 Home |
About |
Contact |
News |
|
| Home |
About |
Contact |
News |
|
What is a Virtual Private Network?
VPNs create secure connections or tunnels through the public Internet to transmit data between individuals, branch offices and a corporate network. Essentially, VPNs employ the Internet for what has traditionally been handled by either private networking resources or public telephone networks. Many VPNs support only two basic applications: individual remote access and site-to-site communications. V-ONE, additionally, allows vital communities, such as business partners, to securely access Web and enterprise applications--from anywhere, anytime, in an extranet configuration.
Is a VPN the same as an extranet?
No, these are entirely different concepts. VPN technology can be used to secure the communications for an extranet community of buyers and suppliers, but VPNs are also used to secure many other types of communication – those internal to a company and links between different companies or agencies for information sharing, for example.
The most common definition of an extranet is a type of network based on Internet technology that gives outside users, such as business partners, access to data residing on an organization’s private network. It often enables transactions between a company and its buyers and suppliers. Users can access data through a Web browser over the Internet and must typically enter a user name and password to access the data.
A V-ONE VPN can be used in a similar manner, but provides a much higher level of security at a much more granular level of access control – from each individual user to each document if necessary. Specifically, our VPN solution requires the establishment of a secure pathway into a corporate network while providing strong encryption, constantly changing session keys, and mutual authentication.
How can a V-ONE VPN save my company money?
A V-ONE VPN can be used in place of traditional dial-up connections to provide access to remote users and telecommuters; can be used to connect LANs at multiple sites instead of using the public switched telephone network or dedicated leased lines; and can be used to give customers, business partners, or others such as consultants access to specific corporate resources.
Although there are many reasons to use a V-ONE VPN, the most common are to:
- Save on long distance phone charges by using the Internet to carry traffic - Remote employees or workers traveling on business dial a local access number for their ISP rather than placing a long distance or 800-number call directly to the company. Alternately, secure access to private information is as far away as the nearest Internet café when using V-ONE’s Java client.
- Save telecommunications costs by reducing the number of access lines into a corporate site - Many companies pay monthly charges for frame relay, ISDN or T1 lines to carry data between sites. A VPN allows a company to securely carry traffic over the Internet, thereby reducing the need for some installed lines.
- Save operational and equipment costs by eliminating the need for remote access equipment - By giving users access to a corporate network via a VPN, a company can get rid of its modem pools, remote access servers, and other equipment. Operational savings are realized from not having to manage those devices.
- Save on private network circuits from each site to every other site to which a connection is needed - Each site gets one link to the Internet and can then communicate securely as needed with every other site.
Additional V-ONE Differential Savings:
In addition to the benefits outlined above, V-ONE has an easy-to-deploy and support capability that helps further lower the cost of ownership. These include:
- Save on deployment - Our patented On-Line Registration (OLR) process allows non-technical users to download the software and then allow V-ONE’s technology to generate and securely distribute Triple DES (3DES) keys online in real-time. This avoids the administrative headaches and security concerns of key distribution, saves on the cost of shipping, and allows simple installation by the end user since there is no need to change IP addresses or network drivers.
- Save on PKI and other directories and databases – V-ONE has its own complete authentication solution with a full database of all users and their permissions that can be shared with any other company application that requires authentication.
- Save on support. V-ONE’s software solution with remote administration avoids the cost of deploying physical on-site support.
What are the essentials of a reliable VPN?
A dependable VPN must assure privacy, confidentiality, strong authentication of remote users and hosts, data integrity, authorization of legitimate users, secure tunneling via encryption, and mechanisms for hiding or masking information about the private network topology. In addition, it must provide for nonrepudiation of a communication – i.e., communication is recorded for the avoidance of later denial. V-ONE provides all the essential elements along with many other features such as user-friendly administration, easy deployment, and application level security.
What types of encryption are utilized in V-ONE’s VPNs?
V-ONE incorporates FIPS 140-1 validated Triple DES (168-bit) and DES (56-bit) encryption. V-ONE is also testing the latest Advanced Encryption Standard (AES) and will make it commercially available once the National Institute of Standards and Technology offers compliance testing, and we have obtained the certification. With V-ONE’s VPN solutions, IT managers can manage their encryption requirements. For example, policies can be set that require strong, 168-bit Triple DES encryption when sensitive documents are being transacted, while 56-bit encryption is required for other material.
How does V-ONE handle authentication?
V-ONE offers:
- Two-factor User Authentication – verifies the identity of authorized users by something they know (an access code) and something they have (a token). Tokens can reside on a user’s hard drive and be accessed automatically once an authorization code is entered or require use of a physical smart card or biometrics reader.
- Two-way (Mutual) Authentication – authenticates both a SmartPass client user and a SmartGate server to ensure that authorized users are establishing VPN sessions with the intended application environment.
What is IPSec?
IPSec is an evolving standard for secure private communications over the Internet and is a widely used VPN protocol despite well known implementation and deployment challenges. IPSec packets consist of headers and payload, both of which contain information valuable to an attacker. The header contains source and destination IP addresses that are required for routing, but may not be spoofed or altered in what are known as “man-in-the-middle” attacks; the payload consists of information that may be confidential to a particular organization. IPSec provides mechanisms to protect both header and payload data.
V-ONE’s SmartGuardTM VPN security solution encompasses IPSec capability. This allows for the set-up of a VPN in different configurations via IPSec protocols.
What is the difference between an IPSec VPN and an Application Level VPN?
Although IPSec is considered the standard for network security, it is a strong solution only for site-to-site protection. When user-to-application security is needed with tight access control for sensitive information sharing or extranet needs, IPSec generally proves too cumbersome. It does not extend access control through the firewall into company resources, which is needed for outsider access by most companies. That’s why V-ONE also offers powerful and focused application-based (or application level) security enabling authorized access of individual users to access specific application(s)—whether they belong to your organization or an approved partner.
With V-ONE’s VPN solutions, IT managers can tailor VPN configurations for different needs. A contract worker, for instance, might be given limited remote access to the network, while a branch office manager or vice president is given extensive access rights. At the same time, the contractor's non-confidential project might require only light encryption for VPN communications, while the branch manager connects using stronger encryption to protect financial and strategic planning data.
Why V-ONE?
V-ONE enables highly secure information sharing over the Internet via a suite of software solutions and appliance technologies. Our products protect communication at the network and application level on a broad range of client platforms, including wireless. V-ONE’s ability to provide both IPSec and application proxy capability uniquely positions us as a leading provider of complete VPN security.
The affordability and benefits of a V-ONE Internet-based VPN are considerable. Small offices as well as large corporations will realize lower telephone toll charges for remote access, and VPNs offer a level of flexibility that is simply unavailable from direct dial-up and dedicated wide area network connections.