Trispen Technologies has announced that it has included NAT traversal as a standard feature on all products in its highly regarded IP-Granite suite of products.
NAT traversal is a technique that resolves the inherent conflict between IPSec and network address translation (NAT), and allows for the extension of IPSec-based VPNs to parties behind a NAT device.
"This feature, which dramatically improves the reach and usability of a VPN, has already been part and parcel of IP-Granite since April," says Jaco Botha, MD of Trispen Technologies. "Trispen Technologies is one of the first in the world to include NAT traversal into its VPN offering."
Until recently, parties residing behind firewalls, routers and gateways that use NAT were prohibited from participating in an IPSec-based VPN. The reason for this is that while IPSec expects the IP address of the communicating parties to remain constant - rejecting any changes as a breach of security - a NAT device translates an IP address used within one network to a different IP address known within another network. This inherent conflict is resolved with a new technique known as NAT traversal.
NAT is the translation of an IP address used within one network to a different IP address known within another network. For example, and typically, a company maps its local inside network addresses to one or more global outside IP addresses (known to the Internet) and unmaps the global IP addresses on incoming packets back into local IP addresses. NAT conserves the number of global IP addresses that a company needs and it lets the company use a single IP address in its communication with the world.
"IP-Granite automatically detects when NAT is being performed and enables NAT traversal accordingly," says Andrew Roux, Support Manager at Trispen Technologies. "This is primarily achieved by encapsulating the secured IPSec traffic within a new UDP packet. UDP packets are capable of traversing NAT devices without any problems. The receiving IP-Granite device is intelligent to detect which UDP packets are encapsulated IPSec traffic, and processes them accordingly."
The addition of NAT traversal is great news to consultants and contractors who are connected to a client`s LAN, yet need to securely access e-mail, servers and tools from their own corporate network. It also allows remote users and teleworkers to access the corporate network from home or a hotel in a simple, yet secure fashion.
Secure VPNs utilising the IPSec protocol offer a number of distinct advantages over configuration-based VPNs built on MPLS or over frame-relay networks. These include enhanced flexibility, lower cost (upfront and ongoing), and strong security features - to name but a few. Through the use of NAT traversal, these VPNs can now be seamlessly extended to parties that were previously unable to participate in the VPN because they were situated behind a NAT device.
For more information about Trispen Technologies, the IP-Granite products or Trispen`s partner program, contact info@trispen.com or visit Trispen`s Web site www.trispen.com. Trispen can also be contacted at +27 12 667 9050.

