About Paktronix Systems
Services and Support
PakSecured IPSec VPN
The most popular enhancement option for the PakSecured Firewall is our IPSec VPN. The PakSecured VPN connects any two or more networks together across the Internet using full IPSec encryption technology. Topologies range from point-to-point through partial-mesh and full-mesh all the way to fully geared mesh networks with redundant stems. Policy Routing structures within the Linux kernel enable advanced routing and selection mechanisms for providing different VPN mesh structures thus maximizing expensive bandwidth and providing automatic failover and priority routing.
Hardware Accelerated IPSec Engine All IPSec functions, including AES encryption, are accelerated using dedicated crypto hardware. The CPU of the firewall system is completely free to deal with firewall and advanced security functions. The hardware accelerator is not directly connected to any physical network thus providing maximal protection and management of the VPN data streams.
Exportable Crypto Hardware The hardware accelerator we use is exportable. Please contact us if you are interested in obtaining Linux VPN IPSec solutions for export at this address: email@example.com
Policy Routing Security Structures The Linux kernel provides full RFC compliance for all network routing functions. Additionally it provides the most comprehensive Policy Routing Structure available. Through PakSecured we can route by source address, tag packets for special routing treatment, utilize multiple default routes, perform NAT based on packet header criteria, and provide stable auto-loadbalance and failover routing capabilities. Controlling the routing structure allows decisions on VPN paths to be made without involving the IPSec card. VPN structures can be enabled for only designated data flows even within a single IP address without any overhead within the IPSec protocols.
Transparent Integration PakSecured Firewalls with IPSec VPN still retain full firewall functionality. The VPN subsystem integrates so transparently that the VPN can be enabled, disabled, or modified during runtime operation without any effect on the firewall operation. This is due to the modular design of the PakSecured Firewall. More information can be found here.
If you have any questions, comments, or would like to send us your scenario for evaluation please contact us.
Phone: (402) 932-7250
Copyright © 1996 - 2000 Paktronix Systems, LLC Revised Oct 19, 2000