[1221] in WWW Security List Archive
RE: Internet Tunnel question
daemon@ATHENA.MIT.EDU (Steve McIntosh, IBG, 603-881-6049 )
Thu Dec 7 17:12:52 1995
Date: Thu, 7 Dec 1995 13:48:23 -0500
From: mcintosh@zeke.enet.dec.com (Steve McIntosh, IBG, 603-881-6049 07-Dec-1995 1339)
To: "cprince@mfi.com"@ZKONS1.enet.dec.com
Cc: "www-security@ns2.rutgers.edu"@ZKONS1.enet.dec.com,
MCINTOSH@zkons1.zko.dec.com
Errors-To: owner-www-security@ns2.rutgers.edu
Cheryl,
Here is a brief introduction to the tunnel:
Digital Internet Tunnel Overview
Using IP encryption, the Digital Internet Tunnel allows you to use
the public Internet as a secure, cost-effective extension or alternative
to your private network.
This product differs from many other IP encryption products in
its enhanced flexibility:
1) It is firewall independent and is compatible with
many popular firewalls.
2) The authentication of tunnel end-points is
user-based (not IP address-based) for greater
mobility.
There are two types of tunnel products offered: group tunnels and
personal tunnels. The Digital Internet Personal Tunnel enables you
to securely connect a client personal computer to a server in a
private network via the Internet. The Digital Internet Group Tunnel
lets you connect two servers-or two private networks-to support
confidential organization-to-organization communications.
The Digital Internet Tunnel employs RSA public key encryption for
authentication and session key exchange, and RC4-based secret keys
for bulk data encryption. Cryptographic identity and keys are tied to
the user, leaving the IP address free to be dynamically assigned. Once
the authenticated tunnel session is created, the tunnel server and
tunnel client automatically switch from RSA public key encryption to
RC4-based secret key encryption to perform bulk data encryption and
transmission. At 30-minute intervals, the tunnel client and server
pass new session keys back and forth to decode transmitted data.
During data packet transmission, each packet is integrity protected
and authenticated by MD5.
Please visit our home page:
http://www.digital.com/info/internet
Best Regards,
Steve McIntosh
Internet Security Product Mgmt
Digital Equipment Corporation
mcintosh@zko.dec.com
3
�
Primary Components of The Digital Internet Personal Tunnel:
The Digital Internet Personal Tunnel features native Windows 95 in-
stallation and tunnel management capabilities and is based on Microsoft's
TCP/IP stack - an integral part of the Windows 95 and Windows NT[TM]
operating systems.
HARDWARE REQUIREMENTS
Processors Supported: 80486 or higher
Other Hardware Required:
In general, the Digital Internet Personal Tunnel provides enhanced se-
curity to TCP/IP network transmissions over the Internet. Thus, all
the hardware (e.g. modems) necessary to implement a remote TCP/IP net-
working environment should already be in place. The tunnel requires
no additional hardware or software besides the tunnel product itself.
For installation, the system must have a 3.5" floppy disk drive.
Disk Space Require- 5 MB free disk space
ments:
Memory Requirements: 8 MB RAM
4
�
SOFTWARE REQUIREMENTS:
Version 1 of the Digital Internet Personal Tunnel requires Microsoft
Windows 95.
Other software requirements:
As stated above, the Digital Internet Personal Tunnel provides enhanced
security to TCP/IP network transmissions over the Internet. Thus, all
the software (e.g. dialup networking) necessary to implement a TCP/IP
networking environment should already be in place.
GROWTH CONSIDERATIONS:
The minimum hardware/software requirements for any future version of
this product may be different from the requirements for the current
version.
DISTRIBUTION MEDIA
The personal tunnel is available on 3.5" floppy disk.
The printed documentation for this product may be ordered separately.
ORDERING INFORMATION
International:
U.S./Canada:
5
�
SOFTWARE LICENSING
This software is furnished under the licensing provisions of Digital
Equipment Corporation's Standard Terms and Conditions. For more in-
formation about Digital's licensing terms and policies, contact your
local Digital office. Possession, use, or copying of the software de-
scribed in this publication is authorized only pursuant to a valid writ-
ten license from Digital or an authorized sublicensor.
SOFTWARE PRODUCT SERVICES
In addition to standard Software Product Services (SPS) remedial ser-
vices, consulting services for planning, designing, and implementing
a custom security system are also available. For more information, con-
tact your local Digital office.
SOFTWARE WARRANTY
Warranty for this software product is provided by Digital with the pur-
chase of this software package.
This product is intended to assist customers in maintaining an appro-
priately secure systems environment when used in conjunction with cus-
tomers' vigilant operational security practices. Digital does not guar-
antee or warrant that the use of this product will provide complete
security protection for customers' systems.
) 1995 Digital Equipment Corporation. All rights reserved.
[R] UNIX is a registered trademark in the United States and other
countries licensed exclusively through X/Open Company Ltd.
[R] Intel is a registered trademark of Intel Corporation.
[R] Microsoft is a registered trademark and Windows and Windows
NT are trademarks of Microsoft Corporation
[TM] The DIGITAL Logo, Alpha Server, AlphaStation, DEC, DECnet,
and Digital are trademarks of Digital Equipment Corporation.
6
