Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: free s/wan (really interoperability)

From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Tue, 5 Oct 1999 15:17:29 -0400 (EDT)
On Tue, 5 Oct 1999, Joseph S D Yao wrote:

There is IPsec VPN server software out there that is sold without a
client - one is directed to several other companies that make IPsec
clients.  So it would seem that the answer, probably with some caveats,
is, "yes."

...

Which, if I read you correctly, was an unquailified 'yes'.  So, I'm
looking for the qualifications, e.g.  those implimentations <a listing>
that will interwork with other implimentations, i.e. cisco's VPN will work
with FW1's VPN solution etc...


Qualified "yes".  Unfortunately, I haven't been able to beat on any
yet.  We're waiting for ones that are interoperable AND have certain
other characteristics.

The one I was specifically told about was ANS Interlock 5.0 [now UUnet
Interlock], interoperable with Red Creek, Time Step, IRE, and others.

GTE Networking (formerly BBN) has a VPN product which is actually the
product of whoever else they feel to be ahead at the time ... they seem
to not feel at all uncomfortable about dropping in whichever product is
plug-compatible with the rest of their system.

This has been discussed in the VPN mailing list quite a few times, and
I would have thought that it was a FAQ already, but it's not.  [Tina?]
There are pointers to www.isoc.org, which is pretty general, and also
the following:


there have been over two years of IPSec interoperability tests, which
TimeStep and Cisco and a handful of firewall vendors have attended.  So we
have been successfully interoperabiting in a lab environment since Jan 97.
But last year since ICSA certified IPSec products, we have had real
real-world testing certification.  Being ICSA IPSec certified means that
these products should work out in the field.  A list of vendors who have
achieved this certification can be found at
http://www.icsa.net/services/product_cert/ipsec/certified_products.shtml.

Roy Pereira
Product Management
TimeStep Corporation
(613) 599-3610 x4808
http://www.timestep.com


Roy is pretty confident in interoperability.  Others feel it's close,
and good enough for some but not for others.

Hope this helps.

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO/OSIS Computer Support                                     EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
Previous By Date Next
Previous By Thread Next

Current thread: