Branch office tunnels, Portal guard, Ssl acceleration – Nortel Networks NN46120-104 User Manual
Page 22
22
Introducing the VPN Gateway
•
Private network authentication. Existing authentication servers within
the customer’s private network can be used.
•
Access control. Unique access rules can be specified for each user
group in the various VPNs.
•
Private network name resolution. If desired, private network DNS
servers can be mapped to the VPN.
•
Split administration. VPN Portal management is enabled for each
VPN customer through a web interface, without exposing global
administration access.
•
High availability. The Secure Service Partitioning solution is compatible
with the NVG cluster’s high availability solutions.
Branch Office Tunnels
The NVG software provides the ability to configure IPsec-based branch
office tunnels. Several peer-to-peer branch office tunnels can be
configured for each virtual private network (VPN).
The following number of branch office tunnels can be configured per
hardware model:
•
NVG 3070: 2500
•
NVG 3050: 1000
•
Nortel 2424-SSL Application Switch: 500
For example, a cluster of two NVG 3070s support 5000 branch office
tunnels.
Portal Guard
Feature used to "convert" an existing HTTP site to generate HTTPS links,
secure cookies and so on. The VPN Gateway will not only handle the SSL
processing but also see to it that all existing web links are rewritten to
HTTPS. This eliminates the need to rewrite each link manually. Requires a
license.
SSL Acceleration
The NVG software also includes features for SSL acceleration. Note
that these features in some cases require interoperation with a Nortel
Application Switch.
•
Supports accelerated SSL processing by offloading SSL encryption
and decryption from backend servers.
•
Supports load balancing of encrypted and unencrypted traffic for up
to 256 backend servers, with health checking and persistent client
connections.
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.