Industry giants are backing IP Security (IPSec) to push the technology to the front of the the network security market. Intel, IBM, Compaq, Microsoft and Entrust Technologies are furnishing products which support the IPSec specification.
IPSec is a virtual private network (VPN) security technology, with integrated support for shared secret key and digital certificate authentication.
Chip maker Intel said it will provide IPSec products for both client and server platforms, which will be enhanced to work with Microsoft's Windows 2000 operating system when it is released.
Mark Christensen, vice president and general manager of Intel's network communications group, said: "Protecting large volumes of data with strong encryption technology drains processing power, and the chipset will help offload some of that work from a PC's or server's CPU", he said.
Compaq and IBM will incorporate IPSec technology into their PC and server platforms, and IBM and Intel are working on products to protect data travelling between systems, which the companies said will boost network performance and unclog bottlenecks at the client level.
In addition, Intel and Entrust have formed the Intel-Entrust Interoperability Alliance to integrate their public certificate-based security products across enterprise networks.
Nigel Johnson, Entrust's vice president of partner marketing, said: "Using IPSec will give IS managers lower cost of ownership and single sign-on.?
Means to an end
According to the Gartner Group, the three principal ways to use IPSec include linking a branch office and the corporate network over the Internet, encrypting and securing links within a campus network, and remotely accessing the corporate LAN by way of the Net.
According to John Pescatore, research director with Gartner, the last mentioned method, the so-called ?end-to-end? approach with IPSec, where a client device with IPSec software sets up a secure tunnel to a server via an IP network, is becoming the most prevalent.
Another potential boost for IPSec is Microsoft's plan to build the protocol into the upcoming Windows 2000 operating system.
The company will include Internet Key Exchange and central security policy management as part of its TCP/IP protocol stack. By tying the IPSec capabilities to Windows 2000's Active Directory feature, companies will be able to set centrally defined security policies more easily, said Ron Cully, lead product manager for Windows networking.
"IPSec is not an add-on, it's a fundamental part of how the operating system works and how security is applied," he said.
Securing data traffic
The IPSec standard, as defined by the Internet Engineering Task Force (IETF), means it provides a common method for authentication, integrity and encryption at the network or packet processing layer of network communication. Earlier security approaches have inserted security at the application layer.
"There is no question that IPSec exceeds the simple authentication and verification of a firewall, providing vendor-independent encryption," said Kevin Tolly, president of The Tolly Group.
"The question customers should ask is, should we deploy IPSec with its sophisticated authentication and encryption, or rely upon more straightforward security systems such as firewalls and carrier-based circuit VPNs that are more universally available. Neither is perfect and complete. Neither will replace the other."
The IETF is working to plug the gap in the IPSec virtual private network standard that lets VPN equipment continue to send packets even after the equipment receiving the data has failed.
A new consortium, the Trusted Computing Alliance, is working to propose a standard that will complement current security standards, including IPSec, along with smart cards and biometrics.
Alliance members include Intel, Microsoft, Compaq Computer, Hewlett-Packard and IBM, which will develop a specification called the Trusted Computing Alliance Specification, which will try to develop basic hardware and software security standards for PC desktops, notebooks and servers.
"We all concluded that unless we took a proactive role, things would not evolve in a consistent and compatible way between vendors, and that we would not have the client-side security features that people would want in the future," said Phil Hester, chief technology officer, IBM Personal Systems Group.
Although IPSec still has not taken off in most enterprises, news that industry heavyweights are jointly backing the technology will raise awareness about many other options.
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23