V6 Security, IPsec: Serious End-to-end security for transition to IPv6
About V6 Security
Related Links
Windows IPsec
Windows IPv6
Windows NAP
BSD Unix IPsec (KAME)
Linux IPsec (FreeS/WAN)
IETF IPsec BetterThanNothing
IETF IPsec Maint WG
IETF IPsec draft history
IETF Draft Search
VPNC IPsec Interop
ICSA IPsec Interop
Univ NH IPv6 Interop
IPv6TF Portal NEWS
IPv6 Forum
Related Links

The V6 Security Difference

We provide IT solution packages to IT organizations that help you save time, be more secure, at less cost, and to get more value out of the systems you already own. We also provide consulting services as experts in IPsec and IPv6 to IT organizations and IT consultants. You hire us to help ensure you can deliver your own solutions on time, and solutions that have higher customer satisfaction because they work extremely well in production deployment. We host our own solutions in a test mode so you can demo and evaluate them. And we can deploy our solutions for you in beta or pilot mode for extended evaluation.

V6 Security IT Solution Packages

IPv6 Application Compatibility Testing - We provide virtual test environments, a hosted infrastructure and guides for testing your applications for compatibility with dual-stack IPv4/IPv6 networks, and native IPv6-only environments. Multiple Windows domains, multiple IPv6 sites, DHCPv6, and all Windows IPv6 over IPv4 tunneling technologies (ISATAP, Teredo, 6to4, IP-HTTPS) and the Direct Access infrastructure. Windows domains, Exchange, SQL Server, IIS, Sharepoint and other server applications are included.

Direct Access - We provide architectural design, compatibility evaluation, implementation and training for using this latest advanced technology from Microsoft. DA provides completely transparent, seamless remote access to intranet resources using IPv6 and IPsec, tunneled over IPv4 where necessary. The user no longer has to click and connect a VPN connection; they just log into their desktop and have access to internal applications just as if there were on the internal network. But Direct Access also provides the ability for IT organizations to maintain domain management of remote clients when they are outside the network. And it provides for IPsec secure peer-to-peer connections between trusted domain members over the Internet. See the Microsoft Technet Direct Access site for details.

Windows Server 2008 Remote Access Gateways (IPv4 and/or IPv6 capable)- Windows Server 2008 provides 3 VPN clients that support IPv4 and IPv6, both for address assignment inside the tunnel, as well as over native IPv6 networks. L2TP/IPsec (RFC3193), "Agile VPN" that uses IKEv2/IPsec tunnel mode with MOBIKE, and SSTP. We may also offer a Windows Terminal Services Gateway (TSG) in the future.

Internet Server Lockdown (IPv4 and/or IPv6) - An easy to deploy IT solution that allows you to require IPv4 or IPv6 IPsec authentication and/or encryption for any TCP/IP access to application servers facing the Internet. This adds a very strong extra layer of defense, which is transparent to applications, to protect the whole server from Internet attack, in addition to protecting all applications on the server. Only trusted and authorized clients can access the server using IPsec. The IT solution provides easy computer certificate enrollment and maintenance for both clients and servers distributed by group policy, easy IPsec policy distributed by group policy, and provides user based IPsec authentication in Windows Vista and later clients.

Intranet Windows Domain Isolation (IPv4 and/or IPv6). Require IPsec for access inbound to any Windows 2000 or later Windows domain member computer. This provides strong defense against untrusted network attacks. Windows domain-member hosts have a policy that requires inbound traffic to use strong authentication and optional encryption for TCP/IP traffic that is application transparent. Network access controls can be configured to authorize specific members of the domain based on domain security groups that are centrally managed by IT, or locally managed by the server owner. Outbound communications are allowed to use IPsec or normal TCP/IP traffic. Our IT solution provides expert configuration, certificates if needed, and easy cross-platform policy management. For details on the domain isolation design using IPsec see this guide:

Domain and Server Isolation using IPsec and Group Policy
Co-authored with Microsoft® and published in March 2005, this is a 7 chapter detailed planning and management guide for using IPsec to provide host-based network access control (an "authenticating firewall"), as well as to secure TCP/IP traffic within internal networks. Requirements planning spreadsheets, troubleshooting tools and other appendices are packaged with the guide. Introductory whitepapers are available on the Windows® IPsec page.

  © V6 Security, Inc. 2009. All rights reserved. Legal notices and disclaimers | Privacy notice