A company that hasn't appeared in this newsletter before is rolling out network-interface cards with peer-to-peer VPN capabilities that create interesting possibilities for cranking up both LAN and WAN security.Called Seclarity, the company includes IPSec VPN termination support in Ethernet NICs and also in wireless cards, making it possible to create secure IP tunnels between host machines rather than from VPN gateway to VPN gateway, or PC host to VPN gateway.The Seclarity hardware, called SiNic, is managed by Seclarity's Central Command Console software. Policies set on the console are distributed to the NICs each time the machine tries to set up a connection. The policies can be set per user rather than per machine so if a user moves from machine to machine they get the same policy based on their authentication information.This opens up the possibility of creating secure tunnels easily on a LAN for addressing heightened security requirements in banking and health care, for instance. Seclarity software in the NICs also provide audit information that is required by new federal regulations in these fields.Seclarity NICs support desktop-to-desktop links between sites, whereas with conventional IPSec gear, a connection would be made from an IPSec client on a PC to an IPSec gateway at a corporate site that would terminate the tunnel and pass along the unencrypted traffic to the target server or PC.Seclarity's cards support a firewall, too, and the company plans to add intrusion detection to its roadmap.Obviously, this system requires adding hardware to every machine that is going to be involved in the VPN, and that may cause some potential customers to rule it out. But that is a tradeoff for the end-to-end security.