Category:
Firewalls, Virtual Private Networks (VPN), Encryption
Modification:
Hardware
Operating system/
platform:
Linux

The ViPNet Coordinator VA virtual appliance is a versatile security gateway for deploying on a virtualization and cloud platforms. It provides secure access to virtualized data centers in dynamic cloud environment, protecting against network attacks and unauthorized access. The virtual appliance can be seamlessly integrated into an existing infrastructure. It satisfies the most severe requirements on functionality, usability, reliability, and fault tolerance.

ViPNet Coordinator VA is a virtualized software solution which are intended for deploying the coordinator on a virtualization platform (VMware vSphere, Oracle VM (Xen) Server, Microsoft Hyper-V) or in the cloud services (Amazon Web Services and Microsoft Azure).

You can manage ViPNet Coordinator VA via user-friendly web interface, SSH console, and via central management system.


Use Cases

ViPNet Coordinator VA, together with other ViPNet VPN products, provides effective implementation of many data protection user scenarios:

  • Establishing secure communication channels between different offices of a company (site-to-site and multi-site-to-site)
  • Protected access for remote and mobile users
  • Protecting backbone links between data centers
  • Protecting wireless networks
  • Protecting multiservice networks (including IP telephony and videoconferencing)
  • Data access control in LANs
  • Secure controlled access to the Internet
  • And any combinations of the above-mentioned scenarios

Advantages

Virtualization technology offers more freedom as you do need to solve any compatibility issues with other vendors´ operating systems and applications, virtual appliance implementation does not affect your business processes. The virtual appliance is pre-installed on an adapted Linux OS and can be deployed on various virtualization platforms.

And also:

  • No license restrictions for the concurrent VPN connections through ViPNet Coordinator for Windows
  • Fully compatible with modern network services:
    • DHCP, WINS, DNS services
    • Dynamic address translation (NAT, PAT)
    • Multimedia protocols (SIP, H323, SCCP, and others)
  • Failover cluster enhances fault-tolerance

Secure remote management

Centralized management

ViPNet Administrator, ViPNet Network Manager or ViPNet NSMS

Remote access

Web interface, command line interface

Security features

VPN gateway

Provides site-to-site and client-to-site encrypted connections.

The coordinator can perform network-layer (OSI model layer 3) and link-layer tunneling (OSI model layer 2).

L2OverIP technology allows you to establish encrypted connection between sites in a common broadcast domain.

Stateful Packet Inspection Firewall

Provides filtering of public and VPN traffic by IP, VPN ID, TCP/UDP ports, and type of the over-IP protocol.

IP address server

Provides for connectivity between the VPN hosts. IP address server informs the client about statuses and connection parameters of ViPNet hosts this client is linked with.

VPN router

Encrypted traffic is routed based on the ViPNet host identifiers specified in the unencrypted part of IP packets, which is protected against falsification. The routing is performed over a proprietary protocol designed for secure dynamic routing of traffic. Along with the routing, network address translation (NAT) is performed for encrypted traffic. All forward encrypted packets that are received by a coordinator are sent to other hosts with the coordinator’s IP address as their source IP address.

Transport server

A transport server ensures the delivery of control messages, key set updates, and software updates from centralized management software to hosts and the exchange of application and transport envelopes between hosts.

Integrated Services

VA100

VA500

VA1000

VA2000

DNS, NTP, DHCP server

+

+

+

+

DHCP relay

+

+

+

+

IPsec gateway

+

+

-

-

Failover cluster

+

+

+

+

Virtual Environment Requirements

Virtualization platforms (on-premise)

Recommended version

VMware vSphere ESXi

6.5

VMware Workstation

12.x

Oracle VM Virtualbox

5.x

Oracle VM (Xen) Server

3.4

Microsoft Hyper-V

10.0

Virtualization platforms (cloud)

Amazon Web Services

Microsoft Azure

Parameters*

ViPNet Coordinator VA modification

VA100

VA500

VA1000

VA2000

VPN throughput, Mbit/s

100

500

1200

3200

Firewall throughput, Mbit/s

200

900

1500

4500

Max number of concurrent sessions

150.000

500.000

1.000.000

3.000.000

* Testing was done on the server with 2x Intel® Xeon® CPU E processors. Each value was obtained in a separate performance test.