InJoy Firewall Logo
What's New?
Product Information
Screen Shots
Download
Register
Frequently Asked Questions
Support
F/X Communications
InJoy Connect
InJoy Dialer
Tunnel/2
PPPoE
PPP over Ethernet

[ Overview ] [ Gateway Capability ] [ Firewall Capability ] [ Filter Capability ]
[ IPSec VPN Support ] [ PPPoE Support ] [ Feature Comparison Chart ]


Motivation for IPSec

Internet has shown its strength during the nineties. Most major corporations are now connected, and a large fraction of homes will be networked in the next few years. Though superior in its flexibility, the Internet has shown a major weakness; The lack of security.

Without encryption, anyone can read and tamper with the data sent over the network. Secrets can be stolen and mission critical data can be modified to cause irrepairable harm.

Without proper authentication, anyone can easily lie about identity and it may be impossible to know who you are doing business with or keep track if a crime has been committed.

Internet devices without protection are susceptible to external attacks. An attacker can get into internal data repositories, destroy information, install viruses, or just simply turn off or prohibit the services.

The obvious demand for a comprehensive security standard has finally been answered with the network vendor adoption of the IPSec standard.

Refer to the IPSec Plugin homepage for documentation, downloads and pricing.


Predominant VPN Standard

IPSec (Internet Protocol Security) is an Internet standard for interconnected, secure networking devices and the predominant technology in Virtual Private Networks (VPNs).

Below, 5 reasons why IPSec holds this position:

  1. IPSEC has the widest industry support and is supported by e.g. Cisco, Microsoft, Network Associates, CheckPoint Software, Bay Networks, etc. This ensures interoperability and availability of secure solutions for all needs of corporate and private users.

  2. IPSEC protects traffic transparently on IP packet level, as a completely transparent operation to the user. No changes in applications, no additional procedures or learning by the user required.

  3. IPSEC is a native IP operation, not limited to e.g. operating system specific solutions. Unlike tunneling protocols that can typically only be found in specific operating systems, IPSEC will be everywhere IP is. It will also be a mandatory part of the forthcoming IPv6 standard.

  4. IPSEC has a wide variety of strong encryption standards and unlike previous solutions, IPSEC is a standard where security has been number one design criteria resulting in unbeatable security.

  5. IPSEC includes a secure key management solution with digital certificate support. IPSEC guarantees the ease of management and use, even in large scale networks and highly secure authentication of parties.

IPSec Plugin

The IPSec Plugin described in the remainder of this document is developed by F/X Communications in line with the Internet Engineering Task Force (IETF) open framework for Internet Protocol Security (IPSec).

For a general description of the IPSec protocols, features, benefits and details, refer to the IPSec User's Guide.

Support of the IPSec technology extends the host product with capability of building VPN's and secure channels to other major vendors on the market. The IPSec technology is proven to be interoperable and since it is an international standard, it can negotiate safe communications between different organizations using different IPSec solutions.

A virtual private network (VPN) is an extension of an enterprise's private intranet across a public network such as the Internet, creating a secure private connection, essentially through a private tunnel.

VPNs securely convey information across the Internet connecting remote users, branch offices, and business partners into an extended corporate network, as shown below:

Internet Service Providers (ISPs) offer cost-effective access to the Internet (via direct lines or local telephone numbers), enabling companies to eliminate their current, expensive leased lines, long-distance calls, and toll-free telephone numbers.

The InJoy IPSec Plugin can be used with the whole range of InJoy connectivity products:

General IPSec Features

  • Data origin authentication

    Verifies that each datagram was originated by the claimed sender.

  • Data integrity

    Verifies that the contents of the datagram were not changed in transit, either deliberately or due to random errors.

  • Data confidentiality

    Conceals the cleartext of a message, typically by using encryption.

  • Replay protection

    Assures that an attacker can not intercept a datagram and play it back at some later time without being detected.

  • Automated management of cryptographic keys and security associations

    Assures that a company's VPN policy can be conveniently and accurately implemented throughout the extended network with little or no manual configuration. These functions make it possible for a VPN's size to be scaled to whatever size a business requires.

Plugin Protocol Support

    Click here for a full list of the protocols supported.


Copyright © 1999, 2000, F/X Communications. All rights reserved.
InJoy Firewall is published by F/X Communications
webmaster@fx.dk