Simplifying VPN Deployments In Enterprise and Service Provider Networks

ALTEN Calsoft Labs provides a carrier grade Cloud VPN Gateway framework that simplifies VPN Deployments for enterprises. The platform offers standards based IPsec VPN services and management functionality with significantly higher performance as compared to legacy Cloud VPN Gateway appliances. Our framework addresses network service providers’ need, to deploy a future proof, scalable, carrier-grade IPsec VPN Gateway infrastructure that delivers breakthrough performance on industry standard X86 hardware. The framework has been architected to leverage Intel DPDK to deliver up to 25x performance gain in packet processing on IA, and extensively tested on commonly available servers with Intel Xeon processors.

A Cloud VPN Gateway solution is used to provide VPN connectivity to Wi-Fi users or wired residential/enterprise broadband subscribers. It forms an integral part of a Virtual CPE solutions with the addition of Firewall, VNF Manager, VNF Orchestrator, IDS/IPS and other services along with the IPsec VPN Gateway.


VNF Development
  • Architecture, design & development of Virtual CPEs
  • Intel DPDK based optimization for high performance
  • Support for different virtualization architectures (LXC/Para/Full Virtualization)
  • Support for different virtual environments (VMware/KVM/Xen)
  • Design and development of FCAPS and VNF lifecycle management framework
  • Development of VNF packages for a service deployment
  • Implement Network Services lifecycle management features
  • Integrate and validate with third-party NFV orchestrators or legacy NMS/OSS
VNF Benchmarking and Performance Tuning
  • Performance Benchmarking in Enterprise/Telco cloud environments
  • Performance improvements with Intel DPDK based optimization
  • Fast path optimization using offloading techniques
VNF Porting and Testing
  • Porting of Virtual CPE from custom silicon to standard x86 platform
  • Migration of Virtual CPE across different hypervisors/OS environments
  • Testing Virtual CPE using industry leading test tools/equipments


VPN Features

  • DPDK based, optimized IPsec for high performance Fast path
  • Runs as VNF on the Cloud Platforms – GCP and AWS
  • Supports jumbo frames as well as unicast and multicast features for
    voice, video, and data traffic in diverse, large-scale applications.
  • Leverages Suite B cryptographic algorithms like AES (CBC, CTR &
    GCM) for encryption and XCBC & SHA2 for Authentication
  • Diffie-Hellman groups from 1(MODP-768) to group 18 (MODP-8192)
  • Deployable as Site to Site, Remote access VPN and Hub & Spoke
  • GRE Over IPSec for Transport mode
  • IKE-v2 with Rekey (Parent and Child Rekey)
  • Pre-Shared Key (PSK), X.509 Certificate-based authentication (PKI)
  • Client Authentication using CRL, OCSP & EAP
  • Support 3GPP TS 33.320 V10.5.0
  • IKE fragmentation
  • Virtual IP pool, DHCP
  • NAT-T Support
  • Dead Peer Detection(DPD)
  • Various IKE, ESP and system statistics collection and logging
  • VPN Gateway package installation solution on Cloud platform
    (RPM, Debian)
  • OpenStack based Orchestration and Life Cycle Management
  • CLI based fault monitoring and status information
  • REST API support for remote configuration and monitoring


  • 90% Reduced CapEx
  • 90% Reduced OpEx
  • COTS Platform
  • Highly flexible Cloud VPN Gateway with easy product upgrades



Contact Us

If you’d like us to contact you, please fill out the form.

Not readable? Change text. captcha txt