Wednesday, February 20, 2008

Tunnel-less VPN with Cisco Group Encrypted Transport (GET) - Part1

Nowadays, the requirement for encrypted communication between business locations is part of the standard requirements from our customers. More and more regulatory laws force the use of encrypted communication.

The classic scalability issue with IPSec site-to-site encryption is that it requires each location to have a VPN to every other location. In other words, we will need N^2 tunnels defined on a network with N devices. This is obviously, a non scalable solution.



A partial list of this and other scalability issues of the site-to-site VPNs are:
  • Require a full mesh. In other words, require N^2 tunnels to be defined.
  • Create an overlay logical network over the network. In many cases, this also means, having different routing tables. One for the encrypted path and one for the regular path.
  • Only basic QoS supported
  • Very inefficient multicast replication


To work around these issues Cisco created the Group Encrypted Transport (GET) VPN. Among the benefits GET VPN offer are:
  • Scalable architecture
  • Any-to-any instant connectivity
  • Native routing with no overlays
  • Support for Advanced QoS
  • Efficient Multicast replication
  • Transport agnostic (works with private LAN/WAN, FR/AATM, IP, MPLS)

GET VPN defines one or more key-servers which authenticates group members, distributes keys and policies. The traffic is encrypted on demand basis by the group members (i.e. participant routers). Contrary to IPSec which defines a new IP header, GET VPN preserve the original IP header and thus maintain QoS and multicast information for the connection.



Representation of an IP packet, IPSec Encrypted Packet and GET Encrypted Packet:
For more technical information on Cisco Group Encrypted Transport VPN visit this site.

The next part of this tutorial will cover actual configuration examples of GET VPN.

23 comments:

  1. This is a great inspiring article.I am pretty much pleased with your good work.You put really very helpful information. Keep it up. Keep blogging. Looking to reading your next post. best vpn services

    ReplyDelete
  2. I really appreciate this wonderful post that you have provided for us. I assure this would be beneficial for most of the people. VPN China

    ReplyDelete
  3. Replies
    1. professionals could check out the and determine if it might fit with the objectives of a task or job. they need to determine whether the would be ready to complete the work as a task couldn't be completed without the proper. Women's Bikini Swimsuits

      Delete
  4. You will have to strictly adhere to the company policies while using the network. This may restrict you from doing things that do not concern the company.one of top vpn i used

    ReplyDelete
  5. It is very important for the device that you use to be compatible. Make sure you ask about the service before you plan to use VPN services on your iPad. Best VPN service

    ReplyDelete
  6. Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. Cheap VPN

    ReplyDelete
  7. Your article is absolutely right. I operate a small freelance web development business at home and some of my clients are looking for ways to access their website’s visitor’s information. I don’t question them why but I’m sure it’s just to send them promotional emails or to make sure they’re speaking to the right target audience. Because I know that’s how some sites work, I wanted to give protection for myself so I tried out VPN services from ExpressVPN. So far, it seems to be working out well. I haven’t completed the 30-day money-back guarantee period yet, but I think I’ll continue using the software.

    ReplyDelete
  8. "I’m truly enjoying the design and layout of your website.
    It’s a very easy on the eyes which makes it much more enjoyable"
    Regards: Dream Market

    ReplyDelete
  9. I havent any word to appreciate this post.....Really i am impressed from this post....the person who create this post it was a great human..thanks for shared this with us. dedicated vps

    ReplyDelete
  10. I would like to say thank you for sharing the Informative article, this is a very Informative article about deep learning. You are doing a great job, keep it up.
    business directory

    ReplyDelete
  11. "Your style is unique in comparison to other people I have read stuff from.
    Thanks for posting when you have the opportunity, Guess I’ll just bookmark this
    web site."
    Regards: Eve Hunt

    ReplyDelete
  12. In call center business, you need the best security system. Otherwise, business will not trust to conduct any type of business. If they feel that call centers can leak their information they will refuse to hire. So you can choose ours to have the best call centers.

    ReplyDelete
  13. Just learned something new, thanks for sharing all this information with us.
    Buy custom logo design

    ReplyDelete
  14. I am very happy after visiting your website with very useful information. I am from one of the digital marketing agency... To visit my agency click on link Visitdigitalguru

    ReplyDelete
  15. Thanks for sharing informative content…Find best digital marketing company to know more and Contact us on given no.…

    ReplyDelete
  16. Thanks for sharing information with us…satisfied after visiting your blog…. Learn the latest trends & their practical application by experts with us…you can contact us click on
    Visit ISMT India

    ReplyDelete
  17. This content material is written very well. Your use of formatting when making your factors makes your observations very clear and clean to apprehend. Thank you.


    law dissertation Writing Service

    ReplyDelete