IPSec is a standards-based protocol, and as such, the Internet Engineering Task Force (IETF) and other standards bodies have provided substantial requirements to meet the standards defined in the IETF's IPSec-related RFCs. However, there are no requirements currently defined by the IETF that specifically address IPSec High Availability (HA) requirements. This chapter examines several key components of IPSec virtual private network (VPN) design that make up a highly available design in a multi-vendor deployment. Within the context of these topics, this chapter discusses several barriers to HA design that vendor HA interoperability presents. The chapter then covers several options within IPSec itself that can be used as design alternatives to deliver a certain degree of HA in a vendor-diverse environment. |