Makers Blog

End-2-End encryption with ViPNet VPN

infotecsgmbh 12 October 2021 min. read
1,361 views 0 comments

ViPNet VPN solution by Infotecs, virtualized via a docker container, is now available for PLCnext by Phoenix Contact. Deployment of ViPNet VPN on these devices protects data transfer within production environments to the endpoint and provides secure remote maintenance access to sensitive industrial systems and applications.

ViPNet Client for Linux is designed to be used in the ViPNet network. The ViPNet technology ensures encrypted communication between ViPNet hosts according to the “client-to-client” scheme, the feature that is lacking in many popular VPN solutions.

With the use of ViPNet software, the PLC can be used as a VPN Client and as a VPN Gateway at the same time. This gives you the option to connect securely not only to the PLC. It provides secure access to other IP-bases objects on site as well.

The ViPNet VPN protects traffic on a point-to-point level. Only the destination host has the decryption key for the encrypted traffic.

The encryption load is shifted from servers to clients. Powerful encryption servers are not needed. There is no bottleneck or single point of failure.

The traffic between clients is protected even against attacks from inside the corporate network.

Keys used for encryption are derived dynamically from pre-distributed symmetric keys. Each IP packet is encrypted using a newly derived key. Authenticity and integrity for every single IP-packet is based on unique identifiers that are protected against manipulation.

None of these host pair keys are used for more than two hosts.

Without the need of a handshake and session key generation ViPNet connections are protected against attacks aimed at the connection establishment procedure that could block the communication completely. Nor can a malicious user perform a MITM attack at the ViPNet connection to access the encrypted traffic.

The App is available in the PLCnext Store https://www.plcnextstore.com/permalinks/apps/latest/60002172000399 

infotecs.de/en

Note:

The Makers Blog shows applications and user stories of community members that are not tested or reviewed by Phoenix Contact.

Discussion

Please login/register to comment
Login/Register
Newsletter
Never miss a new article
Sign up for the newsletter
Never miss news about PLCnext Technology
Get interesting content via newsletter four times a year
Receive exclusive information before all other users