Advertisement

VPN Consortium (VPNC) Certification

Visit the VPNC web site for more information.

The VPN Consortium (VPNC) is the international trade association for manufacturers in the VPN market. It has over 30 member companies from all parts of the VPN market, and covers IPsec VPNs, SSL VPNs, and trusted VPNs such as those based on MPLS. Its web site at www.vpnc.org contains information on VPN technologies, member profiles, white papers from the membership, and extensive testing information.

SSL VPN Testing

1. What tests does the VPNC perform for its SSL-based members?

The SSL VPN market is quite different than the IPsec VPN market. In the SSL VPN market, interoperability between SSL clients (usually Microsoft's Internet Explorer or Firefox) and the SSL VPN gateway is assumed to be complete, and this is a reasonable assumption. However, what is not assumed is that the SSL VPN gateways will act correctly when acting as a front end for corporate web sites. Thus, the interoperability being tested for is between the gateway and typical web applications that are to be made accessible to remote access users. The most important thing an SSL VPN gateway can do is allow a company to continue to use its current internal web sites and corporate portals. In order to do this, the gateway has to be able to rewrite the URLs in the HTML pages served from those internal web sites, so that the links that the remote SSL user sees work correctly and take the user back into the corporate network. Thus, the testing VPNC performs is around this goal: make sure that the SSL VPN gateways act correctly when put in front of one or more internal corporate web servers.

2. What SSL testing logos are available?

In the SSL VPN area, VPNC is currently testing for five conformance logos: SSL Portal, SSL Exchange, SSL Firefox, SSL File Access and SSL JavaScript. Details for each of these tests are available in the interoperability test area of the VPNC web site.

3. Are the tests reproducible?

Yes. The entire web setup for the SSL Portal test, including the Apache configuration file for the sites, can be downloaded from the VPNC web site. In addition, the email messages used in the SSL Exchange test are also freely available.

4. How many members does VPNC have?

The number fluctuates over time, but it is currently above 30, and growing. Most of the members participate either in the SSL VPN testing or the IPsec testing; some participate in both.

5. Who can join VPNC?

Any vendor who manufacturers VPN hardware and software products, or any service provider who offers VPN services. Currently, all members are hardware and software vendors.

6. Do you have to be a member to participate in the testing?

Yes. The reason for this is that VPNC's testing programs are on-going, meaning that we re-test systems when their software changes or the testing parameters change. We can only assure that capability by requiring that all systems with the logos are from current members.

7. What vendors have certified their SSL VPN Gateways?

A complete list of the vendors and tested products is available on the VPNC web site.

© 2004-2007 Breakaway Security Group - Terms of Service - Privacy Policy - Contact Us - Advertising Information