Product Review: A little security

Many organizations are deploying VPNs to secure remote access or to protect wireless networks, and handheld devices should not be excluded from these security measures. Certicom Corp.’s movianVPN client allows Pocket PC and Palm users to connect their devices to VPN gateways using the IPSec VPN standard.

The easy-to-use movianVPN client works with 11 of the leading VPN gateways, including those from Check Point Software Technologies Ltd., Cisco Systems Inc., Nortel Networks Corp., and NetScreen Technologies Inc. The client software is different for each gateway, supporting many of the gateways’ features and functionalities, leading to higher interoperability levels. The client supports the most features with Cisco and Nortel VPN gateways. For example, movianVPN currently supports NAT Traversal with the Cisco VPN gateway.

Configuring the movianVPN client entails completing several steps. First, users define the vendor and IP address of the remote gateway. The information requested next depends on which gateway the user is using. In general, he or she will enter a user ID and password (pre-shared key) as well as the IP address or subnet on the remote network. Users also configure the IPSec options, such as encryption scheme, hash, and Diffie-Hellman Group (movianVPN supports elliptic curve cryptography, or Diffie-Hellman Group 7). Most of this information should either be configured by an administrator or be given to the user with specific instructions. The client includes several diagnostic and troubleshooting tools, such as a ping utility and IKE (Internet Key Exchange) log to troubleshoot IPSec VPN errors.

We tested the movianVPN client on a Hewlett-Packard Jornada 565 and tried to connect to a NetScreen and a Cisco gateway. Certicom provides step-by-step instructions on how to configure the client for each gateway, which are generally very useful. For the NetScreen gateway device, we needed to contact Certicom support and ended up having to create new Phase 1 and Phase 2 proposals, due to how the client tries to establish a tunnel with the NetScreen gateway. After this was straightened out, everything worked smoothly. We did not have issues with the Cisco gateway.

THE BOTTOM LINE: DEPLOY

Certicom movianVPN 2.10

Business Case: This client secures remote access and roaming connectivity from mobile devices.

Technology Case: Focusing on interoperability is important for organizations trying to maintain a standard configuration across platforms. The ability to preconfigure the client before sending it off to users would be helpful.

Pros:

+ Focuses on interoperability

+ Supports the major VPN gateways

Cons:

– No preconfigured distribution option

Cost: US$29.95 annual subscription

Platform(s): Pocket PC and Palm OS

Company: Certicom Corp.; http://www.certicom.com

Reach Analyst Mandy Andress atmandy_andress@infoworld.com.