Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
The botnet world is booming
What’s driving this university to IPv6? Going green
IT pros continue to lose jobs
How ending exclusivity agreements would change the telecom industry
How to use electrical outlets and cheap lasers to steal data
EMC distances rival NetApp
Crime lab saves energy costs by turning up heat in the data center
IBM security software masks confidential info
Google Native Client provides hints on Chrome OS gambit
Ericsson signs deal to run Sprint wireless, wireline networks
Verizon helping companies assess application vulnerabilities
Internet's biggest issue? IPv6 transition, new ARIN CEO says
Gmail, other Google apps, out of beta
Microsoft may have known about critical IE bug for months
Symantec de-duplication strategy targets data growth, virtual machines
Windows 7 ramp-up will be sharp
Security /

VPNs come of age

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By Tim Greene
Network World VPNs Newsletter, 12/05/01

The announcement last week that Check Point is adding clustering to its VPN and firewall software points out that VPNs are becoming more and more critical for certain applications.

The software feature, called ClusterXL, lets you cable together up to five servers running Check Point VPN-1/Firewall-1 software. If everything is working right, the servers can share the load of VPN traffic that needs encrypting or decrypting as it passes to and from the Internet.

Advertisement:

If something goes wrong with one of these gateway servers, the others can pick up the slack without losing sessions. This means that remote devices that are engaged in active sessions with such a server cluster would never see the crash. The VPN sessions just keep running.

One advantage of this arrangement is that if you need to upgrade any or all of the machines, you can unplug them one at a time without shutting down the site or waiting until 3 a.m. when nobody's using it. Another plus is that users can add throughput as a site becomes busier by adding one more server. Their existing server or servers remain in use. Your initial investment is protected.

This clustering functionality is not new. Nokia, for instance, has its Cryptocluster series of VPN equipment that was designed from the operating system on up to be clustered and to maintain sessions. And Check Point partners, such as Compaq, have gone to other vendors including Rainfinity and Stonesoft for specialized clustering software. Added to Check Point's VPN-1/Firewall-1, they are able to offer clustered VPN gateways.

The fact that Check Point is now offering this capability on its own presumably indicates that it has customers who want it. That in turn implies that VPN connections are now being trusted to handle traffic that for business reasons cannot be interrupted - a sign that VPNs have arrived.

The advent of ClusterXL also means higher VPN throughput for sites guarded by VPN-1/Firewall-1. This may be a way of Check Point addressing the perception that VPN vendors that base their equipment on customer processors support higher speeds. Check Point says its current software version, known as Next Generation, is revamped to support higher speeds. ClusterXL is another feature that helps boost speed.

Check Point claims ClusterXL can group five servers for a total VPN throughput of 1.2G bit/sec, which is faster than what its competitors claim. If the software actually delivers on this claim in the real world - something that remains to be seen - it will be an impressive advance that competitors and potential users will have to note.

RELATED LINKS

Tim Greene is a senior editor at Network World, covering virtual private networking gear, remote access, core switching and local phone companies. You can reach him at tgreene@nww.com.

Network World VPNs archive
Past newsletters.

Clusters boost Check Point VPN performance
IDG News Service, 11/28/01

Network security's need for speed
Network World, 03/05/01

Check Point
 


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.