Virtual Private Networks
Solutions from Lucent Technologies
High-Speed, Low-cost Networking
The advantages of wide area networking (WAN)technologies have long been recognised.They have enabled major corporations to build truly global communications networks,linking sites across countries,continents - and even across oceans.
Private networks have become a key factor in business success,eliminating geographical barriers and providing employees and business associates with fast access to vital information.They have made it possible to deliver innovative IT applications,opening up a world of new business possibilities.
But while the advantages are great, traditional private networks have their limitations, too. The technology is expensive, and provisioning can be slow - delaying projects by many weeks. In addition, the use of remote dialup access servers can add significantly to cost overheads, and necessitates complex and expensive technology updates.
Fortunately, however, there is now an alternative solution. Internet Virtual Private Networks (VPNs) deliver all the benefits associated with traditional implementations, without the attendant cost and implementation issues. In short, they provide a fast, efficient and cost-effective means of creating high-speed low-cost private network solutions.
The emergence of the Internet as a major communications technology has created a whole new platform for private networking. IP networks offer global reach, ubiquitous presence and the reduced costs associated with a shared network. Internet VPNs add the required level of security by combining encryption, authentication and access control with tunnelling controls.
The resulting private tunnels can then be combined to form logical private networks.
The use of Internet VPNs offers significant advantages, including:
- Low-cost secure WAN connectivity, making private networks attractive to a whole range of smaller organisations
- Rapid time-to-deployment of new business solutions, allowing a faster return on investment and first-to-market competitive advantage
- Flexibility to adapt to changing business conditions
To make the most of the opportunities presented by Internet VPNs, you need a partner with in-depth experience and understanding of this important technology. For this reason, more and more companies today are choosing to work with Lucent Technologies.
As a major player in the telecommunications sector, and an innovator in the Internet market, Lucent Technologies is well positioned to deliver a full range of Internet VPN solutions. Dedicated to building the next-generation networks today, the company offers the widest range of network solutions, and is the clear leader in end-to- end broadband networking. Lucent's expertise and technology is helping to
create the Internet of the future.
In particular, Lucent can help you in deploying two key Internet VPN alternatives:
- Enterprise Owned and Operated
- Service Provider or Carrier Managed Services
Enterprise Owned and Operated
Building an Internet VPN offers many advantages for major corporations today. Combining high security with low cost, a VPN offers an excellent foundation for company communications. The cost of providing remote access for mobile workers and satellite offices is also reduced substantially, with easy connectivity being available worldwide. Thanks to the economies of scale possible through the Internet, a VPN can also reduce the cost of operating your core IT infrastructure. Productivity can be increased, with easy access to corporate information anywhere in the world, and inherent flexibility ensures you can respond to new challenges and opportunities.
An enterprise VPN solution can be used to meet a whole range of application requirements, including:
- Conducting business operations through an intranet or extranet
- Providing secure communications facilities and secure Internet access
- Enabling electronic commerce
- Quality IP services.
Service Provider or Carrier
Managed Services Outsourcing VPN and e-business implementations can make sense for a whole range of businesses, from small companies through to large global enterprises. It provides them with the freedom to concentrate on core business, access to advanced solutions and the ability to scale their solution as requirements grow and change.
By offering managed VPN services to customers, service providers and carriers can extend their services portfolio, create new sources of revenue and build ongoing relationships with business customers.
At Lucent Technologies, we can help you create managed services which encompass:
- Network design and implementation
- Network management services
- Security services
- CPE deployment
- Web services
As a result, you can move the service demarcation into the customer's premises, gaining an additional opportunity for revenue generation. You can provide total managed solutions, with complete end-to-end security. You also have the flexibility to offer a variety of service levels, from simple connectivity to complete outsourcing, encompassing areas such as:
- Premise-based managed IP services
- Secure mobile and remote access services
- Secure site-to-site services
- Managed firewall services
- Managed CPE/CLE architecture
Lucent Technologies can help you create, manage and provide complete VPN solutions, including products such as:
IP VPN Routers
- Robust IP routing
- Fully VPN and QoS capable
-Replaces existing lower-speed, legacy routers for new services
- Spans the requirements of headquarters, branches and small offices
Standalone Firewall and VPN Gateway Appliances
- High-security stateful firewalls
- IPSec tunnel termination and encryption
- Scales for secure remote-access VPN requirements
- Provides firewall and VPN capabilities for sites with existing routers
- Best-of-breed IP QoS to support sites with existing routers
- Enables a broad range of business-quality IP services
- 10 Mbps or 100 Mbps of shaped traffic throughput
- Standards-based/class-based queuing IP QoS
- Flexible traffic classification
- Granular, explicit-rate control Optionally available with full IPSec VPN security
Software VPN/Firewall Clients
- IPSec and firewall software used by mobile employees and telecommuters
- Suitable for secure site-to-site communications on a per-user basis, at locations without a need for a VPN gateway
VPN/Firewall/QoS Policy Management Systems
- VPN configuration and management
- Policies for secure tunnelling, firewall management and advanced capabilities such as QoS
The Internet is already established as a major global communications network, and is sure to become more and more important in the years ahead. Advances in technology have ensured that IP communications can now be secure and reliable, as well as flexible and cost-effective.
As a result, Internet VPNs are making wide area networking a viable business possibility for a whole new sector of the market. Now smaller and medium-sized companies can reap true dividends by implementing VPN technology. But of course, every implementation creates issues and challenges. And with networking now becoming of crucial importance to every business, it is vital that your VPN delivers robust and reliable performance.
With a proven track record and in-depth experience, Lucent Technologies is your ideal working partner in this sector. Together, we can resolve the challenges and ensure that your business reaps the true potential of VPN communications.
Working with Lucent Technologies, you can create a whole new world of opportunity through effective use of Internet VPNs.
Virtual Private Networks
Lucent Technologies'provides the full spectrum of IP VPN solutions,from premises-based VPNs to Network based VPNs,or a combination of both.
In the case of a premises-based VPN,the VPN center is located at the customer's premises.No specific requirements are imposed on the core IP transport network other than the ability to route IP packets.
Network-based VPNs allow service providers a better means to control their VPN service in terms of bandwidth guarantees,delay and jitter performance and improved central management.
Lucent offers two types of Network based VPNs. Both adhere to Virtual Router architecture,however they are fully
configurable to allow interoperability with other or existing network based VPN solutions.
Combining elements from the above solutions allows service providers to offer their customers IP VPNs that allow end-to-end security and QoS.
The VPN products offered by Lucent Technologies include:
- Edge Access Systems WAN VPN
- Superpipe family
- Access Point family
- VPN Firewall
- Pipeline family
> Central Management Solutions
> Lucent Secure Management Server LSMS
Total VPN Solutions
Dedicated to building the next-generation networks today, Lucent Technologies offers a wide range of products to help you build efficient and profitable VPN networks.
The WAN VPN range includes leading-edge products that support advanced networks for Network Service Providers and Enterprises. The product suite comprises a wide selection of multiservice routers with multiple WAN access options, VPN gateways, firewalls and video devices.
Access Point Family
The Access Point family of multiservice IP routers combines IP routing, QoS, VPN and firewall features in a single high-performance platform. The product is designed to be deployed easily by Network Service Providers and enterprise customers.
Lucent has raised the standard for branch office ISDN/E1 routers with the award-winning Pipeline family. Featuring an integrated Lucent Secure VPN Services firewall and the best base featureset in the industry, this product family delivers advanced Internet, Enterprise and VPN solutions. Over a million units have been installed worldwide.
The SuperPipe family of routers provides a complete multiservice access solution for remote offices, small businesses and telecommuters. Built on the award-winning Pipeline platform, the SuperPipe provides increased functionality and processing power, making it ideal for Internet access, mission-critical applications, virtual private networks and voice/video services.
VPN Firewall Family
The VPN Firewall Brick 201 and VPN Firewall Brick 80 are high-performance, integrated firewall/VPN gateway devices. They provide the ideal solution for remote access VPNs and to overlay site-to-site VPNs into existing router networks.
Edge Access Systems – WAN VPN
Secure multiaccess routers for Internet access and VPNs, providing support for high-speed data circuit switched voice and videoconferencing. SuperPipe products feature integrated E1/V.35 TEV Frame Relay Port, ISDN BR1-U WAN interfaces and one 10/100 LAN port.
Capable of routing IP, IPX and AppleTalk, these products feature dynamic firewall, VPN and IPSec encryption. NavisConnect configuration makes set up fast and easy. The SuperPipe family also offers:
- A complete, fully-integrated WAN access solution, including everything a small business or branch office requires in an access router.
- Integrated features that allow for smooth growth to greater capabilities, including dual ISDN BRI support and integrated E1/V.35 frame relay.
- Value pricing to provide cost-effective solutions for growing companies and branch offices
SuperPipe products are ideal for applications such as:
- Multiservice Access
- SuperPipe offers support for Internet access, standard analogue phones or faxes and ISDN-based videoconferencing.
- Secure Corporate Internet Access
- Provides scalable Internet access, ranging from a single ISDN line to high-speed Frame Relay with integrated dynamic firewall.
- Virtual Private Networks
- Allows you to use the Internet for secure, cost-effective office-to-office file transfers and email.
- Offers features such as an integrated firewall, high-speed Internet access, dual phone ports and videoconferencing.
Access Point Family
The Access Point family of multiservice IP routers combines IP routing, QoS, VPN and firewall features in a single high-performance platform.
Access Point 1000 & 450 are easily deployed and managed as part of a carrier-managed service or an enterprise owned and operated network. Users can migrate from basic WAN access to more advanced VPN and SLA managed solutions with a single, purpose-built IP services platform.
This family of products offers:
- Robust, Internet-certified IP routing and WAN access services
- CBQ bandwidth management for explicit, policy-based bandwidth control
- Scalable IPSec and L2TP support for site-to-site and remote access VPNs
- Standards-based VPN security with packet-filtering firewall features
- Modular NxE1 to OC3-capable IP platform that can operate as a VPN-capable router, a high-performance LAN-to-LAN gateway or a QoS-enabled VPN gateway
- Access Point 1000 - Packet forwarding rates up to 450 Mbps, plus 3DES encrypted traffic forwarding rates of up to 155 Mbps.
- Access Point 450 - Packet forwarding rates of up to 200 Mbps and encrypted traffic forwarding rates of up to 80 Mbps
Applications for the Access Point family include:
Managed Router Service
The Access Point 1000 & 450 can be deployed as service CPE platforms, or as part of a carrier-managed router service - including high-speed, reliable access with unique SLA management and bandwidth control features.
Virtual Private Network
These solutions are ideally suited for deployment at large corporate sites, as part of a carrier-managed Intranet, Extranet and e-commerce offering.
Multi-Tenant Internet Access
Featuring scalable IP and Qos and VPN security features, the AP1000 & 450 offer a cost-effective means of providing high-quality, secure IP bandwidth to the individual tenants of a multi-tenant facility.
POP Access Router
Access Point is currently deployed as an access or 'leaf' POP router, thanks to its high-performance, Cisco-interoperable IP routing services.
Web/Application Hosting Services
The proven performance and scale of Access Point's bandwidth management/QoS feature make it uniquely suited to delivering high-quality, committed rate services in large-scale Web or application hosting environments.
VPN Firewall Family
Lucent's Firewall Bricks will operate seamlessly with any existing WAN router. They can be used as standalone, dedicated firewall devices within a corporate campus intranet, or in a dedicated firewall as part of a managed firewall or application-hosting service.
They can also be deployed effectively in VPN gateway solutions.
The products in the Firewall family offer:
- Bullet-proof security, integrating a full-feature ICSA and NSA-certified hybrid firewall
- Throughput of up to 75 Mbps 3DES and 3000 simultaneous VPN tunnels
- Centralised integrated management
- Industry-leading scalability
- Easy-to-use IPSec Client
Compliance with the most stringent interoperability requirements
The VPN Firewall Bricks can be used in applications such as:
- Secure Remote Access VPNs
- Managed firewall and VPN services
- Secure campus intranets
- Secure B2B partner extranets
- Site-to-site VPNs
- Secure e-commerce, web centre or application hosting
Lucent's easy-to-use Pipeline routers have the bandwidth, speed, protocol support and security features that you need for fast, reliable connections and secure communications. The Pipeline family raises the standard for branch office ISDN/E1.
One of the first in the market to feature POTs, throughput DBA and VPN, the Pipeline family offers proven performance, functionality and reliability. Other benefits include:
- Low running cost - with bandwidth dynamically increased or decreased to minimise line charges and maximise throughput
- Concurrent bridging and routing for flexible connection to any network
- BCP standard bridging
- IP, IPX and AppleTalk
- Firewall and IPSec encryption
- Industry-standard user authentication
- Easy set-up and configuration
- Remote Access
Central Management Solution
The Lucent Secure Management Server (LSMS) is a fully integrated security and VPN management system. It centralises and simplifies the logging, provisioning, monitoring and reporting requirements to build everything from small to large-scale VPN networks.
Benefits of the LSMS Include:
- Simplified VPN Management
- Dramatically reduced cost of ownership
- Management of up to 1000 VPN firewalls, Pipelines & SuperPipes multiservice routers and over 20,000 Ipsec clients simultaneously.
- Existing enterprise authentication servers can be leveraged.
- Digital certificates can be deployed using popular 3rd party public key infrastructure (PKI) products.
Access Point QVPN Builder
Access Point QVPN Builder software provides a centralized Internet VPN policy manager, allowing businesses and network service providers to build secure, high-performance intranet, extranet, and other e-business applications.
Key Features include:
- Large-scale implementation of secure IP VPNs.
- Greatly reduced the provisioning time and implementation expertise.
- Automatic translation of policies into site-level configurations.
- Provides comprehensive, real-time monitoring of VPN tunnel and firewall/QoS status, configuration state, and VPN traffic levels.