The Personal Ravlin is a cost-effective network security solution. It addresses the needs of individual remote users who access corporations via cable, xDSL, and ISDN modems. It is also an ideal solution for network administrators who seek to establish private communications within a corporate intranet by providing security at the desktop level.
The Personal Ravlin is a single-user hardware client that provides full IPSec Virtual Private Network (VPN) capability in a small form factor (can fit in the palm of your hand). Its low cost lets organizations establish security over private or public IP networks quickly and easily. Security administrators can deploy the Personal Ravlin in a number of ways: within a corporate LAN; behind a cable, ISDN, or xDSL modem; or behind an access router connected to a full-duplex T1/E1 wide-area network (WAN) circuit. The Personal Ravlin can be configured by the administrator to support either a single tunnel or multiple simultaneous tunnels.
Security administrators use the Ravlin Node Manager to set up and manage the Personal Ravlin.
The Personal Ravlin provides data privacy using industry-standard 56-bit DES and 168-bit Triple DES encryption. It provides authentication and access control with Digital Signature Standard (DSS), Diffie-Hellman key exchange, X.509 v.3 digital certificates, and IKE Key management. These security standards are part of the Internet Engineering Task Force (IETF) IP Security Standard (IPSec).
IP Security Standard (IPSec)
IPSec is the most secure and comprehensive standard available today for encryption, authentication, key
management, and anti-replay services. IPSec protocol interoperability lets Ravlin products exchange keys
and encrypted communications with all other IPSec-compliant products, so customers can mix and match
products from multiple IPSec vendors.
Encapsulating Security Payload (ESP) Tunnel Mode
ESP Tunnel mode provides the highest level of security between gateways. The original IP datagram is
encapsulated in a new IP packet using a new IP address as the source/destination of the packet. ESP Tunnel
mode uses 56-bit or 168-bit DES encryption.
Encapsulating Security Payload (ESP) Transport Mode
In ESP Transport mode, only the payload of the original IP datagram is encrypted. Like ESP Tunnel mode,
ESP Transport mode uses 56-bit DES or 168-bit Triple DES. Personal Ravlin units also support
authentication and anti-replay to secure IP datagrams without encrypting the data payload. ESP Transport
mode uses hashing to ensure that the data stream is not modified. This mode is only for end-to-end
communication.
Encrypt-in-Place (EIP) Mode
In EIP mode, only the payloads of IP datagrams are encrypted. Like ESP mode, EIP mode can use 56-bit DES
or 168-bit Triple DES. EIP mode is a RedCreek proprietary secure VPN technology. Although EIP mode is not
part of the IPSec standard, it combines high speed with all levels of encryption.
Anti-Replay Service and Use of Unique X.509 v.3 Certificates The Personal Ravlin uses IPSec anti-replay services to ensure that rogue packets cannot be inserted into a Ravlin-protected data stream. With anti- replay service, each IP datagram passing within the secure association is tagged with a sequence number. On the receiving end, the datagram is blocked if its sequence number does not fall within a pre-specified window.
Ease of Implementation and Administration
Standards-Based Security and Management
Interoperability
Low Cost of Ownership
Customer Support
RedCreek Communications, Inc. believes that our customers deserve lasting value and continuous
satisfaction with RedCreek products. Because of this belief, Redcreek, in participation with its VARs,
offers innovative support programs to assist with installation and configuration of Ravlin products.
Please reference RedCreek Customer Support
Personal Ravlin Technical Specifications
