A client recently mentioned using a VPN consolidator for remote access to their server. I've never heard this term used before. Is it some type of slang that I'm not familiar with?
I did a bit of searching and I came up completely empty.
Asked
Active
Viewed 305 times
5
-
1"Concentrator," maybe? – Shane Madden Jun 03 '11 at 19:25
-
1Maybe they meant "VPN concentrator". – joeqwerty Jun 03 '11 at 19:26
-
1@Shane Madden: Curses! You beat me to the punch. – joeqwerty Jun 03 '11 at 19:26
-
I'm not familiar with that either...What would that be? What is it used for? – Nate Jun 03 '11 at 19:27
1 Answers
7
Best guess: They used "VPN Consolidator" as a synonym for "VPN Concentrator". There is no hard'n'fast definition of a VPN concentrator either; it's generally just a device which is dedicated to being endpoint for (many) VPNs.
Say you had a good DMZ & dual firewall setup that is working well, and you don't want to change it. A new need for a large'ish number of simultaneous VPN connections for 'road warriors' arises. Your existing firewalls aren't built for high-speed cryptography, they don't have a processing power to handle many AES streams at once.
So you add a "VPN Concentrator" -- either a more modern firewall-style appliance with more CPU, or a full server -- and dedicate this box to handling the VPNs.
-
+1 usually these devices are intended to handle a large number of connections. Cisco's 3000 is probably the most widely-known product with the 'concentrator' moniker. – nedm Jun 03 '11 at 19:44
-
So it is effectivly a dedicated VPN appliance (sold as such or maybe software to run on a server)? – Nate Jun 03 '11 at 19:47
-
As @Jesper mentioned, there's no hard & fast rule, but the 'concentrator' label is typically found on some VPN appliances. I don't know of a software or distro out there that currently labels itself as a VPN concentrator, but that doesn't mean it doesn't exist. – nedm Jun 03 '11 at 19:52
-
3@Nate Bross: Yes, it is probably a dedicated VPN appliance. And most likely very similar to a regular firewall from the same vendor -- just with a faster embedded CPU and/or a dedicated AES co-processor for more encryption oomph. It could also just be an internal name given to a regular firewall dedicated to VPN handling; just to highlight its daily purpose in the architecture. – Jun 03 '11 at 19:53