Nebraska's Oldest and Largest Linux Source

| Home Page | Security Products | Linux Distributions | Novell Products | Appgen Products | Misc Linux |

Complete Linux 2.2 Hardware IPSec Secured Communications Solution

Providing Integrated Hardware Security Solutions for Secure Virtual Private Networking (VPN)

RedCreek provides Paktronix Systems Linux Firewall users with the means to incorporate the latest network security features quickly and easily. Secure communications over Intranets/Extranets and secure Remote Access are easily implemented using the Ravlin IPSec Card for the Linux 2.2 platform.

The Ravlin IPSec Card advances the state of IPSec networking and server communications in two very important and innovative ways. For the first time users can implement Internet Protocol Security Standard encryption (IPSec) and authentication in hardware on Linux 2.2. This IPSec capability is based on a new VPN form factor. All the functionality associated with RedCreek's standalone Ravlin 10 VPN hardware device has been implemented on a PCI base card that is simply installed into a Paktronix Systems Linux Firewall or any Linux 2.2 system.

Internet Protocol Security Standard (IPSec) is a framework of open standards for ensuring secure private communications over public networks like the Internet. Based on standards developed by the Internet Engineering Task Force (IETF) IP Security Working Group, IPSec is an industry-driven standard that ensures confidentiality, integrity, and authenticity of an IP network. IPSec is a key component of this standards-based, flexible solution for deploying a network-wide security policy.

The Ravlin IPSec Card in combination with the Paktronix Systems Linux Firewall allows private communications over any network, including the Internet, without performance degradation. It can turn a Paktronix Systems Linux 2.2 E-Commerce web server into a secure E-Commerce web server with hardware VPN tunnels. It also allows the Paktronix Systems Linux Firewalls to provide thorough packet filtering and access control with hardware IPSec encrypted tunnels all from one platform.


Ravlin IPSec Card
The Ravlin IPSec Card is a Network Interface Card (NIC) that can transparently encrypt, authenticate, manage, and route datagrams over LANs and WANs. This VPN process allows private communications over any network, including the Internet, without performance degradation. E-Commerce servers can outsource processor-intensive encryption and authentication. Application servers, network computers and communication servers can use real-time encryption and authentication to enhance privacy and reduce network usage costs.

Hardware encryption accelerates the encryption and decryption of sensitive data on Linux servers, security routers, and workstations. This makes it possible to encrypt and decrypt network traffic without the processing and network performance degradation usually associated with encryption.

The Ravlin technology is based on IPSec standards developed by the Internet Engineering Task Force. IPSec is an industry driven standard that ensures confidentiality, integrity, and authenticity of an IP network.

The Ravlin IPSec Card is based on the Ravlin CryptoCore™ technology and the Intel® i960 processor. It provides 45 Mbps buffer-to-buffer speeds and uses a 10/100 Base-T Ethernet Controller. The system image resides in flash memory, and can be remotely updated at runtime.

The Ravlin IPSec Card uses standard off-the-shelf parts and standard security and network protocols for future interoperability with other IPSec standard products. It is interoperable with the RedCreek Ravlin 4, Ravlin 10, RavlinSoft remote access client, Ravlin RADIUS Authentication, and many IPSec software and hardware implementations.

The RavlinNodeManager is an easy-to-use management and control tool for configuring, managing, and integrating Ravlin products in an organization's network and security infrastructure. This tool provides robust security management by allowing multiple levels of security among Ravlin hardware units and RavlinSoft clients. Compatible with Linux 2.2 based products, RavlinNodeManager allows easy setup and dismantling of secure intranets, extranets, and remote access clients through installation and configuration wizards. From a single centralized location, network managers can manage Ravlin products in an IPSec-compliant secure Virtual Private Network (VPN), checking the status of units and users and adding or removing remote users. Network managers can also monitor traffic between units and modify existing configurations. As a management tool, RavlinNodeManager is complementary to standard SNMP managers like IBM Netview/6000® for monitoring, displaying statistics, and sending alarms.

Download PDF of Ravlin IPSec Card data sheet.

RedCreek's CryptoCore technology, along with the Intel i960, provides 45 Mbps buffer-to-buffer encryption/decryption throughput.

The I2O software specification enables off loading of processor-intensive tasks from the host, and ensures ease of use and maintainability.

40-bit/56-bit Data Encryption Standard (DES) and 168-bit Triple DES encryption algorithms are the most widely adopted U.S. and international algorithms for encryption. Over 750 simultaneous hardware-to-hardware connections are supported.

To perform authentication across networks, the Ravlin IPSec Card uses X.509 v.3 digital certificates, a widely accepted standard specified by the International Standards Organization (ISO). To verify the identity of the sender, the card uses Digital Signature Standard (DSS) and Secure Hash Algorithm (SHA), in conjunction with X.509 v.3 certificates. (DSS provides proof of authorship for digital signatures.)

To perform key exchange during the establishment of secure associations, the Ravlin IPSec Card uses the Internet Security Association and Key Management Protocol, or ISAKMP. ISAKMP/Oakley is the mandatory key exchange protocol specified by the IETF.

Strong Security
The Internet Engineering Task Force (IETF) IP Security Standard (IPSec) offers two significant features: enhanced security and protocol interoperability. The customer can be certain that IP-based communications passing over the network conform to the most secure and comprehensive standard for encryption, authentication, key management, and anti-replay services. A Ravlin IPSec Card can exchange keys and encrypted communications with any other IPSec-compliant products so customers can use multiple IPSec vendors for multiple scenarios. RedCreek Communications, Inc. can provide a list of IPSec interoperability partners.

Customer Support/Service
RedCreek provides service and technical assistance through its technical support center and exchange programs. All RedCreek products are covered under a 12-month hardware and three-month software warranty.

Technical Specifications / Standards

CryptoCore Scalable Encryption Engine

PCI Local Bus Specification Revision 2.1 Compliant
45 Mbps Buffer-to-Buffer Throughput
10/100 Ethernet Base-TX (auto-sensing)
Intel i960 RP processor
Scatter/Gather DMA
Intel CDSA Over I20
Short Length PCI Form Factor
33MHz 32-bit PCI Bus


Phone: (402) 932-7250
Email: sales@midwestlinux.com

| Home Page | Security Products | Linux Distributions | Novell Products | Appgen Products | Misc Linux |

100% Microsoft Free
Greater Omaha Chamber of CommerceRadiks Internet Access
Powered by Linux

Copyright © 1996, 1997, 1998, 1999 Paktronix Systems, LLC Revised March 7, 1999