The new 5i, 10i, 50i, and 100i gateways have been designed primarily with Nokia’s own Symbian-based smart phones and Communicator devices in mind, many of which ship with Nokia’s own IPSec client as standard.
However, Nokia has not limited the applicability of its new gateways to its own smart devices. Nokia VP of enterprise solutions, Bob Brace, said the gateways will work with any mobile device equipped with an IPSec VPN client. Brace specifically mentioned notebook PCs but interoperability should also stretch to Windows Mobile and Palm OS-powered devices with suitable client software.
The new gateways make use of Nokia’s IP Clustering technology, which allows multiple VPN gateways to function as one unit with a single IP address. This minimizes service disruption and allows for dynamic load balancing when new security appliance are added to or removed from a network.
The gateways also include a patent-pending technology known as Meta-Hop. This creates a self-learning, self-healing mesh network that tracks and routes traffic over multiple connection paths, maintaining session persistence between the server application and the client device if the current connection fails.
This feature will become more important as multi-radio devices such as Nokia’s 9500 Communicator, which features GPRS, EDGE and WLAN, become more common.
Mr Brace said the new gateways meet an increasing demand to run true-client server applications on mobile devices and offer an alternative to the web-based applications enabled by SSL VPNs while taking account of the variety of devices on offer. You can give SSL access to email but a lot of enterprises are rolling out applications, he said. It’s all very well coming up with another device but unless they’re integrated with IT systems it won’t succeed as well as it might.
The gateways are supported by Nokia’s VPN Manager. This allows centralized creation and updating of security policies and configurations as well as over-the-air provisioning and management to Symbian OS-based devices.
These features suggest a longer term focus by Nokia on OTA device management beyond security. That’s not something we’re doing today but we have the technology if you want to use it. There are APIs we could open to other vendors, said Mr Brace.
Nokia’s latest VPN gateways range from the $400 5i, which can support 20 simultaneous VPN tunnels, to the 100i, which will sell for $10,000 and support 100,000 concurrent tunnels. A lot of vendors charge per user, said Mr Brace. Even small enterprises could get a very low cost end-to-end product with the 5i.
