A modified graphic of a computer network is the logo for AEP Networks, a provider of remote access and data security products, including public key infrastructure solutions and our award-winning SSL VPN internet security appliances.
Home Contact Us
 
 
Products » NET » Features

Net Features

Network Integration

The equipment offers a 10 base-t Ethernet interface on the public network and a 10/100 base-t Ethernet interface on the private network and operates at Ethernet full wire rate. The IETF IPSEC standard ESP tunneling mode is used to provide packet level source identification and to hide private network structures, source IP address traffic volumes and to prevent attacks from the public network. The equipment appears as a network host on the public network, a router on the private network and the encryptor employs industry standard protocols. This means that the product set can be integrated into existing architectures seamlessly.

The use of an IETF standard transport protocol also allows the encrypted traffic to be routed across non-IP networks e.g. ATM, SMDS, Frame Relay, ISDN, Satcom, and Radio Links.

The product also provides DHCP bootp relay, Static and Dynamic source address NAT, secure SNMP and public and private network resilience protocols to assist integration into complex networks.

Management

The product set includes the cryptographic network management tools - UniCERT VPN Certification Authority - for authenticity certification, and the AEP Net Policy Manager for network configuration and control. These tools allow network managers to maintain high assurance cryptographic control of network membership (including central equipment registration and certificate revocation), and to manage Communities Of Interest (COIs).

Core Features

Built on ACCE technology
IPSEC Based IP Security Gateway
VPN operation - separates private and public networks
  Both certificate and address based Community of Interest (COI) Management
  Ethernet Full Wire Rate performance
  PKI Infrastructure using Baltimore UniCERT and AEP Net Keyper
HSM (optional)
  Digitally signed certificate requests (Smart Card based initialization)
  Automatic traffic key management using ISAKMP
  Continuous Output Monitor for cryptographic integrity assurance (ED20M/EC20M)
  Continuous Random Number Generation checks
  Self Test Health Check on power-up
  Secure Remote Management using AEP Policy Manager
  Acts as a router to the private network and a host on the public network
  Supports up to 1000 secure connections
  10 base-t public and 10/100 base-t private Ethernet interfaces
  Built on the tamper protective Crypto Kernel
  Compromise control
  Secure Audit and Accounting
  NAT, DHCP and SNMP support
  Small footprint allows desktop use and 19" rack-mounting
  Integrated smart card reader, keypad, display

Flexible, Scalable, Resilient

AEP Net has been designed to integrate into an IP environment like any other IP network product (e.g. router). As it encrypts at the IP layer it can be used for any application requiring packet protocol protection.

"If it can be routed it can be encrypted"

AEP Net encryptors are being used to protect not only computer-to-computer communications but also Voice over IP (VoIP), Video over IP and CCTV data over any number of communications infrastructures including ISDN, ATM, E1/T1, Satcom and Wireless Ethernet Bridge transports.

The encryptor management is deceptively simple to operate given that the product is supported by very sophisticated PKI key management and encryptor management tools and can be used to administer networks of any size between 10 and 1000 units - even larger networks are possible depending on the network topography.

The product has been engineered to the highest standards for deployment on high availability and critical networks. Not only do units have a very long lifetime but there is also the option to deploy the units in resilient pairs. In resilient mode the encryptors maintain a heartbeat protocol across both the public and private interfaces and will swap to a backup unit whenever a data path drops. This can be used to supplement or in some cases replace routing protocols such as HSRP, RIP and EIGRP.

Private Network Defense

The use of ESP tunnels defends private networks against attacks from the public domain. The encryptor has been independently tested to defend against all known network attacks, including swamping.

Typical Network Architecture

Net EB20M_100M Diagram

The example shows all the components of an AEP Net encryption system. The encryptors protect communications between client sites and the server site, the configuration could be fully meshed or hub and spoke. A primary and backup resilient pair of encryptors is installed at the server site to guarantee continuity of service. The encryptor management center is connected to the WAN protected by an AEP Net encryptor in management mode.

Proven in Operation

AEP Net product set has been deployed widely to protect National and International scale networks in the UK and Europe. These implementations have proved the security, manageability, flexibility and robustness of the equipment.
 
Related Resources:
Click here for AEP white papers.
Case Studies
and DataSheets:
Click here for case studies and datasheets.
Articles & Press:
Click here for articles and press releases.
 

AEP Net: VPN security with IP encryption creates truly secure networking with streamlined deployment and centralized management.


About | News | Solutions | Products | Demo | Where To Buy | Partners | Support | Contact Us | Sitemap| Webmaster | Legal | Home
Products
View All Products
Solutions by Industry
DataSheets
Whitepapers
Technology
Certification
Demo
Resources
SMARTGATE
NSP
SGA
NET
Overview
Certification
NET EB20M/EB100M
NET ED100M
NET ED20M
NET EC100M
NET EC20M
NET REMOTE
Features and Benefits
KEYPER
RUNNER