TeamF1, Inc. Enabling Embedded Innovations

Enabling Embedded Innovations
Home Contact us Feedback Sitemap Products Support Services Company Newsroom
:: High Performance :: - Networking Security - IP Networking - Switching Solutions - Wireless Technologies
Products
Overview
SSecure Family
AuthAgent Family
SSecure Family
» V-IPSecure IPsec/IKE
» SSHield SSH
» SSLimSecure SSL
AuthAgent Family
INSECTS
Switchcraft
NetStack/RT
SecureAire
Licensing
Related Information

Build customized implementations of V-IPSecure with ease with the help of TeamF1’s professional services team. Common customizations include support for other authentication protocols, support for hardware accelerators, network processors off-load, FIPS 140-2 certification, and scaled-down application-specific implementations.

Learn More....

VPNC Certified
V-IPSecure
V-IPSecure
Embedded IPsec and IKE
V-IPSecure is a high-performance, embedded implementation of the IPsec protocol suite providing a high-quality cryptography-based secure communication channel on embedded systems. With full support for flexible policy specifications and complex security associations, it enables virtual private networks (VPN) to be easily carved out of public and/or insecure networks. V-IPSecure also includes a highly interoperable implementation of the IKE (Internet Key Exchange) protocol including advanced features such as support for IKEv2, NAT-T (NAT Traversal), Kerberos and X.509 digital certificate based authentication, in addition to standard pre-shared keys (PSK) IKE authentication. With its comprehensive, yet highly modular encryption cipher and cryptographic checksum library (including AES and SHA modules) V-IPsecure's designed-for-embedded implementation make it the IPsec implementation of choice for leading edge networked embedded devices.
In a Nutshell

ds-2.2
Highlights Product Overview
V-IPSecure implements a secure network layer (IPsec) that provides data integrity, origin authentication, data confidentiality, access control, partial sequence integrity, replay protection and traffic flow confidentiality services for communications between any two networks or hosts. V-IPSecure also includes a full-featured implementation of automatic key negotiation - Internet Key Exchange (IKE) - based on the Diffie-Hellman key exchange. V-IPSecure's IKE provides a mechanism for automatic generation and frequent renewal of the crypto keys for high security without increasing key-lengths which may slow down the encryption process.

V-IPSecure includes support for the Authentication Header (AH) and Encapsulated Security Payload (ESP) protocols in both Tunnel and Transport modes. V-IPSecure's IKE includes support for manual key exchange, pre-shared keys and custom authentication schemes that can precede the DH exchanges. Support for Perfect Forward Secrecy (PFS) is also included.

Besides the tight integration with the VxWorks operating system and its native network stack, which was developed as a part of the technology alliance, V-IPSecure includes leading edge features such as AES (Advanced Encryption Standard) support, a plug-in X.509 digital certificate authentication module, and integration with NetF1 - one of the fastest IPv6 stacks available for embedded devices.

Features

AH, ESP (with authentication option)

Tunnel and Transport Mode.

Support for Manual Key Exchange.

IKE with pre-shared keys.

IKE phase 1 Main Mode, Phase 2 Quick Mode.

Diffie-Hellman groups: 1, 2.

Support for IPv6.

IKE Hooks for Kerberos Authentication.

Configuration via commands or configuration file.

Database access APIs for SP and SA

Support for IKE INITIAL CONTACT

Support for Perfect Forward Secrecy (PFS)

Support for per-interface IPsec enable/disable

Support for CPU types of either endian-ness including PowerPC, MIPS, X86, ARM/XScale

Royalty-free full source distribution

Secure Network Layer
Also included in V-IPSecure are advanced features such as support for Kerberos authentication in IKE (including interoperability with Microsoft® Windows® Active Directory and Windows Server domain controller authentication), support for a wide variety of encryption ciphers and hashing algorithms, any of which can be scaled out if not in use, and Path Maximum Transmission Unit (PMTU) support to avoid fragmentation. The crypto libraries built into V-IPSecure are designed for hardware acceleration in an asychronous or synchronous manner, and several reference implementations and drivers to hardware acceleration chips are also provided, along with a pure software implementation.

V-IPSecure supports memory partitions and lean, yet fast abstractions. Because it is an integrated implementation, it does not suffer from the inefficiencies of the Bump-In-The-Stack or Bump-In-The-Wire model of other IPsec implementations. Designed exclusively for embedded use, V-IPSecure’s robust and configurable implementation makes it an ideal fit for embedded devices such as Internet appliances, VPNs, gateways, secure terminals, and routers.

Special Features

Includes implementations of the latest protocol versions - ESPv3, AHv3 and IKEv2

Support for NAT-Traversal (NAT-T)

Supports IPsec protocol acceleration in hardware and references drivers for various Hifn and Cavium Nitrox families are provided.

Supports advanced features such as caching, nested and bundled Security Associations, Dead Peer Detection and native IPv6 support

Enhanced memory management support

Requires no special network stack source code

Works with existing IPv4 and IPv6 stacks
 

Contact  |  Products  |  Support  |  Services  |  Company  |  Newsroom  |

© 2007 TeamF1, Inc.

Home Contact us Feedback Sitemap Top