VPN Services
Dedictaed IP VPN Services
Remote VPN Services
VPN Security
IP VPN Dedicated lets you send data across our global IP infrastructure with the
security you expect of a private network, at an economical price.
Protection against unwanted access to your network
- We provide tested IPsec-based VPN routers, as well as multiple access methods, including
leased line, NxT1 MLFR, and DSL.
- Access Control Lists (ACLs) and router-based firewall support provide a layer of
IP traffic security, helping protect you against unwanted access to your network.
A network built around your business needs
- Availability on NSI's IP network in more than 34 countries around the
world, and in over 100 more countries through third-party access.
- Traffic Shaping/Bandwidth Allocation helps provide real-time prioritization of outbound
data from your LAN to the edge of our IP network.
- Flexibility with hub-and-spoke, full-mesh, or mixed topologies is available (Internet
access can be easily included).
- Our scalable service is easy to reconfigure as your business expands.
- Competitive Service Level Agreements (SLAs) for all access types, including third
party access.
Top
Peace of mind through resiliency options and our IP network
- World-class network performance is provided by our Global IP backbone with built-in
redundancy (access from 128 Kbps for small offices to OC-12 for large hub sites).
- Optional resiliency features, such as Cold Standby, ISDN Back-Up, Diverse Shadow,
and Dual CPE Redundancy provide added peace of mind.
Fully managed service
- A fully managed WAN service that can help reduce the cost and management difficulties
associated with providing internal engineering, operations, and technical support
services for enterprise networks.
- World class Managed Network Service NOC provides around-the-clock network management,
while NSI dedicated field technicians provide on-site installation and maintenance
24 x 7.
Technical Features
- Topology Options. NSI offers Hub and Spoke, Fully Meshed, and Joined
VPN designs to support your communications requirements.
- Standards-Based Technology. IP VPN Dedicated Services rely on industry standard
IPSec tunneling and end-to-end encryption protocols.
- VPN Security. NSI uses a key management system based on SNMP V3 passwords
to maintain control over access to your VPN.
- Automated Management. The equipment required for IP VPN Dedicated Services
also includes automated management options that allow you to dynamically change
your security policies.
- Fail-Over Support. NSI's Frame to VPN fail-over configuration provides
a back-up communications path if your frame relay connection becomes unavailable.
- Resilient Node Designs. NSI also offers resilient node designs that provide
shadow and ISDN backup, load-sharing configurations, dual CPE fail-over, super-hub
designs, and cold spare options.
- Network Address Translation (NAT). Your remote users are able to connect
through third-party broadband access providers.
Top
Technology Requirements
- Dedicated Connection.A dedicated T1 or T3 connection to NSI's global
IP backbone is required.
- Customer Premises Equipment. IP VPN Dedicated Services is based on either
the Lucent Access Point router, or a Cisco encrypting router. In addition, an out-of-band
modem and all required cables are provided within your service package.
Implementation path
Your NSI sales representatives will work closely with you to evaluate your network
needs to help ensure you receive the most effective managed VPN solution. We also
consult with our engineers to ensure the IP VPN Dedicated Services solution is the
best one for your organization.
If your application includes a dial component, or has any non-U.S. locations, we
are required by the U.S. federal government to perform export screening to verify
that all applicable countries allow the import and export of encrypting routers
and encryption technology. Both these processes are usually completed within several
days of submitting the required paperwork.
- Opportunity Review process to approve application
- Contract presented to customer
- Orders submitted
- Provisioned and fulfilled
Top
Remote VPN is a flexible suite of fully managed remote access solutions that help
reduce the complexities of implementing and maintaining remote access for employees.
- Solutions are scalable and easy to reconfigure as your business expands.
- All are backed by competitive SLAs (Service Level Agreements).
- Our premier client software, Access Manager, lets you easily manage remote access
from virtually anywhere in the world.
Technical Features
- Standards-Based Technology. IP VPN Remote Services rely on industry standard
tunneling (IPSec, L2TP, and PPTP) and encryption (DES and 3DES) protocols.
- Load Balancing and Fail-Over Support. These additional features help ensure
the reliability of IP VPN Remote Services.
- Split Tunneling. Companies can provide simultaneous Internet and intranet
connectivity via IP VPN Remote Services.
Technical Requirements
- Dedicated Connection. A dedicated T1 or T3 connection to NSI's global
IP backbone is required.
- Customer Premises Equipment.
- Nortel VPN Router. This VPN gateway connects directly to the company's Ethernet
network and runs Nortel Extranet Access software. The Nortel VPN Router can be configured
to permit PPTP, L2TP, Internet Protocol Security (IPSec) tunnels and SSL.
- Cisco Concentrator Router. This terminating router can be managed in-house
or management can be outsourced to NSI. The Cisco Concentrator permits L2TP
and IPSec tunnels.
- Remote Access. Network access is available for end-users via dial-up, DSL,
cable, or wireless connections.
- Client Software. This software establishes tunnels from the end-user's PC
through the network and runs on Microsoft Windows 2000 and Windows XP operating
systems.
Top
Implementation Path
Before implementation begins, your NSI sales representatives may engage different
teams within your organization to evaluate your network needs, to help ensure your
business gets the most effective VPN solution. NSI engineers will also review
your proposal and verify that the IP VPN Remote Services solution is the best one
for your organization.
- As part of the implementation process, NSI is required by the U.S. federal government
to perform and export screening that verifies applicable countries allow the import
and export of encrypting routers and encryption technology.
- After the contract is signed, NSI engineers receive orders for the dial portion
and the dedicated T1 or T3 connections.
- Installation timeframes begin once the installation group receives all approved
paperwork.
- The Cisco router and the Contivity/Cisco hardware is configured prior to sending
it to your location.
VPN Security
IP VPNs use industry-standard tunneling, encryption, and authentication to provide
secure and private data services over a shared network infrastructure.
How it works
- Tunnels allow private network sessions to run inside public network sessions (IPSec)
- Encryption is used to “scramble” confidential information as it travels across the
shared network (DES or 3DES)
- Authentication determines if the gateway or user is allowed access
- Authorization mandates what the user is permitted to do on the network
Top
Securing the data
- IPSec protects/authenticates IP packets between IPSec devices
- DES and 3DES invoke 56-bit keys to encrypt 64-bit blocks of data
- Firewalls can help protect your network—and your PCs—from port-scanning, intrusion,
and other malicious acts
- PKI lets public network users exchange data more securely using digital certificates
- Strong Authentication combines something the user has and something the user knows
Tunneling
Tunneling is a means of sending traffic to a destination by encapsulating data packets.
- IP Security (IPSec) has become one of the most widely used means of securing data
by many VPN component manufacturers:
- Protects/authenticates IP packets
- Provides for authentication, confidentiality, and integrity
- Enables split tunneling
- Layer Two Tunneling Protocol (L2TP) can be used two ways:
- As a means of destination management
- As a network-based tunnel tool by Internet service providers
Encryption
Encryption renders sensitive data useless if intercepted by unintended parties.
- DES invokes keys to encrypt, or scramble, blocks of data
- Both sender and receiver must use the same key when sending and receiving the message
- Triple DES (3DES) achieves a higher level of security by encrypting the data three
times over
Top
Protect your data with state-of-the-art security from NSI
How it works
- Tunnels allow private network sessions to run inside public network sessions (IPSec)
- Encryption is used to “scramble” confidential information as it travels across the
shared network (DES or 3DES)
- Authentication determines if the gateway or user is allowed access
- Authorization mandates what the user is permitted to do on the network
Securing the data
- IPSec protects/authenticates IP packets between IPSec devices
- DES and 3DES invoke 56-bit keys to encrypt 64-bit blocks of data
- Firewalls can help protect your network—and your PCs—from port-scanning, intrusion,
and other malicious acts
- PKI lets public network users exchange data more securely using digital certificates
- Strong Authentication combines something the user has and something the user knows
Tunneling
Tunneling is a means of sending traffic to a destination by encapsulating data packets.
- IP Security (IPSec) has become one of the most widely used means of securing data
by many VPN component manufacturers:
- Protects/authenticates IP packets
- Provides for authentication, confidentiality, and integrity
- Enables split tunneling
- Layer Two Tunneling Protocol (L2TP) can be used two ways:
- As a means of destination management
- As a network-based tunnel tool by Internet service providers
Encryption
Encryption renders sensitive data useless if intercepted by unintended parties.
- DES invokes keys to encrypt, or scramble, blocks of data
- Both sender and receiver must use the same key when sending and receiving the message
- Triple DES (3DES) achieves a higher level of security by encrypting the data three
times over
Top