VPNC logo
VPNC members | VPN technologies | Mailing list | Join VPNC
Interoperability testing | Documentation profiles | VPN standards | IPsec features chart | SSL features chart | VPN white papers
VPN conferences | IPsec bakeoff | Definitions | HIPAA | VPNC home

VPNC Members Supported Features — IPsec

The tables on this page describe some of the many features supported by VPNC's members in their IPsec software and hardware. The tables are presented in a variety of formats in order to give the best view on a variety of web browsers.

The first table is the legend to the features listed in the tables. After that, there is a Java applet that allows you to keep the row and column headings on your screen as you scroll around the chart. (The applet is about 100K.) That is followed by a standard HTML table that may not fit on your screen, particularly if you are not using small fonts. The last two tables list the same information, first by VPNC member company, then by feature.


Legend

For more information on the standards listed in this chart, please see the VPN standards pages.

IPsec gateway An IPsec system that acts as a security gateway that connects one or more networks to a different network (usually the Internet)
VPNC AES interoperability logo Has one or more products which have passed the VPNC AES interoperability testing
VPNC IKEv2 basic interoperability logo Has one or more products which have passed the VPNC IKEv2 basic interoperability testing
VPNC IPv6 interoperability logo Has one or more products which have passed the VPNC IPv6 interoperability testing
IPsec client for Windows IPsec software that works on a single-user Windows system
IPsec client for Macintosh IPsec software that works on a single-user Mac system
L2TP with IPsec Runs L2TP for client authentication and routing in an IPsec tunnel
IKE aggressive mode Can use aggressive (faster) key setup in IKE
IKE X.509 certificates Uses public key certificates for authentication
IPPCP compression Uses standard compression for IPsec traffic
TripleDES encryption Uses the TripleDES algorithm for strong encryption
VPN toolkit Software and/or hardware that can be used by OEMs to create VPN systems
Certificate authority Certificate authority systems or services
IP VPN in layer 2 Trusted layer 2 VPN using MPLS with transport of layer 2 frames over MPLS
IP VPN in layer 3 Trusted layer 3 VPN using MPLS with constrained distribution of routing information through BGP
Frame Relay or ATM Trusted layer 2 VPN using Frame Relay or ATM circuits
Quality of service (QoS) Provides a provider-provisioned VPN with quality of service guarantees
IPsec+Legacy Hardware that supports both IPsec over Ethernet as well as legacy private network technologies such as X.25 and POTS dial-back
Clustering The ability to handle IKE and IPsec SAs so that the total VPN load is balanced over multiple cluster nodes that present single identity to remote peers
Failover The ability for a device in an IPsec cluster to seamlessly inherit sessions from other devices in the cluster when those other devices fail
VPN test equipment Performance/conformance test and measurement equipment for IPsec and/or MPLS
MOBIKE Supports the MOBIKE protocol, RFC 4555
IPv6 Supports addressing using IPv6
MODP group 5 Supports IPsec MODP group 5 (1536 bits)
MODP group 14 Supports IPsec MODP group 15 (2048 bits)


Features (Java applet)


Features (HTML table)

  IPsec gateway VPNC AES interoperability logo VPNC IKEv2 basic interoperability logo VPNC IPv6 interoperability logo IPsec client for Windows IPsec client for Macintosh L2TP with IPsec IKE aggressive mode IKE X.509 certificates IPPCP compression TripleDES encryption VPN toolkit Certificate authority IP VPN in layer 2 IP VPN in layer 3 Frame Relay or ATM Quality of service (QoS) IPsec+Legacy Clustering Failover VPN test equipment MOBIKE IPv6 MODP group 5 MODP group 14
Barracuda NetworksYes  Yes          Yes  Yes  Yes    Yes    Yes        Yes      Yes        Yes   
Certicom  Yes  Yes    Yes      Yes  Yes    Yes  Yes  Yes                  Yes    Yes  Yes 
Cisco SystemsYes  Yes      Yes  Yes  Yes  Yes  Yes  Yes  Yes              Yes  Yes        Yes  Yes   
CyberoamYes  Yes      Yes    Yes  Yes  Yes    Yes    Yes          Yes            Yes  Yes 
D-LinkYes  Yes      Yes      Yes      Yes            Yes      Yes           
Dell SonicWALLYes  Yes  Yes    Yes    Yes  Yes  Yes    Yes            Yes              Yes   
Encore NetworksYes              Yes      Yes      Yes  Yes  Yes  Yes  Yes               
F5Yes                Yes    Yes  Yes  Yes                         
INSIDE SecureYes  Yes  Yes  Yes  Yes    Yes  Yes  Yes  Yes  Yes  Yes  Yes      Yes        Yes    Yes  Yes  Yes  Yes 
Juniper NetworksYes  Yes  Yes  Yes  Yes    Yes  Yes  Yes    Yes            Yes  Yes  Yes  Yes      Yes  Yes   
MocanaYes  Yes  Yes  Yes        Yes  Yes    Yes  Yes                    Yes  Yes  Yes  Yes 
NETGEARYes  Yes      Yes      Yes  Yes    Yes                             
StonesoftYes  Yes      Yes      Yes  Yes  Yes  Yes    Yes            Yes  Yes      Yes  Yes  Yes 
TeamF1Yes  Yes            Yes  Yes  Yes  Yes  Yes          Yes  Yes    Yes        Yes  Yes 
Wind RiverYes  Yes  Yes  Yes              Yes  Yes                      Yes     
ZyXELYes  Yes      Yes    Yes  Yes  Yes    Yes            Yes  Yes    Yes        Yes   


Listing By Company

Company Features
Barracuda Networks IPsec gateway, VPNC AES interoperability logo, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Certificate authority, Quality of service (QoS), Failover, MODP group 5
Certicom VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, VPN toolkit, Certificate authority, MOBIKE, MODP group 5, MODP group 14
Cisco Systems IPsec gateway, VPNC AES interoperability logo, IPsec client for Windows, IPsec client for Macintosh, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, IPsec+Legacy, Clustering, IPv6, MODP group 5
Cyberoam IPsec gateway, VPNC AES interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Certificate authority, IPsec+Legacy, MODP group 5, MODP group 14
D-Link IPsec gateway, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, TripleDES encryption, Quality of service (QoS), Failover
Dell SonicWALL IPsec gateway, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Quality of service (QoS), MODP group 5
Encore Networks IPsec gateway, IKE aggressive mode, TripleDES encryption, IP VPN in layer 2, IP VPN in layer 3 , Frame Relay or ATM, Quality of service (QoS), IPsec+Legacy
F5 IPsec gateway, IKE X.509 certificates, TripleDES encryption, VPN toolkit, Certificate authority
INSIDE Secure IPsec gateway, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, VPN toolkit, Certificate authority, Frame Relay or ATM, Failover, MOBIKE, IPv6, MODP group 5, MODP group 14
Juniper Networks IPsec gateway, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Quality of service (QoS), IPsec+Legacy, Clustering, Failover, IPv6, MODP group 5
Mocana IPsec gateway, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, VPN toolkit, MOBIKE, IPv6, MODP group 5, MODP group 14
NETGEAR IPsec gateway, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption
Stonesoft IPsec gateway, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, Certificate authority, Clustering, Failover, IPv6, MODP group 5, MODP group 14
TeamF1 IPsec gateway, VPNC AES interoperability logo, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, VPN toolkit, Quality of service (QoS), IPsec+Legacy, Failover, MODP group 5, MODP group 14
Wind River IPsec gateway, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, TripleDES encryption, VPN toolkit, IPv6
ZyXEL IPsec gateway, VPNC AES interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Quality of service (QoS), IPsec+Legacy, Failover, MODP group 5


Support by Feature

Feature Companies
IPsec gateway
An IPsec system that acts as a security gateway that connects one or more networks to a different network (usually the Internet)
Barracuda Networks, Cisco Systems, Cyberoam, D-Link, Dell SonicWALL, Encore Networks, F5, INSIDE Secure, Juniper Networks, Mocana, NETGEAR, Stonesoft, TeamF1, Wind River, ZyXEL
VPNC AES interoperability logo
Has one or more products which have passed the VPNC AES interoperability testing
Barracuda Networks, Certicom, Cisco Systems, Cyberoam, D-Link, Dell SonicWALL, INSIDE Secure, Juniper Networks, Mocana, NETGEAR, Stonesoft, TeamF1, Wind River, ZyXEL
VPNC IKEv2 basic interoperability logo
Has one or more products which have passed the VPNC IKEv2 basic interoperability testing
Certicom, Dell SonicWALL, INSIDE Secure, Juniper Networks, Mocana, Wind River
VPNC IPv6 interoperability logo
Has one or more products which have passed the VPNC IPv6 interoperability testing
INSIDE Secure, Juniper Networks, Mocana, Wind River
IPsec client for Windows
IPsec software that works on a single-user Windows system
Certicom, Cisco Systems, Cyberoam, D-Link, Dell SonicWALL, INSIDE Secure, Juniper Networks, NETGEAR, Stonesoft, ZyXEL
IPsec client for Macintosh
IPsec software that works on a single-user Mac system
Cisco Systems
L2TP with IPsec
Runs L2TP for client authentication and routing in an IPsec tunnel
Barracuda Networks, Cisco Systems, Cyberoam, Dell SonicWALL, INSIDE Secure, Juniper Networks, ZyXEL
IKE aggressive mode
Can use aggressive (faster) key setup in IKE
Barracuda Networks, Certicom, Cisco Systems, Cyberoam, D-Link, Dell SonicWALL, Encore Networks, INSIDE Secure, Juniper Networks, Mocana, NETGEAR, Stonesoft, TeamF1, ZyXEL
IKE X.509 certificates
Uses public key certificates for authentication
Barracuda Networks, Certicom, Cisco Systems, Cyberoam, Dell SonicWALL, F5, INSIDE Secure, Juniper Networks, Mocana, NETGEAR, Stonesoft, TeamF1, ZyXEL
IPPCP compression
Uses standard compression for IPsec traffic
Cisco Systems, INSIDE Secure, Stonesoft, TeamF1
TripleDES encryption
Uses the TripleDES algorithm for strong encryption
Barracuda Networks, Certicom, Cisco Systems, Cyberoam, D-Link, Dell SonicWALL, Encore Networks, F5, INSIDE Secure, Juniper Networks, Mocana, NETGEAR, Stonesoft, TeamF1, Wind River, ZyXEL
VPN toolkit
Software and/or hardware that can be used by OEMs to create VPN systems
Certicom, F5, INSIDE Secure, Mocana, TeamF1, Wind River
Certificate authority
Certificate authority systems or services
Barracuda Networks, Certicom, Cyberoam, F5, INSIDE Secure, Stonesoft
IP VPN in layer 2
Trusted layer 2 VPN using MPLS with transport of layer 2 frames over MPLS
Encore Networks
IP VPN in layer 3
Trusted layer 3 VPN using MPLS with constrained distribution of routing information through BGP
Encore Networks
Frame Relay or ATM
Trusted layer 2 VPN using Frame Relay or ATM circuits
Encore Networks, INSIDE Secure
Quality of service (QoS)
Provides a provider-provisioned VPN with quality of service guarantees
Barracuda Networks, D-Link, Dell SonicWALL, Encore Networks, Juniper Networks, TeamF1, ZyXEL
IPsec+Legacy
Hardware that supports both IPsec over Ethernet as well as legacy private network technologies such as X.25 and POTS dial-back
Cisco Systems, Cyberoam, Encore Networks, Juniper Networks, TeamF1, ZyXEL
Clustering
The ability to handle IKE and IPsec SAs so that the total VPN load is balanced over multiple cluster nodes that present single identity to remote peers
Cisco Systems, Juniper Networks, Stonesoft
Failover
The ability for a device in an IPsec cluster to seamlessly inherit sessions from other devices in the cluster when those other devices fail
Barracuda Networks, D-Link, INSIDE Secure, Juniper Networks, Stonesoft, TeamF1, ZyXEL
VPN test equipment
Performance/conformance test and measurement equipment for IPsec and/or MPLS
MOBIKE
Supports the MOBIKE protocol, RFC 4555
Certicom, INSIDE Secure, Mocana
IPv6
Supports addressing using IPv6
Cisco Systems, INSIDE Secure, Juniper Networks, Mocana, Stonesoft, Wind River
MODP group 5
Supports IPsec MODP group 5 (1536 bits)
Barracuda Networks, Certicom, Cisco Systems, Cyberoam, Dell SonicWALL, INSIDE Secure, Juniper Networks, Mocana, Stonesoft, TeamF1, ZyXEL
MODP group 14
Supports IPsec MODP group 15 (2048 bits)
Certicom, Cyberoam, INSIDE Secure, Mocana, Stonesoft, TeamF1


If you have questions about the tables or about VPNC, please feel free to contact Paul Hoffman, VPNC's director, at paul.hoffman@vpnc.org.