Of the new technologies emerging on the horizon, the S/WAN initiative—based on the fundamentals of IPSec—may make the biggest news. RSA Data Security is coordinating closely with most of the leading TCP/IP networking vendors to create a full range of interoperable VPN and security products. The S/WAN objective is to use the IPSec protocol suite to allow customers to mix and match virtually any firewall, stack, and router products into different configurations of a VPN. The various solutions we have covered, like the AltaVista Tunnel and the Cisco PIX firewall, are all single-vendor solutions. S/WAN would allow users and administrators the flexibility to deploy a network-wide VPN solution without having to retool the whole network and without a big outlay of capital equipment expenditures.

As with IPSec, S/WAN incorporates security encryption at the IP level, which is fundamentally more secure than higher level protocols in the TCP/IP suite like the SSL (Secure Sockets Layer). To guarantee interoperability, which is the primary goal of S/WAN, vendors must adhere to a common set of resources, software code, and implementations.

The S/WAN proposal utilizes RSA’s most advanced block encryption algorithm, the RC5 symmetric block cipher. RC5 keys can range from 40 bits to 128 bits and provide a fantastic degree of security, judging by the number of MIPS-years required to brute force attack a datagram. To accommodate backward compatibility and the U.S.’s restriction on exporting ...