Simplifying VPN Deployments In Enterprise and Service Provider Networks

ALTEN Calsoft Labs provides a carrier grade Cloud VPN Gateway framework that simplifies VPN Deployments for enterprises. The platform offers standards based IPsec VPN services and management functionality with significantly higher performance as compared to legacy Cloud VPN Gateway appliances. Our framework addresses network service providers’ need, to deploy a future proof, scalable, carrier-grade IPsec VPN Gateway infrastructure that delivers breakthrough performance on industry standard X86 hardware. The framework has been architected to leverage Intel DPDK to deliver up to 25x performance gain in packet processing on IA, and extensively tested on commonly available servers with Intel Xeon processors.

A Cloud VPN Gateway solution is used to provide VPN connectivity to Wi-Fi users or wired residential/enterprise broadband subscribers. It forms an integral part of a Virtual CPE solutions with the addition of Firewall, VNF Manager, VNF Orchestrator, IDS/IPS and other services along with the IPsec VPN Gateway.


VNF Development
  • Architecture, design & development of Virtual CPEs
  • Intel DPDK based optimization for high performance
  • Support for different virtualization architectures (LXC/Para/Full Virtualization)
  • Support for different virtual environments (VMware/KVM/Xen)
  • Design and development of FCAPS and VNF lifecycle management framework
  • Development of VNF packages for a service deployment
  • Implement Network Services lifecycle management features
  • Integrate and validate with third-party NFV orchestrators or legacy NMS/OSS
VNF Benchmarking and Performance Tuning
  • Performance Benchmarking in Enterprise/Telco cloud environments
  • Performance improvements with Intel DPDK based optimization
  • Fast path optimization using offloading techniques
VNF Porting and Testing
  • Porting of Virtual CPE from custom silicon to standard x86 platform
  • Migration of Virtual CPE across different hypervisors/OS environments
  • Testing Virtual CPE using industry leading test tools/equipments


VPN Features

  • DPDK based, optimized IPsec for high performance Fast path processing
  • Runs as VNF on the Cloud Platforms – GCP and AWS
  • Leverages Suite B cryptographic algorithms like AES (CBC, CTR & GCM)for encryption and XCBC & SHA2 for Authentication
  • Customized config payload during tunnel establishment
  • Diffie-Hellman groups from 1(MODP-768) to group 18 (MODP-8192)
  • Deployable as Site to Site, Remote access VPN and Hub & Spoke
  • GRE Over IPSec for Transport mode
  • IKE-v2 with Rekey (Parent and Child Rekey)
  • Pre-Shared Key (PSK), X.509 Certificate-based authentication (PKI) & EAP
  • Client certificate Authentication using CRL, OCSP
  • Tunnel redundancy with High – Availability
  • Support 3GPP TS 33.320 V10.5.0
  • IKE fragmentation
  • Virtual IP pool, DHCP
  • NAT-T Support
  • Dead Peer Detection(DPD)/Liveliness Check
  • Various IKE, ESP & system statistics collection and logging
  • VPN Gateway package installation solution on Cloud platform
    (RPM, Debian)
  • OpenStack based Orchestration and Life Cycle Management
  • CLI and GUI based fault monitoring and status information
  • NETCONF & REST API support for remote configuration & monitoring
  • Granular and dynamic log level control


  • 90% Reduced CapEx
  • 90% Reduced OpEx
  • COTS Platform
  • Highly flexible Cloud VPN Gateway with easy product upgrades
Contact Us

If you’d like us to contact you, please fill out the form.

Not readable? Change text. captcha txt