One of the intents of the multifaceted IP Security standard is to support PKI, the structure for authenticating VPN users and issuing digital certificates.
Many makers of virtual private network gear say public-key infrastructure is still evolving, so users that have set up VPNs have had to do so without PKI.
Customers of Indus River are among those without PKI support, but that is about to change. The company will introduce PKI support into Version 3.0 of RiverWorks, the software behind the company's VPN gear.
But Indus River realizes that is not enough, so it has created PKIworks, a roadmap for customers that already have non-PKI VPNs to migrate.
The plan is straightforward: Introduce PKI support, but at the same time let users authenticate via current methods, such as Remote Authentication Dial-In User Service servers or SecureID tokens. Let a chosen few users start authenticating via PKI to receive digital certificates. Once the enterprise managers have gotten used to the way PKI works and chased the bugs out of their implementation, they can phase in more users.
That not only shields end users from the frustration of using a new system before it is debugged but it also allows network managers to attack an enormous task by taking it one manageable piece at a time.
Indus River also is offering courses for network administrators to learn the ins and outs of its PKI product.
RELATED LINKS
VPN vendor pushes public-key infrastructure
Network World, 05/08/00.
Lack of agreement on PKI bodes ill for VPN users
Network World, 02/07/2000.
Newsletter: Is VPN the killer application for PKI?
Network World Fusion Focus, 09/22/99.
Archive of Network World on Virtual Private Network newsletters
