The tables on this page describe some of the many features supported by VPNC's members in their IPsec software and hardware. The tables are presented in a variety of formats in order to give the best view on a variety of web browsers.
The first table is the legend to the features listed in the tables. After that, there is a Java applet that allows you to keep the row and column headings on your screen as you scroll around the chart. (The applet is about 100K.) That is followed by a standard HTML table that may not fit on your screen, particularly if you are not using small fonts. The last two tables list the same information, first by VPNC member company, then by feature.
For more information on the standards listed in this chart, please see the VPN standards pages.
| IPsec gateway | An IPsec system that acts as a security gateway that connects one or more networks to a different network (usually the Internet) |
| VPNC basic interoperability logo | Has one or more products which have passed the VPNC basic interoperability testing |
| VPNC AES interoperability logo | Has one or more products which have passed the VPNC AES interoperability testing |
| VPNC IKEv2 basic interoperability logo | Has one or more products which have passed the VPNC IKEv2 basic interoperability testing |
| VPNC IPv6 interoperability logo | Has one or more products which have passed the VPNC IPv6 interoperability testing |
| IPsec client for Windows | IPsec software that works on a single-user Windows system |
| IPsec client for Macintosh | IPsec software that works on a single-user Mac system |
| L2TP with IPsec | Runs L2TP for client authentication and routing in an IPsec tunnel |
| IKE aggressive mode | Can use aggressive (faster) key setup in IKE |
| IKE X.509 certificates | Uses public key certificates for authentication |
| IPPCP compression | Uses standard compression for IPsec traffic |
| TripleDES encryption | Uses the TripleDES algorithm for strong encryption |
| VPN toolkit | Software and/or hardware that can be used by OEMs to create VPN systems |
| Certificate authority | Certificate authority systems or services |
| IP VPN in layer 2 | Trusted layer 2 VPN using MPLS with transport of layer 2 frames over MPLS |
| IP VPN in layer 3 | Trusted layer 3 VPN using MPLS with constrained distribution of routing information through BGP |
| Frame Relay or ATM | Trusted layer 2 VPN using Frame Relay or ATM circuits |
| Quality of service (QoS) | Provides a provider-provisioned VPN with quality of service guarantees |
| IPsec+Legacy | Hardware that supports both IPsec over Ethernet as well as legacy private network technologies such as X.25 and POTS dial-back |
| Clustering | The ability to handle IKE and IPsec SAs so that the total VPN load is balanced over multiple cluster nodes that present single identity to remote peers |
| Failover | The ability for a device in an IPsec cluster to seamlessly inherit sessions from other devices in the cluster when those other devices fail |
| VPN test equipment | Performance/conformance test and measurement equipment for IPsec and/or MPLS |
| MOBIKE | Supports the MOBIKE protocol, RFC 4555 |
| IPv6 | Supports addressing using IPv6 |
| MODP group 5 | Supports IPsec MODP group 5 (1536 bits) |
| MODP group 14 | Supports IPsec MODP group 15 (2048 bits) |
| IPsec gateway | VPNC basic interoperability logo | VPNC AES interoperability logo | VPNC IKEv2 basic interoperability logo | VPNC IPv6 interoperability logo | IPsec client for Windows | IPsec client for Macintosh | L2TP with IPsec | IKE aggressive mode | IKE X.509 certificates | IPPCP compression | TripleDES encryption | VPN toolkit | Certificate authority | IP VPN in layer 2 | IP VPN in layer 3 | Frame Relay or ATM | Quality of service (QoS) | IPsec+Legacy | Clustering | Failover | VPN test equipment | MOBIKE | IPv6 | MODP group 5 | MODP group 14 | |
| AuthenTec |  |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||
| Certicom | |
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||
| Check Point | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||
| Cisco Systems | |
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||||
| Cyberoam | |
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||
| D-Link | |
|
|
|
|
|
|
|
||||||||||||||||||
| Encore Networks | |
|
|
|
|
|
|
|
|
|||||||||||||||||
| F5 | |
|
|
|
|
|||||||||||||||||||||
| Juniper Networks | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||
| McAfee | |
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||
| Mocana | |
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||||||
| NETGEAR | |
|
|
|
|
|
|
|||||||||||||||||||
| Net-Safe | |
|
|
|
|
|
|
|
|
|
|
|||||||||||||||
| Nortel | |
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||
| phion | |
|
|
|
|
|
|
|
|
|
||||||||||||||||
| SonicWALL | |
|
|
|
|
|
|
|
|
|
|
|||||||||||||||
| Stonesoft | |
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||||||
| TeamF1 | |
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||||||
| WatchGuard | |
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||
| Wind River | |
|
|
|
|
|
|
|
| Company | Features |
| AuthenTec | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, VPN toolkit, Certificate authority, Frame Relay or ATM, Failover, MOBIKE, IPv6, MODP group 5, MODP group 14 |
| Certicom | VPNC basic interoperability logo, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, VPN toolkit, Certificate authority, MOBIKE, MODP group 5, MODP group 14 |
| Check Point | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IPsec client for Macintosh, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, Certificate authority, Clustering, Failover, IPv6, MODP group 5, MODP group 14 |
| Cisco Systems | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IPsec client for Macintosh, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, IPsec+Legacy, Clustering, IPv6, MODP group 5 |
| Cyberoam | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Certificate authority, IPsec+Legacy, MODP group 5, MODP group 14 |
| D-Link | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, TripleDES encryption, Quality of service (QoS), Failover |
| Encore Networks | IPsec gateway, VPNC basic interoperability logo, IKE aggressive mode, TripleDES encryption, IP VPN in layer 2, IP VPN in layer 3 , Frame Relay or ATM, Quality of service (QoS), IPsec+Legacy |
| F5 | IPsec gateway, IKE X.509 certificates, TripleDES encryption, VPN toolkit, Certificate authority |
| Juniper Networks | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Quality of service (QoS), IPsec+Legacy, Clustering, Failover, IPv6, MODP group 5 |
| McAfee | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, VPN toolkit, Quality of service (QoS), MODP group 5, MODP group 14 |
| Mocana | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, VPN toolkit, MOBIKE, IPv6, MODP group 5, MODP group 14 |
| NETGEAR | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption |
| Net-Safe | IPsec gateway, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, VPN toolkit, Quality of service (QoS), Clustering, Failover, MODP group 5, MODP group 14 |
| Nortel | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IPsec client for Macintosh, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, IPsec+Legacy, Clustering, Failover |
| phion | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, L2TP with IPsec, IKE X.509 certificates, TripleDES encryption, Certificate authority, Quality of service (QoS), Failover, MODP group 5 |
| SonicWALL | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, IPsec client for Windows, L2TP with IPsec, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Quality of service (QoS), MODP group 5 |
| Stonesoft | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, Certificate authority, Clustering, Failover, MODP group 5, MODP group 14 |
| TeamF1 | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IKE aggressive mode, IKE X.509 certificates, IPPCP compression, TripleDES encryption, VPN toolkit, Quality of service (QoS), IPsec+Legacy, Failover, MODP group 5, MODP group 14 |
| WatchGuard | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, IPsec client for Windows, IKE aggressive mode, IKE X.509 certificates, TripleDES encryption, Certificate authority, Quality of service (QoS), IPsec+Legacy, Failover, MODP group 5 |
| Wind River | IPsec gateway, VPNC basic interoperability logo, VPNC AES interoperability logo, VPNC IKEv2 basic interoperability logo, VPNC IPv6 interoperability logo, TripleDES encryption, VPN toolkit, IPv6 |
| Feature | Companies |
| IPsec gateway An IPsec system that acts as a security gateway that connects one or more networks to a different network (usually the Internet) | AuthenTec, Check Point, Cisco Systems, Cyberoam, D-Link, Encore Networks, F5, Juniper Networks, McAfee, Mocana, NETGEAR, Net-Safe, Nortel, phion, SonicWALL, Stonesoft, TeamF1, WatchGuard, Wind River |
| VPNC basic interoperability logo Has one or more products which have passed the VPNC basic interoperability testing | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, D-Link, Encore Networks, Juniper Networks, McAfee, Mocana, NETGEAR, Nortel, phion, SonicWALL, Stonesoft, TeamF1, WatchGuard, Wind River |
| VPNC AES interoperability logo Has one or more products which have passed the VPNC AES interoperability testing | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, D-Link, Juniper Networks, McAfee, Mocana, NETGEAR, Nortel, phion, SonicWALL, Stonesoft, TeamF1, WatchGuard, Wind River |
| VPNC IKEv2 basic interoperability logo Has one or more products which have passed the VPNC IKEv2 basic interoperability testing | AuthenTec, Certicom, Juniper Networks, Mocana, SonicWALL, Wind River |
| VPNC IPv6 interoperability logo Has one or more products which have passed the VPNC IPv6 interoperability testing | AuthenTec, Juniper Networks, Mocana, Wind River |
| IPsec client for Windows IPsec software that works on a single-user Windows system | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, D-Link, Juniper Networks, NETGEAR, Nortel, SonicWALL, Stonesoft, WatchGuard |
| IPsec client for Macintosh IPsec software that works on a single-user Mac system | Check Point, Cisco Systems, Nortel |
| L2TP with IPsec Runs L2TP for client authentication and routing in an IPsec tunnel | AuthenTec, Check Point, Cisco Systems, Cyberoam, Juniper Networks, McAfee, Net-Safe, Nortel, phion, SonicWALL |
| IKE aggressive mode Can use aggressive (faster) key setup in IKE | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, D-Link, Encore Networks, Juniper Networks, McAfee, Mocana, NETGEAR, Net-Safe, Nortel, SonicWALL, Stonesoft, TeamF1, WatchGuard |
| IKE X.509 certificates Uses public key certificates for authentication | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, F5, Juniper Networks, McAfee, Mocana, NETGEAR, Net-Safe, Nortel, phion, SonicWALL, Stonesoft, TeamF1, WatchGuard |
| IPPCP compression Uses standard compression for IPsec traffic | AuthenTec, Check Point, Cisco Systems, McAfee, Stonesoft, TeamF1 |
| TripleDES encryption Uses the TripleDES algorithm for strong encryption | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, D-Link, Encore Networks, F5, Juniper Networks, McAfee, Mocana, NETGEAR, Net-Safe, Nortel, phion, SonicWALL, Stonesoft, TeamF1, WatchGuard, Wind River |
| VPN toolkit Software and/or hardware that can be used by OEMs to create VPN systems | AuthenTec, Certicom, F5, McAfee, Mocana, Net-Safe, TeamF1, Wind River |
| Certificate authority Certificate authority systems or services | AuthenTec, Certicom, Check Point, Cyberoam, F5, phion, Stonesoft, WatchGuard |
| IP VPN in layer 2 Trusted layer 2 VPN using MPLS with transport of layer 2 frames over MPLS | Encore Networks |
| IP VPN in layer 3 Trusted layer 3 VPN using MPLS with constrained distribution of routing information through BGP | Encore Networks |
| Frame Relay or ATM Trusted layer 2 VPN using Frame Relay or ATM circuits | AuthenTec, Encore Networks |
| Quality of service (QoS) Provides a provider-provisioned VPN with quality of service guarantees | D-Link, Encore Networks, Juniper Networks, McAfee, Net-Safe, phion, SonicWALL, TeamF1, WatchGuard |
| IPsec+Legacy Hardware that supports both IPsec over Ethernet as well as legacy private network technologies such as X.25 and POTS dial-back | Cisco Systems, Cyberoam, Encore Networks, Juniper Networks, Nortel, TeamF1, WatchGuard |
| Clustering The ability to handle IKE and IPsec SAs so that the total VPN load is balanced over multiple cluster nodes that present single identity to remote peers | Check Point, Cisco Systems, Juniper Networks, Net-Safe, Nortel, Stonesoft |
| Failover The ability for a device in an IPsec cluster to seamlessly inherit sessions from other devices in the cluster when those other devices fail | AuthenTec, Check Point, D-Link, Juniper Networks, Net-Safe, Nortel, phion, Stonesoft, TeamF1, WatchGuard |
| VPN test equipment Performance/conformance test and measurement equipment for IPsec and/or MPLS | |
| MOBIKE Supports the MOBIKE protocol, RFC 4555 | AuthenTec, Certicom, Mocana |
| IPv6 Supports addressing using IPv6 | AuthenTec, Check Point, Cisco Systems, Juniper Networks, Mocana, Wind River |
| MODP group 5 Supports IPsec MODP group 5 (1536 bits) | AuthenTec, Certicom, Check Point, Cisco Systems, Cyberoam, Juniper Networks, McAfee, Mocana, Net-Safe, phion, SonicWALL, Stonesoft, TeamF1, WatchGuard |
| MODP group 14 Supports IPsec MODP group 15 (2048 bits) | AuthenTec, Certicom, Check Point, Cyberoam, McAfee, Mocana, Net-Safe, Stonesoft, TeamF1 |
If you have questions about the tables or about VPNC, please feel free to contact Paul Hoffman, VPNC's director, at paul.hoffman@vpnc.org.
