Ig1 VPN: Security tools

Security is the foundation of any IT project, we help you to start with a solid basis : secure your links with point to point VPN

Simple

All in One appliance easy to deploy, configure and maintain on all regions

Performant

Integrated as a Kernel module, no software performance limitation

Resilient

HA designed, traffic automatically load balanced between available routes

Secure

State of the art cryptography: modern and secure ciphers

We links your infrastructure across the Word

Kernel Integrated

IG1 VPN is based on Wireguard VPN which works as a kernel module with virtual interface. This greatly reduces layers for higher performance

Load balanced

Because several routes with same weight and “hop” numbers are announced, we can leverage the multiples routes simultaneously by activating ECMP on local router. That way traffic is automatically load balanced

State of the art Cryptography

By design, Wireguard VPN, core of IG1 VPN use latest and highly secure cryptography algorithm: Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF

High performance

As a very light kernel integrated module combined to high-speed cryptography primitives, IG1 VPN is highly performant: 1Gbps on a single tunnel without CPU tuning

High availability

IG1 VPN integrates a custom BGP server with ICMP monitoring layer. BGP server pings remote IP and announce route to its BGP peers (local routers). If a remote IP does not answer to ping, traffic is automatically diverted to remaining route(s).

Light and simple

IG1 VPN is really light compared to other VPN solutions (IPSEC, OpenVPN, …). Minimalist by design means very few parameters to configure, easily auditable: really simple to deploy and increase security

High availability and Load Balanced

Tunneling

After starting Wireguard kernel module on each Tunnel end points, an virtual interface with a public IP is turned on. At this point, the VPN tunnel is up.

Monitoring

BGPing, a custom mage BGP server including an ICMP (Ping protocol) layer, instance started on each side of the Tunnel continuously pings the remote IP.

Annoucing

Thanks to its BGP server, each BGPing announces the remote route to its BGP peers: Infrastructure or virtual Routers. This remains valid until several pings are not responding. A this stage, the VPN is usable without redundancy

Load Balancing

The deployment of a second VPN adds redundancy for High availability. Moreover, thanks to ECMP (routing protocol) used by Routers, the traffic is automatically load balanced between the Tunnel: both tunnel has same weight and same number of “hops”.

Start the conversation

We provides a Q&A service that keeps our engineers “on-the-line” to support your in-house team. Ask our team for more information.

Start the conversation