ARC's IPShield provides IPSec, IKE internet security

Implements DES, 3DES, MD5, SHA and complies with authentication RFCs

IPShield from ARC International addresses the need for secure Internet communications by addressing the Internet Engineering Task Force (IETF) security standards -IPSec and IKE (Internet Key Exchange).

The goal of the IETF standards is to provide privacy, integrity and authentication for the transfer of information across IP networks, providing and end-to-end security solution.

IPShield supports a variety of security algorithms including DES, 3DES, MD5 and SHA-1, allowing for chained transforms, nested tunneling and replay-attack prevention. It protects against packet analysis during data transfer. Tightly integrated with ARC's Precise/RTCS TCP/IP stack, all input and output datapackets are redirected to IPSec when network security is enabled. IPShield also maintains callback functions to notify the applications of attacks.

The IKE defines the protocols related to the key distribution and management between peer computers involved in exchanging data. Once an IPSec policy has been decided, peer computers negotiate using IKE to establish a main secure tunnel for all traffic. This involves the generation of shared session keys. Only the two computers know both sets of keys. IKE implementation features include main mode, quick mode and aggressive mode, pre-defined groups MODP 768 (Group 1) and MODP 1024 (Group 2), automatic key exchange, automatic NAT traversal and manual key manager, and compliance with RFC2407, RFC 2408 and RFC2409.