|
contents | technologies | |||||||
| Apani VPN clients not impacted by ISAKMP vulnerability Apani Networks, the leading enterprise network security software provider focused on securing inside the network perimeter, today addressed a new vulnerability in the Internet Security Association and Key Management Protocol (ISAKMP) used in IPSec VPNs and firewall products produced by a number of networking hardware companies which could open enterprise networks to denial-of-service attacks and other security breaches. Apani reports that the company's VPN client products are not affected by this new vulnerability even though Apani's VPN clients use ISAKMP to communicate with each other. According to an advisory from the British National Infrastructure Security Co-ordination Centre and the Finnish CERT, the vulnerability's severity varies by software vendor and is restricted to servers. Apani VPN customers should consult the server-device provider for recommended actions and patches. The ISAKMP provides associations for security protocols and helps to establish secure links over the Internet. Since IPSec encrypts packets and creates secure tunnels for traffic traveling over the public Internet and into corporate network environments, ISAKMP plays a key role in helping remote access users securely connect to their company's corporate networks. The new security flaw could create DoS conditions, slow data traffic over the Internet or gain control over a network device to render it unusable. Apani Networks has an installed base of Multi-OS VPN clients rich with features that allow clients to seamlessly interoperate with leading VPN gateways for effective IPsec-protected secure remote access. Apani's family of VPN clients enables users to establish secure encrypted tunnels from a client computer to Contivity VPN switches to encrypt and authenticate IP-based communications from public or private networks. write your comments about the article :: © 2005 Networking News :: home page |