Firewall Wizards mailing list archives
Re: free s/wan (really interoperability)
From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Tue, 5 Oct 1999 15:17:29 -0400 (EDT)
On Tue, 5 Oct 1999, Joseph S D Yao wrote:There is IPsec VPN server software out there that is sold without a client - one is directed to several other companies that make IPsec clients. So it would seem that the answer, probably with some caveats, is, "yes."
...
Which, if I read you correctly, was an unquailified 'yes'. So, I'm looking for the qualifications, e.g. those implimentations <a listing> that will interwork with other implimentations, i.e. cisco's VPN will work with FW1's VPN solution etc...
Qualified "yes". Unfortunately, I haven't been able to beat on any yet. We're waiting for ones that are interoperable AND have certain other characteristics. The one I was specifically told about was ANS Interlock 5.0 [now UUnet Interlock], interoperable with Red Creek, Time Step, IRE, and others. GTE Networking (formerly BBN) has a VPN product which is actually the product of whoever else they feel to be ahead at the time ... they seem to not feel at all uncomfortable about dropping in whichever product is plug-compatible with the rest of their system. This has been discussed in the VPN mailing list quite a few times, and I would have thought that it was a FAQ already, but it's not. [Tina?] There are pointers to www.isoc.org, which is pretty general, and also the following:
there have been over two years of IPSec interoperability tests, which TimeStep and Cisco and a handful of firewall vendors have attended. So we have been successfully interoperabiting in a lab environment since Jan 97. But last year since ICSA certified IPSec products, we have had real real-world testing certification. Being ICSA IPSec certified means that these products should work out in the field. A list of vendors who have achieved this certification can be found at http://www.icsa.net/services/product_cert/ipsec/certified_products.shtml. Roy Pereira Product Management TimeStep Corporation (613) 599-3610 x4808 http://www.timestep.com
Roy is pretty confident in interoperability. Others feel it's close, and good enough for some but not for others. Hope this helps. -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO/OSIS Computer Support EMT-B ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- Re: free s/wan (really interoperability) Joseph S D Yao (Oct 05)
- <Possible follow-ups>
- RE: free s/wan (really interoperability) sean . kelly (Oct 06)
- RE: free s/wan (really interoperability) Ben Nagy (Oct 12)
- RE: free s/wan (really interoperability) sean . kelly (Oct 12)