc.
330 Codman Hill Rd.
Boxborough, MA 01719
978-263-2002
Ennovate's VPN 21000 service provisioning system enables simplified setup and
configuration for network-based IP VPNs. The solution offers any-to-any connectivity of IP
networks with the quality and security of private networks. The system uses Ennovate's
Membership Advertisement Protocols (MAP) to automate VPN building, and distributes
identification securely throughout the network to identify corporate sites that belong to
the customer VPN.
Authentication is performed through a secure key exchange, and address isolation is
achieved through virtual router technology and support for encapsulation schemes like IP
in IP, ATM VCIs, IP DLCLs, and MPLS, which hide private addresses from the core network.
The system also uses the virtual link establishment protocol (VLEP) for dynamic
configuration of encapuslated links between virtual routers. For additional information,
visit Ennovate's Web site at www.ennovatenetworks.com
Entrust/VPN Connector
Entrust Technologies, Ltd.
2323 N. Central Expwy., Ste. 360
Richardson, TX 75080
888-690-2424
As an extension to its public key infrastructure (PKI) software, Entrust offers the
Entrust/VPN Connector as a standards-based certificate enrollment platform for scalable
VPN solutions. The Connector manages enrollment for routers, firewalls, gateways, and VPN
access applications that support the IPSec and Internet Key Exchange (IKE) standards. The
platform uses the certificate enrollment protocol (CEP) or PKCS#10 certificate requests to
manage certificates.
The Connector minimizes administration costs by providing automated certificate posting to
directories, and automatic CRL updates. The platform also utilizes features of the PKI
software like CA cryptographic hardware and PKI management reports. For additional
information, visit Entrust's Web site at www.entrust.com
Luna VPN
Chrysalis-ITS
1688 Woodward Dr.
Ottawa, ON K2C 3R7
613-723-5077
The LunaVPN cryptographic accelerator board from Chrysalis provides cryptographic
processing at wireline speeds of up to 100 Mbps, eliminating congestion for VPNs and
freeing the firewall or router to perform other functions. The board uses onboard memory
and processors for authentication, encryption, and key generation, and offers a
kernel-level API for tight integration with existing applications.
The Luna is scalable up to 8,000 simultaneous connections per card, and can be connected
to multiple cards to meet network traffic demands. Security is provided by digital keys
which are generated on the card through symmetric and asymmetric key pair generation, and
never exported. It is currently being embedded in CheckPoint's VPN-1 Appliance. For more
information, visit the Chrysalis Web site at www.chrysalis-its.com
exSPANd
Intelispan, Inc.
14505 North Hayden Rd., Ste. 300
Scottsdale, AZ 85260
602-443-3999
The exSPANd service solution from Intelispan provides global remote access to the
corporate WAN through a private ATM and frame relay WAN with advanced network control
technologies. The network eliminates the need for tunneling, and provides an extensive
coverage area with points of presence (POPs) in more than 200 cities. The solution's flat
router architecture on multi-layered routed backbones offers optimum speeds and reduced
latency. A committed information rate (CIR) is also provided from the local loop circuit
to the premise over the Intelispan hub-and-spoke router backbone.
The service offers a network-level firewall through policy-based routing control, and
IP address management and filtering is used to control user activity. A network address
translator (NAT) translates addresses into the corporate LAN to a numbering range
established by the administrator, and all account changes are automatically propagated to
every access point on the network. LAN connections to Intelispan's network require a
router, and terminal CSU/DSU equipment. For additional information, visit the company's
Web site at www.intelispan.com
ConcentricQoS
Concentric Network Corp.
1400 Parkmoor Ave.
San Jose, CA 95126
408-817-2800
Concentric provides differentiated quality of service for VPNs through the ConcentricQoS
service, offered with the company's Enterprise VPN. The service provides utilization
management, bandwidth monitoring, and customer-specific traffic prioritization for
business customers. It allows bandwidth to be provisioned for specific users, departments,
or computing resources, and can prioritize time-sensitive data over other network traffic.
ConcentricQoS provides 100% premise-to-premise availability with low latency and packet
loss, as well as customer control over QoS. The service also uses Xedia's Access Point
QVPN router to classify traffic by application type or IP address, as well as to set
bandwidth requirements. For additional information, visit Concentric's Web site at www.concentric.com
VSU-1100 VPNware Service Unit
VPNet Technologies, Inc.
1530 Meridian Ave.
San Jose, CA 95125
408-445-6600
The VSU-1100 VPN platform from VPNet can integrate with the company's VPNware System 1000,
2000, and 5000 solutions for a complete offering with management and remote-user software.
The platform is IPSec-compliant, and can support triple-DES encryption at full-duplex T3
speeds. It can process 90 Mbps of IPSec-encrypted traffic and handle user authentication
and NAT, using proprietary, dual packet-processing engines.
The platform uses two single-port 10/100 Mbps Ethernet cards for use in intranets,
extranets, and for remote access. The system also handles points of traffic concentration
like server farms, and can support a large number of feeds converging on remotely hosted
networks and Web sites. When used with VPNet's VPNware, the VSU can maintain records of
remote user and site-to-site sessions through SNMP, and provide internal statistics for
monitoring and billing. For more information, visit VPNet's Web site at www.vpnet.com
MobileLogic WVPN
Wireless Telecom, Inc.
MobileLogic Network Services
3025 South Parker Rd., Ste. 1000
Aurora, CO 80014
800-787-9170
Based on Ericsson's Virtual Office (EVO) software, the MobileLogic WVPN from Wireless
Telecom provides a combination of encryption and access control to protect data behind a
firewall, while allowing access from remote users. The solution comes with a wireless
modem and software for each remote user's computer, as well as secure access to the
MobileLogic wireless gateway server to enable messaging applications through Exchange.
WVPN server software is also installed on site, and network bandwidth through a wireless
carrier of the customer's choice is provided with the solution.
The solution offers SecurID authentication from Security Dynamics as an additional
option, for centralized, two-factor authentication for networks and operating systems. An
access code appears on a SecurID token about the size of a credit card that is carried by
users. For additional information, visit Wireless Telecom's Web site at www.mobilelogic.com
SafeNet Enterprise Version 3
Information Resource Engineering, Inc. (IRE)
8029 Corporate Dr.
Baltimore, MD 21236
410-931-7500
IRE's SafeNet Enterprise is a deployable, IPSec-compliant VPN solution featuring
user and message authentication, encryption, access control, and policy management. The
system is made up of the high-performance SafeNet Speed gateway and the SafeNet/Security
Center management system. It also includes the SafeNet/Soft and SafeNet/Smart software
clients.
Features of the SafeNet Speed include encryption and authentication schemes for
tunneling data across the Internet or private networks, and security for LANs,
workstations, and servers. The gateway features a scalable architecture, and runs on
10/100 Mbps networks. For more information, visit IRE's Web site at www.ire.com
cIPro Family
RADGUARD, Inc.
575 Corporate Dr.
Mahwah, NJ 07430
201-828-9611
The cIPro family product line from RADGUARD offers security for second generation
IPSec VPNs. The cIPro gateways, software, and firewalls provide dynamic key management,
NAT, IPSec/IKE network encryption, encrypted SNMP remote management, and automatic network
topology learning. The products support LAN-to-LAN VPN applications, client-to-LAN IPSec
remote access, secure VPN management, and enterprise X.509 certification.
cIPro products use a proprietary hardware platform to provide traffic flow of up to 100
Mbps for a secure internetworking environment with a path for integration to solutions
from other vendors. cIPro offers security between separate private networks, as well as
providing access control for specific areas within each network. The solution also allows
secure communication among different departments within a LAN, as well as hardware
encryption, random key generation, an optional backup unit, and real-time alert for
security events. For more information, visit RADGUARD's Web site at www.radguard.com
SYNCHRONY Network Management System PLUS (SNMS+)
TimePlex Group
400 Chestnut Ridge Rd.
Woodcliff Lake, NJ 07675
888-777-0929
The SYNCHRONY SNMS+ from the TimePlex Group now offers integrated network
management for VPNs through an intuitive GUI and a standards-based management
architecture. The system offers Web-based reports and intelligent information processing
to warn administrators of network and service issues. Managers may monitor, configure, and
troubleshoot devices, services, and the interface of their network, and can receive a
unified view of the entire network, with specific information down to a single port.
Inventory reports are generated through a Web browser, and offer details on device
types, modules, daughtercards, port types, revision levels, and serial numbers. Inter
Nodal Link (INL) reports show bandwidth utilization, while a voice utilization report
shows the number of DSP engines being utilized for voice compression, and which algorithms
are being used. For additional information, visit the TimePlex Group Web site at www.timeplex.com
Ravlin Family
RedCreek Communications
3900 Newpark Mall Rd.
Newark, CA 94560
510-745-3900
The Ravlin family of network security solutions from RedCreek offers two options
which allow VPN administrators to set up communications among multiple sites and users.
The Ravlin 3200 uses triple-DES or DES to perform encryption at the wireline, and is
geared toward small offices. It will interoperate with other Ravlin products for
scalability and security over public or private networks.
The Ravlin 7100 was developed for larger corporations that need fast Ethernet speed
connectivity, and a larger number of onsite or remote access connections. The unit offers
full IPSec VPN capability, and faster encryption and decryption speeds, as well as
authentication hardware and software. The Ravlin family may be deployed over new or
existing networks. For more information, visit RedCreek's Web site at www.redcreek.com
PGP VPN Suite
Network Associates, Inc.
3965 Freedom Circle
Santa Clara, CA 95054
408-988-3832
This complete suite of VPN client security products from Network Associates may
be used independently, or in support of any standards-compliant VPN server or firewall.
The PGP VPN suite integrates with PGP e-mail, file, and disk encryption, and is based on
IPSec standards. The suite includes the Gauntlet VPN Server, the Gauntlet Firewall, and
the X.509 Net Tools PKI - for remote access and business-to-business extranet security.
The suite offers easy administration and configuration, and may be pre-configured for a
silent install by network administrators, with no effect on end users' desktops. Tens of
thousands of custom clients may be created through management tools, and authentication
may be made through any firewall. The suite is geared toward small and mid-sized
businesses. For additional information, visit the Network Associates Web site at www.networkassociates.com
Fort Knox Family of Policy Routers
Internet Devices, Inc.
1287 Anvilwood Ave.
Sunnyvale, CA 94089
888-237-2244
For VPN policy-based management and security solutions, Internet Devices offers
the Fort Knox Policy Router family. The Carrier/Enterprise Series is geared toward service
providers and businesses with more than 10 locations, and includes the Policy Manager
software for Web-based management, and the Policy Server hardware for creating centralized
policies, managing users, and logging the database. The series also offers the Policy
Router hardware for integration of VPN, firewall, and bandwidth management.
Geared toward businesses with up to 15 sites, the Professional Series offers
plug-and-play management of bandwidth, firewall, and VPN policy. The series provides
SoftStack modules to expand policy management features as security requirements increase.
An installation wizard sets up security, access, and bandwidth policy for immediate
operation upon installation. For more information, visit the Internet Devices Web site at www.internetdevices.com
RiverWorks Tunnel and Management Servers
Indus River Networks, Inc.
31 Nagog Park
Acton, MA 01720
978-266-8100
RiverWorks servers are intended for high-density, multi-protocol VPN
traffic. The Tunnel Server has a high-speed processor for handling up to 2,000
simultaneous tunnels, through the companys TurboTunnel enhancements to the IPSec and
PPTP encryption protocols. Tunnel servers may be clustered in a data center, or spread out
through several data processing facilities.
The RiverWorks Management Server offers policy management for administering user
characteristics such as access control, dialing characteristics, and cost policies. Remote
management is available through the Windows-based RiverMaster application. Administrators
can optimize bandwidth usage and monitor tunnel performance through standard reports and
network analysis screens. For more information, visit the Indus River Web site at www.indusriver.com
Access Point QVPN Router
Xedia Corporation
119 Russell St.
Littleton, MA 01460
978-952-6000
The Access Point T1/E1, 45, and ATM routers from Xedia provide CBQ VPN bandwidth
management for policy-based control, as well as scalable IPSec encryption and L2TP support
for onsite and remote access networking. The routers feature an encryption accelerator for
90 Mbps DES and triple-DES throughput, and also offer detailed traffic statistics for user
charge-back and service-level monitoring.
The Access Point platform features a 200 MHz RISC processor with a fast-memory
subsystem for low latency, as well as a PCI-bus I/O architecture for optimum LAN-to-WAN
configurations. One 10/100 Mbps LAN is included, with support for DS3-rate PPP or frame
relay connectivity. The T1 model can provide two 10/100 Mbps LANs with up to eight T1
frame relay or PPP interfaces. For more information, visit Xedias Web site at www.xedia.com
UUsecure VPN
UUNet (an MCI WorldCom company)
3060 Williams Dr.
Fairfax, Virginia 22031-4648
800-4-UUNET4
The UUNet network now allows businesses to run applications over VPN through the
UUsecure VPN. This global, IP-based VPN service provides SLAs, built-in encryption,
central network management and monitoring services, and bandwidth prioritization. The
UU-secure offering will enable dedicated access, and is part of MCI Worldcoms
corporate networking services for support over multi-protocol LANs.
VPN access is available in the United States, and is scheduled for availability in 14
additional countries later this year. The service will provide a guaranteed average
latency of 120 ms for roundtrip data transfer among U.S. and European sites respectively,
as well as IPSec encryption with either 56-bit or 168-bit encryption and tunneling. For
more information, visit UUNets Web site at www.uunet.com
LanRover VPN Express
Intel Network Systems, Inc. (formerly Shiva Corporation)
28 Crosby Dr.
Bedford, MA 01730
781-687-1000
Intels LanRover VPN Express system provides VPN solutions for small to
mid-size companies that require remote access, Extranet, and LAN-to-LAN connectivity. The
LanRover has a scalable, redundant architecture, with support for up to 50 simultaneous
VPN tunnels. It uses triple-DES encryption, as well as a choice of X.509, RADIUS, Security
Dynamics, or Windows NTDomains authentication schemes.
The system allows security to be configured on a tunnel-to-tunnel basis through the
GUI-based Shiva VPN Manager, and all security functions are transparent to users. It may
be used with an integrated firewall option, or can work with an existing firewall. The
system offers IPSec tunneling, automated key management, and centralized authentication,
authorization, and accounting. For more information, visit Intels Web site at www.intel.com
NetFortress VPN products
Fortress Technologies, Inc.
2701 N. Rocky Point Dr., Ste. 650
Tampa, FL 33607
813-288-7388
Fortress Technologies offers the NetFortress VPN-1, -10, and -100 hardware
solutions for encryption, authentication, and integrity checking of VPN networks. The
NetFortress products are self-configuring and compatible with any firewall. The hardware
uses the Secure Packet Shield technology for automating all VPN operations at the network
layer, including encryption, authentication, key exchange, data compression, and data
integrity checking.
The NetFortress VPNs offer a platform-independent design, and use the IDEA and DES
encryption algorithms. The VPN-1 offers 7 Mbps of throughput, the VPN-10 provides 13 Mbps
of throughput, and the VPN-100 can provide up to 70 Mbps of encrypted throughput. For
additional information, visit the Fortress Web site at www.fortresstech.com
Cisco 7100 Series VPN Router
Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134-1619
408-526-4000
Ciscos high-end VPN router offers a host of features including tunneling,
data encryption, security, bandwidth management, and service-level validation for
remote-access and extranet connectivity over the public Internet. The router uses hardware
configurations optimized for VPN applications, and offers embedded fast Ethernet and WAN
interfaces for high-performance routing.
Both the 7120 and 7140 routers feature RISC processing, as well as a service module
slot for hardware acceleration of encryption and compression. The models also offer a slot
for LAN/WAN interface extensibility, and feature a two-rack unit design for rack space
conservation. The series is scalable up to 2,000 simultaneous sessions, and uses
triple-DES encryption at 90 Mbps. For additional information, visit Ciscos Web site
at www.cisco.com
Network Packet Access Concentrator (NETPAC) technology
Xylan Corporation (an Alcatel company)
26801 West Agoura Rd.
Calabasas, CA, 91301
818-880-3500
Xylans unique new concentrator technology offers a transition from WAN
services to a VPN network through a combination of interface modules, software, and ASICs
based on the companys Omni Switch/Router. A router configured with the NETPAC
technology offers scalability up to 8,000 frame relay or IP subscribers, with wire-speed
routing of more than 12 million packets per second.
The routers have two or four DS-3 ports for 45 Mbps throughput, and can be configured
up to 32 channelized ports per chassis. Each port may be divided into DS-1 or DS-0
channels, and NETPAC modules can be used in three- and five-slot platforms, for
applications supporting 1,0003,000 users. For more information, visit Xylans
Web site at www.xylan.com
SmartGate VPN
V-ONE Corporation
20250 Century Blvd., Ste. 300
German, MD 20874
301-515-5200
A complete VPN client management solution is offered in the SmartGate VPN from
V-ONE Corporation. The system is made up of the SmartPass Client, which is installed on a
remote users desktop for VPN connection services to the SmartGate Server. The client
manages user authentication and interfaces with several tokens, including an integrated
digital token. The server manages authentication token deployment and registration, as
well as session authentication, connection privileges, and event logging.
SmartGate offers online registration for thousands of remote users, and utilizes
central VPN client management for access privileges. Other features include flexible
integration with third-party authentication systems, and software-based identification of
authorized users. The product also features the SmartAdmin Windows-based VPN management
console for secure, remote administration of multiple SmartGate servers. For more
information, visit V-ONEs Web site at www.v-one.com
INTERNETpro
Internet Appliance, Inc.
40515 Encyclopedia Circle
Fremont, CA 94538
510-413-1068
The new INTERNETpro series from Internet Appliance uses the public Internet to
provide a host of applications, combining VPN service with Internet access and a firewall.
Other features include dual Intel XEON processor capabilities; e-mail, Web, FTP, DNS, and
file/print servers; URL blocking; dynamic content screening; a redundant power supply; and
multiple SCSI disk storage. The system is available with optional rack mounting.
The series offers advanced security with IPSec encryption, and gateway-to-gateway and
host-to-host communications. The products also come with a firewall for support of
application proxies, packet filtering, policy choices, NAT, and real-time monitoring. An
additional feature is simple key management for IP (SKIP), which offers interoperability
and anti-replay services. For more information, visit the Internet Appliance Web site at www.internetappliance.com |