SSH Communications Security Advances Internet Security With Introduction of SSH IPSEC Express 4.0.Business Editors/High-Tech Writers
PALO ALTO, Calif.--(BUSINESS WIRE)--Oct. 24, 2000
IPSec Toolkit Extends to VxWorks and Emerging Industry Standards with
Support for IPv6, Automated PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of Certificate Enrollment, Network
Address Translation, and Rijndael Cipher
SSH Communications Security SSH Communications Security is a Finnish company that is based in Helsinki and was founded by Tatu Ylönen in 1995. It is known as the original developer of the Secure Shell protocol and it currently has about 80 employees. (SSH), a world-leading developer of Internet security technologies, today announced SSH(R) IPSEC Express(TM) 4.0, a new release of its award-winning IPSEC Express toolkit. SSH IPSEC Express 4.0 extends the functionality of its IPSec (Internet Protocol Security) solutions by adding support for the VxWorks operating system and the industry's latest Internet and industry standards such as IPv6, enhanced PKI (Public Key Infrastructure), and the new Rijndael cryptography standard. SSH's security toolkits implement IPSec and PKI standards to bring strong, cryptographic security to IP networks. SSH IPSEC Express 4.0 enables OEMs to bring their IPSec-based security applications to market quickly and efficiently.
About IPSec and SSH IPSEC Express
IPSec is an IETF See Internet Engineering Task Force.
IETF - Internet Engineering Task Force (Internet Engineering Task Force (c/o Corporation for National Research Initiatives (CNRI), Reston, VA, www.ietf.org) Founded in 1986, the IETF is a non-membership, open, voluntary standards organization dedicated to identifying problems and opportunities in IP data networks and proposing technical solutions to the ) standard for protecting IP traffic using cryptography on the packet level. This Internet protocol is the predominant security technology used in VPNs (Virtual Private Networks). A driving force for IPSec, VPNs allow users to establish secure data communications between multiple networks or network devices using insecure public networks such as the Internet. SSH's IPSec technology adds scalable, strong security to IP networks, without limiting its flexibility to enable new types of business opportunities, such as secure local and global communications between companies. SSH IPSEC Express is the world's leading toolkit for IPSec.
"SSH IPSEC Express 4.0 provides a highly scalable, reliable IPSec and PKI security solution previously unavailable for embedded devices such as Internet appliances, VPNs and routers," said George Adams, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of SSH, Inc. "With the inclusion of IPv6, NAT compatibility, enhanced PKI capabilities, and Rijndael cryptography, SSH IPSEC Express 4.0 underscores SSH's commitment to innovation and advancing Internet security technologies for our customers and partners."
SSH IPSEC Express 4.0 delivers major new features, including VxWorks support, IPv6 support, enhanced PKI functionality, port- or host-based NAT (Network Address Translation), Rijndael, and expanded support for SAs (Security Associations).
VxWorks -- VxWorks is the most widely adopted real-time operating system (operating system) Real-Time Operating System - (RTOS) Any operating system where interrupts are guaranteed to be handled within a certain specified maximum time, thereby making it suitable for control of hardware in embedded systems and other time-critical applications. in the embedded industry. SSH IPSEC Express 4.0 now provides an integrated turnkey IPSec, IKE, and X.509 PKI certificate solutions for vendors using the VxWorks platform.
IPv6 Support -- SSH IPSEC Express 4.0 offers OEMs support for the industry's next generation standard, IPv6, also called "IPng" (IP Next Generation). IPv6 is the most current version of the IP (Internet Protocol) under review by the IETF. It lengthens IP addresses from 32 bits to 128 bits, extending the number of potential network addresses to accommodate the exploding growth of wireline and wireless users and devices on the Internet. IPv6 mandates IPSec for secure communications.
Enhanced PKI Functionality -- SSH IPSEC Express 4.0 includes features for easy integration and interoperability with PKIs. In addition to OCSP OCSP Online Certificate Status Protocol
OCSP Off-Campus Study Program (Online Certificate Status Protocol The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 2560 and is on the Internet standards track. ), SSH IPSEC Express 4.0 now includes features such as client-side SCEP SCEP Student Career Experience Program
SCEP Simple Certificate Enrollment Protocol (Cisco)
SCEP Syndicat Canadien des Communications, de l'Énergie et du Papier (Communications, Energy and Paperworkers Union) (Simple Certificate Enrollment Protocol Simple Certificate Enrollment Protocol is a draft Internet standard (or RFC). The current version is referenced by the IETF as follows:
INTERNET DRAFT: draft-nourse-scep-15. ) and CMP CMP (cytidine monophosphate): see cytosine.
(1) (CMP Media LLC, Manhasset, NY, www.cmp.com) Part of United Business Media, CMP is a leading integrated media company that offers a wide variety of publications and services in the information (Configuration Management Protocol) for automated certificate enrollment. Additionally, as an alternative to CRLs (Certificate Revocation Lists) in time critical certificate validity checks, certificates can now be validated online using OCSP.
Port- or Host-Based NAT -- NAT devices map and expand the number of IP addresses from one network to another to enable greater numbers of users and IP-connected devices within local networks, mask specific user IP addresses from exposure to the open Internet, and save costs by reducing the number of Internet addresses and connections enterprises need for employee Internet access. SSH IPSEC Express 4.0 offers OEM vendors integrated IPSec-NAT compatibility for easier deployment in their products and faster time-to-market. When combined with SSH's NAT Traversal(TM) Toolkit, announced in September 2000, complete, end-to-end IPSec security through NAT devices is achievable.
Rijndael -- Rijndael is the proposed AES (Advanced Encryption Standard (cryptography, algorithm) Advanced Encryption Standard - (AES) The NIST's replacement for the Data Encryption Standard (DES). The Rijndael /rayn-dahl/ symmetric block cipher, designed by Joan Daemen and Vincent Rijmen, was chosen by a NIST contest to be AES. ) candidate recently selected by NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. (National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. ). The algorithm can be implemented very efficiently on a wide range of processors in software and in hardware. SSH IPSEC Express 4.0 provides OEM vendors with off-the-shelf, leading-edge support for this key new cryptography algorithm standard.
Expanded Support for SAs -- SSH IPSEC Express 4.0 users will have the added benefit of scaling to very large systems. This feature will allow up to 50,000 IPSec SAs for enterprise-class intranets and extranets for business-to-business e-commerce and enterprise resource planning See ERP.
(application, business) Enterprise Resource Planning - (ERP) Any software system designed to support and automate the business processes of medium and large businesses. . The technology will also bring IPSec to large multi-site enterprise networks and multi-company VPNs. This scalability allows the same technology base to support the smallest to the largest system requirements.
Pricing and Availability
SSH IPSEC Express 4.0 is shipping immediately to licensees under active maintenance agreements. The SSH IPSEC Express 4.0 Toolkit is available for licensing and immediate delivery. Please contact an SSH Sales representative for further details.
About SSH Communications Security
Founded in 1995, SSH Communications Security is a world-leading supplier of Internet security software for demanding network security solutions. SSH provides best-of-breed cryptography and authentication technologies for secure Internet communications. SSH IPSEC Express is the world's leading toolkit for IPSec (Internet Protocol Security), IKE (Internet Key Exchange Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. Overview
IKE is defined in RFC 2407, RFC 2408 and RFC 2409. IKEv2 is defined in RFC 4306. ) and X.509 certificate management system solutions. Since 1997, numerous Internet infrastructure providers, OEMs, and system integrators have licensed SSH IPSEC Express to incorporate high security into their products. These customers include many IT market leaders such as Compaq, Ericsson, Lucent Technologies, Nokia, and Sun Microsystems, among others. The company's SSH Secure Shell application has become the de-facto standard for secure logins, and now has millions of users in over 80 countries. For more information, please visit www.ssh.com.