|
As VPN deployments become larger and more mission-critical,
performance is a key concern. SecureXL is a framework of interfaces,
software modules and industry standards that enables Check
Point partners and customers to build cost effective VPN-1
solutions to meet the most demanding performance requirements.
The SecureXL framework, together with Check Point's commitment
to open systems, delivers industry-leading performance at
the lowest possible cost.
 SecureXL
API
VPN
Load Sharing and Failover
Integrated
VPN Quality of Service (QoS)
SecureXL
API
The key to Check Point's open performance architecture
is the SecureXL API - an open interface for offloading intensive
security operations to third-party hardware or optimized software.
SecureXL-enabled
solutions are available in a number of form factors
including software modules, PCI add-in cards, IPSec NICs,
and SecureXL-enabled appliances with network processors Rather
than limiting customers to a single proprietary accelerator,
devices utilizing the SecureXL API meet customer needs by
delivering multi-gigabit performance levels, multiple form
factors, and a range of price points.
VPN-1
XL is a software-base implementation of the SecureXL framework
that greatly accelerates encryption and security functions
on the Linux platform. By implementing access control, NAT,
accounting, encryption and anti-spoofing at the hardware interrupt
level, it greatly reduces the overhead associated with processing
packets. On select off-the-shelf systems, VPN-1 XL provides
over 300 Mbps AES and 150 Mbps Triple DES throughput with
no hardware acceleration. Integrated with FireWall-1 XL, it
also provides over 1.7 Gbps throughput for non-VPN traffic
to secure the most demanding networks
VPN
Load Sharing and Failover
VPN-1 solutions include revolutionary state synchronization
capabilities which enable VPN-1 Gateways to act in concert,
whether co-located or in disparate locations. With the ability
to synchronize VPN connection information, multiple VPN-1
Gateways can be deployed in a cluster to achieve near linear
gains in performance and seamless failover capability for
maximum VPN availability.
Check
Point VPN-1 solutions include two technologies - ClusterXL
and VPN Load Distribution - which enable unparallel performance
and fault-tolerance.
ClusterXL
is a high availability and load sharing solution for all traffic
through VPN gateways. Traffic of all types is distributed
across a cluster of VPN-1 Gateways resulting in near linear
performance gains as additional cluster members are added.
In addition, state-table information between all tables is
continuously synchronized. In the event that a single gateway
becomes unreachable, all new and ongoing connections are seamlessly
redirected to remaining cluster members. No connections of
any kind are dropped during a fail-over.
VPN
Load Distribution is a high availability and load distribution
solution for remote access VPN connections. Inbound VPN connections
are distributed across a cluster of VPN-1 Gateways. In the
event that any single gateway fails, new VPN connections will
automatically connect to remaining cluster members.
Integrated VPN
Quality of Service (QoS)
QoS is a requirement for any VPN deployment where performance
is important and where there is the possibility of congestion
on the Internet link. FloodGate-1 ensures optimal performance
for mission critical VPN-1 traffic, enabling customers to
migrate critical business traffic from private wide area networks
to the Internet.
|
