• United States
Executive Editor

IP Dynamics touts remote access alternative

Dec 16, 20032 mins

* IP Dynamics remote access promises ease of use and simplified maintenance

A company called IP Dynamics reared its head again this week with the announcement of its VPN software for enterprises.

Until the announcement of the software, called VCNpro, the company for about two years focused on making similar gear for service provides only. Now it thinks it has a shot at giving Secure Sockets Layer (SSL) and IPSec remote access vendors a run for their money.

The IP Dynamics software does employ IPSec but in a way that’s very different to how it is used in IPSec remote access VPNs. In traditional IPSec remote access networks, an IPSec client on a remote machine makes a connection to a VPN gateway that terminates the VPN tunnel and passes the traffic onto the private network unencrypted.

In IP Dynamics’ model, IPSec transport mode – not tunnel mode – is used, and IPSec is used from the remote machine all the way to the target server or workstation. Access is controlled via two-factor authentication to a server that houses a directory of who is allowed to join what virtual network.

The server acts as a DNS server but only for its own set of private domain names. If a user can’t authenticate to it, it won’t provide the address of the machines that are members of the VPN.  Since the address information is located nowhere else, denying access pretty much locks down the virtual network. It also makes it simple to add and delete members of a virtual network and to change security policies.

The major attraction here is that none of the security policy is loaded on the end machines, which simplifies their maintenance. Each end machine does require an IP Dynamics software agent running on it, but it is a downloadable executable file and requires no maintenance.

Customers also must carry a digital ID generated by the server to be the second half of two-factor authentication to the VCNpro server. This is either carried around on a floppy or a memory stick or stored on the remote machine itself. IP Dynamics says it is working on compatibility with security smart cards.

This is a model for VPN access that varies from the better-known SSL and IPSec choices, but is worth considering for its ease of management and maintenance. It’s priced about the cost of some SSL products and is less expensive than most IPSec options.