Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

When should this be used? Should I bring up a point to point connection?

Is there an easy software way to set up a VPN for traffic between other datacenters and AppNexus facilities. At the moment we don't have a hardware VPN solution.

We suggest two free software solutions.

Older software:
Openswan http://www.openswan.org/
Openswan is an Open Source implementation of IPsec for the Linux operating system. Is it a code fork of the FreeS/WAN project, which is an implementation of IPSEC & IKE for Linux. IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents.

These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual Private Network or VPN. This is a network which is effectively private even though it includes machines at several different sites connected by the insecure Internet.

The IPSEC protocols were developed by the IETF (Internet Engineering Task Force) and will be required as part of IP Version Six, the next generation. They are also being widely implemented for IP V4. In particular, nearly all vendors of any type of firewall or security software have IPSEC support either shipping or in development. There are also several open source IPSEC projects. Several companies are co-operating in the Secure Wide Area Network (S/WAN) project to ensure that products will interoperate. There is also a VPN Consortium fostering cooperation among companies in this area.

Our project's primary objective is to help make IPSEC widespread by providing source code which is freely available, runs on a range of machines including ubiquitous cheap PCs, and is not subject to US or other nations' export restrictions.

More recent development:
OpenVPN http://openvpn.net/
OpenVPN was announced winner for "Best SSL VPN" in the 2007 Best of Open Software Awards by InfoWorld http://www.infoworld.com/bossies. It is an open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.

  • No labels