Introduction

Today, company structures distributed across several locations are almost the rule rather than the exception, caused by frequent expansion, location change and outsourcing of departments. Changes in society also influence the flow of communication inside a company – experts working from home offices are commonplace in many industry sectors. As cooperation with external customers, partners and supplier gets closer and closer, often demand arises to integrate these groups tighter into the company - „Extranet“ is what it's all about.

Therefore, a continually growing number of business processes is connected to electronic data exchange between different locations. It is often not apparent at first glance how much a company's success here depends on reliable communication paths – until they fail for the first time and take operations down with them.

Virtual private networks (VPNs) are the answer to the demands of the interconnected business world. They allow consolidating all distributed activities into a single secure network isolated towards the outside. The data is transported across public wide area networks (WANs) – for example, the Internet.

The Viprinet technology, implemented in the Multichannel VPN Router for the first time, demonstrates a unique way to deploy such an Internet-based VPN with extreme reliability at a highly economic cost. Secure and reliable inter-site networking becomes affordable for businesses of all sizes for the first time.

Viprinet – the new independence

Business VPN solutions offered by network carriers are bound to the carrier's infrastructure, making them inflexible and not available at every site. Letting the provider operate those dedicated networks is expensive, too.

The consumer market for Internet access technologies paints a vastly different picture: Competing local, regional and national providers offer cheap and fast Internet connections using locally available access technologies (DSL, UMTS/EDGE, ISDN, WLAN, packet radio...). However, these products do not meet the requirements for a robust VPN connection – the reliability of the individual access technologies is insufficient.

This is where Viprinet comes in: Your VPN network's reliability does not depend on the physical line provider anymore. Instead the failure risk gets distributed across several lines that would be unreliable on their own – and thereby radically minimized. By using different access methods downtime gets reduced exponentially with the number of lines, and you achieve a total availability that would be impossible to attain using conventional technology.

Forget about special lines, providers or access technologies suitablefor VPN technology. Just use the best locally available access methods for each site, selected according to the site's requirements. Using our Multichanell VPN Router you can freely mix and match Internet access solutions to deploy a secure, private company network. Your VPN always stays cost-effective and flexibly adapts to changing demands.

What makes Viprinet special: Several potentially different Internet access technologies can be combined at a single site. Hot-plug modems for up to six lines can be directly installed into the Multichannel VPN Router, even when properties like bandwidth and latency differ among the lines (e.g. when bundling DSL lines with UMTS/EDGE connections). Unused backup lines simply don't exist here: The router bundles all currently available connections to connect the site with the VPN. When a single line goes down during operation no connection gets aborted, just the total available bandwidth decreases. This works because the Multichannel VPN Router, as the heart of your VPN, builds up a VPN tunnel over each line using the industry standard SSL (with 256 bit AES encryption) and then bundles these connections into one single tunnel through which your data flows.

Compared to MPLS-based VPN networks the clear advantages of the Viprinet approach become apparent: You are not bound to a single line provider for all locations – instead you individually select the most sensible and cheapest provider per site. Furthermore the data between the VPN endpoints is encrypted to protect against eavesdropping, which is not the case with MPLS.

The concept „security by obscurity“ is frowned upon, and rightfully so – but it does not cause any harm to make data traffic invisible to potential attackers after it has been encrypted using open and proven standards against eavesdropping. This is the case with Viprinet technology, as far as even possible: The data gets distributed across several lines and thereby provider backbones, with separate encryption for each line. By using SSL it is hard to distinguish the traffic from other TCP/IP packets – unlike IPSec. A nightmare for every attacker: encrypted, incomplete, hard to detect data.

Network Topologies

It is crucial to focus on the primary communication paths when planning wide area networks – do the branches communicate with a central server cluster or directly with each other? What percentage of the traffic leaves the VPN towards the Internet? After answering questions like this it should be possible to determine how much up- and downstream bandwidth each site requires. Thanks to Viprinet's bundling technology you can then choose a fitting combination of locally available Internet access products – for example several ADSL lines with large downstream capacity combined with one SDSL connection for additional upstream. It can make sense to add UMTS/EDGE or cable modem connections to the line bundle even when DSL is available at one site: thereby you minimize the chance of a malfunctioning DSL access concentrator disrupting your connectivity.

A site network using Viprinet is usually implemented using a star topology. A Multichannel VPN Router working as „VPN node“ is equipped with the modems required for the line types present and deployed in each branch. It then uses all available lines to connect to the „VPN hub“, a central router located at a data center. When the company headquarters is directly connected to a Internet backbone the VPN hub can be placed there, otherwise it should be put inside a high-availability, high-security colocation site. The VPN hub switches data between the various encrypted tunnels established with the VPN nodes. It also acts as a gateway to the Internet for packets leaving or entering the VPN, making it a ideal place for a enforcing a central firewall policy.

Field staff and home offices can easily be integrated into the network using secure authentication with the VPN Client software available for Windows, Linux and soon Mac OS X. Similar to the Multichannel VPN Router, it can use up to two Internet connections available at the computer in parallel – ideal as well for notebooks to switch between UMTS/EDGE and WLAN without dropping connections. The client's interface is intuitive and can easily be centrally administrated.

The Multichannel VPN Router – the heart of your VPN solution

The Multichannel VPN Router with its ability to use up to six local access lines in a bundle is the ideal base for a flexible VPN solution that can always adapt to changing requirements.

But hardware does not magically solve every problem: A company network requires strategies, goals and solid planning as well. Here you can rely on Viprinet's numerous affiliates. Many ISPs and solution providers are already working together with us to supply you with allround solutions – and their number grows day by day. Of course we would be pleased to work with your existing IT partner as well to coordinate the implementation. It goes without saying that customers with an internal IT department can order our products directly from us, the manufacturer.

We would love to work with you and potentially your partners to ensure optimal support for your VPN project. Contact us!