New features & improvements
ML-IP bonding of any connection
Auto link failover/backup links
AES encryption support
Better management assistant
Upgrade to OpenBSD 2.9
NAT Support for IPSec Tunnels
DHCP Server improvements
Upgrading ePipe ServerWare
The software release 2.3.0 for ePipe ServerWare is now available. The 2.3.0 software offers many new benefits to existing and new ePipe customers. Some of the major improvements are:
The new features and improvements in ePipe ServerWare are:
Multilink IP (ML-IP) provides bonding of IP traffic flows across any network infrastructure, end-to-end. ML-IP incorporates ePipe's patent pending E2B (End-to-End Bonding) technology used to bond Internet links together for the transmission of traffic across an IPSec VPN.
Until recently, E2B only supported Internet (or private network) links which used PPP (the Point to Point Protocol). Links that use PPP include dial-up modem and ISDN as well as many ADSL services.
Now, ML-IP (previously E2B) supports any PPP or Ethernet based link, including connections via 3rd party access routers. This substantially increases the flexibility and type of Internet or private network links that can be bonded together. For example, an ePipe ServerWare system can now bond multiple Internet links connected via SDSL, Frame Relay, ISDN router, and many more. In the ePipe this means that dial-up, PPPoE and IPoE links can all be bonded together in an ML-IP bundle.
Any access router or modem that can be connected to Ethernet can be connected to ePipe ServerWare and all such connections are supported by ML-IP and E2B.
ePipe software 2.3.0 now supports automatic fail-over to one or more backup links in the event the primary link(s) are disconnected. This facility enables a network to stay connected to the Internet and to other sites via VPNs in the event that all primary links are disconnected. For example, an ePipe ServerWare system with an ADSL service can now auto fail-over to an ISDN or analog modem backup link in the event the ADSL service is disconnected. This facility provides maximum uptime for Internet connected networks in the wired world.
IKE is a protocol designed to automate the establishment of IPSec tunnels, with the goal of making large, multi-vendor VPN networks easier to install and manage. IKE achieves this by automatically negotiating and exchanging all information necessary to setup an IPSec tunnel between two (2) IPSec devices or gateways.
IKE has been built into the ePipe 2.3.0 software to enable ePipe ServerWare to interoperate with other leading IPSec devices, including:
This enables IPSec tunnels to be established between ePipe and most other IPSec devices, although without the advantages of using ML-IP or E2B, as the 3rd party device would need to support these technologies to achieve IP-layer bonding.
The following vendors equipment or software has been tested successfully:
AES (Advanced Encryption Standard) or Rijndael is the new encryption standard selected by the US Government to replace DES (Data Encryption Standard) and 3DES. AES is both more efficient and cryptographically stronger than 3DES.
AES is now supported in all ePipes running 2.3.0 software. The ePipe implementation of AES uses 128 bit keys and is supported by both E2B-IPSec and IKE-IPSec tunnels for bulk encryption.
All of the pre-defined filter rules created by the ePipe Management Assistant are now stronger with closer matching of packets based on source and destination port numbers. Each filter rule can also be limited to allow packets based on time of day and day of week, providing the network administrator with greater control over Internet and VPN access.
ePipe's browser-based user interface has been improved, with better usability based on feedback from customers. Some of the changes include:
The ePipe kernel is based on the UNIX operating system OpenBSD, designed and built as a secure operating system. With ePipe 2.3.0 software, ePipe has upgraded the OpenBSD kernel to version 2.9, which incorporates the latest improvements in network, driver, IPSec and filtering improvements to the ePipe range.
Each link, whether it be dial-up, xDSL, cable or router based, can now be configured to only connect between specific times of the day. This is available in the bandwidth settings for each link, through the Bundle Manager, in the ePipe Management Assistant. This is useful when Internet services are charged based on time and the customer wishes to minimize these charges when no one is using the Internet. For example, Internet links could be setup to connect at 8am and disconnect at 6pm to span the normal working day.
Dynamic NAT is now supported on E2B based IPSec tunnels (client end only). This may be useful in situations where there are multiple E2B-IPSec tunnels to IP subnets which use the same IP addresses. NAT can be used to effectively hide the IP addresses of the remote networks from the central site. Note that NAT does not work with all application traffic traversing the tunnel.
The DHCP Server in ePipe ServerWare has been significantly improved. The following options can now be set in the DHCP Server providing more flexibility and control over the settings allocated to the DHCP clients:
Upgrades to ePipe ServerWare are free for the first 12 month period following the initial purchase of the product and registration with ePipe. Additional support agreements may exist that extend this period beyond the initial 12 months.