VPN

VPN

VPN

Ugunssiena VPN server maintains all remote connections. Ugunssiena VPN clients, in turn, maintain remote connections to the central site or main office where VPN server is located.

Main functionality of Ugunssiena VPN:

  • Maintaining secure and encrypted communications even on the insecure public networks
  • New session cryptography key is generated for each session and/or after pre-selected time intervals
  • TripleDES or another cryptography algorithm is used for fast traffic encryption
  • Uses IPsec and is compatible with other IPsec systems
  • Use of encryption keys of defined length. Depends on hardware performance and required level of security
  • Authentication using X.509 digital certificates
  • Flexible configuration allows selecting type of traffic and services VPN lets trough
  • Data flow compression allows for faster communication
  • It is possible to use hardware cryptographic accelerator to reduce load on CPU and improve the throughput of VPN connection
  • Users may choose to use double encryption of the VPN connection by encrypting both on software and hardware level

Protocol support on the VPN network:

  • TCP and UDP
  • BOOTP, BGP, DNS, FTP, HTTP, HTTPS, KERBEROS, LDAP, NTP, OSPF, POP3, RADIUS, RIP1/2, RSH, RLOGIN, SMTP, SNMP, TELNET, VRRP etc.
  • Windows networking protocols
  • Novell IP, Samba, UNIX NFS and other file and print service protocols
  • Oracle, MS SQL, Sybase, MySQL, Postgres and other SQL access protocols
  • VoIP and audio/video protocols including Real audio and IP telephony protocols
  • Application level protocols (LotusNotes etc.)

Accounting and audit:

  • VPN traffic log
  • System configuration changes log
  • System administrator action log

Quality control of the VPN connection:

  • Counting of VPN traffic with selected time intervals
  • Graphical monitoring of VPN load
  • Configuration of quality settings in VPN server
  • Possibility to maintain several connections of different priority in one VPN tunnel. Useful for separating real-time traffic (voice, streaming video) from the rest of communication.

Authentication and encryption:

  • User authentication using access code and password
  • User authentication using digital certificate (PKI)
  • Different size of cryptography keys from 1024 (basic level) to 8184 (military grade encryption)
  • Session TripleDES key size up to 168 bits
  • 509 standard digital certificates
  • Connection from administrator console computer to VPN system encrypted using SSL3 protocol

Management functions:

  • Centralized VPN server and VPN client management
  • Centralized VPN network configuration and monitoring of the VPN connections
  • Web interface
  • Multilanguage support with ability to switch between languages at any time
  • Command line support
  • Integrated management with e-proxy management
  • New VPN configuration is applied to the VPN tunnel in real time, no system restart is needed
  • Support of text-like IP addresses for centralized VPN configuration

Stability and reliability:

  • Real-time monitoring of VPN service and tunnel with automatic service restart if malfunction is detected
  • Real-time control of the system resources (memory, network interfaces, disc) according to pre-defined levels
  • Automatic failover between VPN service modules in redundant setups