Ig1 VPN: Security tools
Security is the foundation of any IT project, we help you to start with a solid basis : secure your links with point to point VPN
All in One appliance easy to deploy, configure and maintain on all regions
Integrated as a Kernel module, no software performance limitation
HA designed, traffic automatically load balanced between available routes
State of the art cryptography: modern and secure ciphers
We links your infrastructure across the Word
IG1 VPN is based on Wireguard VPN which works as a kernel module with virtual interface. This greatly reduces layers for higher performance
Because several routes with same weight and “hop” numbers are announced, we can leverage the multiples routes simultaneously by activating ECMP on local router. That way traffic is automatically load balanced
State of the art Cryptography
By design, Wireguard VPN, core of IG1 VPN use latest and highly secure cryptography algorithm: Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF
As a very light kernel integrated module combined to high-speed cryptography primitives, IG1 VPN is highly performant: 1Gbps on a single tunnel without CPU tuning
IG1 VPN integrates a custom BGP server with ICMP monitoring layer. BGP server pings remote IP and announce route to its BGP peers (local routers). If a remote IP does not answer to ping, traffic is automatically diverted to remaining route(s).
Light and simple
IG1 VPN is really light compared to other VPN solutions (IPSEC, OpenVPN, …). Minimalist by design means very few parameters to configure, easily auditable: really simple to deploy and increase security
High availability and Load Balanced
After starting Wireguard kernel module on each Tunnel end points, an virtual interface with a public IP is turned on. At this point, the VPN tunnel is up.
BGPing, a custom mage BGP server including an ICMP (Ping protocol) layer, instance started on each side of the Tunnel continuously pings the remote IP.
Thanks to its BGP server, each BGPing announces the remote route to its BGP peers: Infrastructure or virtual Routers. This remains valid until several pings are not responding. A this stage, the VPN is usable without redundancy
The deployment of a second VPN adds redundancy for High availability. Moreover, thanks to ECMP (routing protocol) used by Routers, the traffic is automatically load balanced between the Tunnel: both tunnel has same weight and same number of “hops”.