|
| |
| SSi |
RavlinSoft VPN Client
|
RavlinSoft
VPN Client Provides Secure Access
SonicWALL’s RavlinSoft™
IPSec
VPN client is a Windows® based software equivalent of a Ravlin hardware
unit that provides data privacy between remote users and the corporate
network. Using the Ravlin Soft client, a mobile employee or telecommuter can
establish secure communications with networks protected by Ravlin units or
other security devices. Such remote users can access secure corporate
resources, using either public networks or corporate dial-up lines. Combined
with Ravlin hardware gateway devices at the network edge, Ravlin Soft
provides a low-cost solution for low-bandwidth (56Kbps modem) Internet
connections.
Virtual
Private Networks
Virtual Private Networks do not employ
their own network infrastructure; instead, they run on top of existing
networks, such as the Internet. Information passed across a VPN can be
encrypted, ensuring confidentiality. In most cases, Ravlin units protect a
local area network, typically installed between the LAN and the router as
shown below at Company A's Seattle Headquarters and New York Office. Ravlin
Soft clients provide the same level of security for remote users.
Advantages
As shown above, Ravlin Soft clients are a
security tool for remote users. A key difference between normal remote
access and using Ravlin Soft, however, is that no long-distance charges
accrue from the use of the client. The user simply dials up the Internet
using a local ISP, start up Ravlin Soft, and then "tunnels through the
network" to obtain or send files, get e-mail, and other typical computing
tasks. IPSec compliant encryption and user verification routines protect the
data sent thru the tunnel. In addition, Ravlin Soft lets remote users
appear as virtual nodes on the corporate LAN. This gives telecommuters (DSL,
cable modem and dial-up) access to corporate resources as if they were
directly connected to the LAN.
Modes of
Operation
Ravlin Soft operates in two separate
modes, Transport and Tunnel. Tunneling mode, the most commonly used mode,
secures (via encryption and data authentication) each piece of information
(also called a payload) that is sent during the transmissi0on, In Tunnel
mode, the new IP packet contains the original IP packet, including both
headers and data. Additional security-related information is added at both
the beginning and end of the original packet. This process is called
encapsulation. Encapsulation is what produces the private tunnel through the
public network.
Transport mode also secures the data
payload of each packet transmitted from the Ravlin Soft client to the
destination. The difference is that transport modes modify, rather than
encapsulate, the original IP packet that travels through the network. The
original IP address is unchanged. Overhead is not as high, but, since the
original header information is not encrypted, security isn't quite as
strong.
FEATURES
AND BENEFITS
|
Low Cost of Ownership |
 | Preserves investments in existing
network hardware, software, and experience by working with existing
dial-up lines and network infrastructure. |
|
|
| Provides significant network cost
savings by ensuring secure communications and data privacy over public
networks like the Internet. |
|
|
| Delivers a breakthrough
price/performance model for software encryption products. |
|
|
IPSec VPN Standards Based |
|
| Ensures information privacy using
full 56-bit
DES and 168-bit Triple DES (Data Encryption Standard). |
|
|
| Uses
X.509 v.3 digital certificates. |
|
|
|
| Provides encapsulated tunneling for
integrity and confidentiality of IP datagrams, through the IP
Encapsulating Security Payload
(IPESP) tunneling mode protocol. |
|
|
