Redundancy was the word for VPN vendors at N+I
ATLANTA -- Virtual private network vendors understand that if they want people to rely on their gear, it has to be reliable.
To that end, a number of VPN vendors last week at NetWorld+Interop '99 Atlanta introduced VPN failover, technology that keeps secure Internet connections alive even when the primary VPN server fails.
Nokia, TimeStep, Microsoft, Indus River and Compatible Systems all introduced hardware or software with the ability to share security information, including encryption keys, with another server. All claim their servers switch over within seconds of a failure, most without losing sessions.
Nokia is introducing software that lets its servers not only failover, but also load balance. If there is a crush to establish secure Internet tunnels on a corporate VPN at 9 a.m., for example, multiple Nokia VPN servers can share the load.
Nokia calls the technology High Availability VPN, and it is a software option on its VPN 210 and 220 servers for an additional $1,500. The software is standard on the company's VPN 230 and 240 servers.
Also, if there is a network slowdown, the devices can route around the bottleneck. A corporation with redundant Internet connections could tie different Nokia VPN servers to each Internet link. If one link slows down for some reason, traffic would be shifted to the uncongested link. Nokia's new software is available now.
TimeStep says it is working on the ability for servers to load balance. TimeStep's new software is available next month for its Permit Gateways.
Microsoft demonstrated that Windows 2000 servers can load balance VPN sessions and failover to back each other up. However, the servers will drop active sessions. The Windows 2000 client or server with which the tunnels had been established will initiate new tunnels with alternate servers.
Meanwhile, Indus River introduced a new VPN server, RiverWorks LXE 6000, which supports 5,000 simultaneous VPN connections. RiverWorks LXE 6000 is sold packaged with River Pilot client software for $100 to $200 per client, depending on the complexity of the network.
A new issue of RiverWorks software also lets RiverWorks boxes talk to each other via Internet tunnels. Previously, only remote clients could establish VPN sessions with the servers.
Compatible announced it will beef up its carrier-grade VPN gear to support more sophisticated VPN services. For instance, service providers will be able to support firewalling, as well as quality-of-service guarantees. Its IntraPort Carrier Switch gear will also support encryption over frame relay and ATM links to ISP networks.
The new features will be phased in over six months starting in December.