Here is the list of freely distributable IPsec implementations:
_______________________________________________________________________
Name of Implementation: x-Kernel IPsec
Organisation: Univ. of Arizona, Dept of CS
IP versions: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: ESP-3DES
Key Management: manual, Photuris (draft 8, Elliptic curves)
Platforms: x-Kernel (U of AZ's research OS)
Lineage of IPsec Code: University of Arizona
Lineage of Key Mgmt Code: University of Arizona
Location of Source Code: ftp://ftp.cs.arizona.edu/xkernel/
xkernel.v3.2.security.tar.Z
Point of Contact: Hilarie Orman
Claimed Interoperability: KA9Q NOS (AH MD5, ESP DES),
JI (Photuris, AH MD5)
_______________________________________________________________________
Name of Implementation: ENskip
Organisation: ETH Zurich
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): Partial (SPI == 1 only)
ESP (RFC-1825,1827): Partial (SPI == 1 only)
AH MD5 (RFC-1828): YES, with 128, 64, & 32 bit keys
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: ESP-3DES, ESP-IDEA, ESP-RC4
Key Management: SKIP (draft 6)
Platforms: Solaris 2.4+, IRIX (version ??), NetBSD, Nextstep
Lineage of IPsec Code: ETH Zurich
Lineage of Key Mgmt Code: ETH Zurich
Location of Source Code: ftp://ftp.tik.ee.ethz.ch/pub/packages/skip
Point of Contact:
Claimed Interoperability: Sun SKIP
_______________________________________________________________________
Name of Implementation: ISAKMP with Oakley Extensions Key Mgmt Daemon
Organisation: cisco Systems
Which IP versions are supported: IPv4 and IPv6
Implemented Features:
AH (RFC-1825,1826): Not applicable
ESP (RFC-1825,1827): Not applicable
AH MD5 (RFC-1828): Not applicable
ESP DES (RFC-1829): Not applicable
Other AH Transforms: Not applicable
Other ESP Transforms: Not applicable
Key Management: ISAKMP with Oakley Extensions
Platforms: Any system with the NRL PF_KEY key management API
Lineage of IPsec Code: not applicable
Lineage of Key Mgmt Code: cisco Systems
Location of Source Code: http://web.mit.edu/network/isakmp/
http://www.cisco.com/public/library/isakmp.html
Note: Patent issues have been taken care of by cisco.
Point of Contact: Dan Harkins
Public Mailing List:
Claimed Interoperability: (UK) DRA Malvern's ISAKMP as of ISAKMP draft 4.
_______________________________________________________________________
Name of Implementation: ISI/USC
Organisation: Information Sciences Institute, USC
Which IP versions are supported: IPv4
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): NO
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): NO
Other AH Transforms: checksum, proprietary
Other ESP Transforms: none
Key Management: staticly configured
Platforms: BSD
Lineage of IPsec Code: Both NRL-derived and ISI-developed
Lineage of Key Mgmt Code: not applicable
Location of Source Code: (expected March 1996)
Point of Contact: Joe Touch
Claimed Interoperability:
_______________________________________________________________________
Name of Implementation: JI's IPsec
Organisation: John Ioannidis
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: HMAC MD5 in progress ???
Other ESP Transforms: none
Key Management: manual, Photuris (which draft ?) in progress,
PF_ENCAP keying interface, PF_ROUTE extensions
Platforms: BSD/OS 2.0
Lineage of IPsec Code: JI
Lineage of Key Mgmt Code: Angelos ??
Location of Source Code: (??) ftp://ftp.ripe.net/
Point of Contact: John Ioannidis Claimed Interoperability:
_______________________________________________________________________
Name of Implementation: KA9Q NOS
Organisation: Phil Karn
Which IP versions are supported: IPv4
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: ESP-3DES
Key Management: manual
Platforms: DOS with KA9Q NOS
Lineage of IPsec Code: Phil Karn
Lineage of Key Mgmt Code: not applicable
Location of Source Code: (available soon)
Point of Contact: Phil Karn
Claimed Interoperability:
_______________________________________________________________________
Name of Implementation: NIST/NSA IPSEC Prototype
Organisation: NIST & NSA
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: AH-HMAC-SHA, AH-HMAC-MD5
Other ESP Transforms:
Key Management: manual, PF_SADB interface
Platforms: BSD/OS, NetBSD, FreeBSD, DTOS
Lineage of IPsec Code: NIST & NSA
Lineage of Key Mgmt Code: NIST & NSA
Location of Source Code: (US-only expected March 1996)
Point of Contact: Rob Glenn, Rob.Glenn@nist.gov,
Michael Oehler, mjo@tycho.ncsc.mil, (301) 688-0849
Claimed Interoperability: TBD
________________________________________________________________________
Name of Implementation: NRL IPv6/IPsec Software Distribution
Organisation: Naval Research Laboratory (NRL)
Which IP versions are supported: IPv4 and IPv6
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: AH-HMAC-MD5, AH-HMAC-SHA
Other ESP Transforms: DES-CBC-MD5-Replay is planned.
Key Management: manual, PF_KEY Key Management API,
includes cisco's ISAKMP+Oakley daemon.
Platforms: any 4.4-Lite BSDish system, NetBSD, BSDI, 4.4 BSD
Lineage of IPsec Code: NRL, with some AH transforms contributed by NIST
Lineage of Key Mgmt Code: cisco Systems
Location of Source Code:
US: ftp://ftp.c2.org (see file "pub/README.US-only")
US: http://web.mit.edu/network/isakmp
US/Canada: http://www.cisco.com/public/library/ipsec.html
Europe: ftp://ftp.ripe.net/ipv6/nrl/
Point of Contact:
Claimed Interoperability: (all are for ESP DES, AH MD5)
Ascend, V-One, TIS, IBM, KA9Q,
& NRL-derived implementations
_______________________________________________________________________
Name of Implementation: Sun SKIP
Organisation: Sun Microsystems' Internet Commerce Group (Sun ICG)
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): in progress
ESP (RFC-1825,1827): in progress
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: ESP-3DES
Key Management: SKIP
Platforms: SunOS 4.1.x
Lineage of IPsec Code: Sun ICG
Lineage of Key Mgmt Code: Sun ICG
Location of Source Code: http://skip.incog.com
Point of Contact: Tom Markson
Claimed Interoperability: ETH Zurich's EnSKIP, Elvis SKIP
Here is the list of commercial/proprietary IETF IPsec implementations:
________________________________________________________________________
Name of Implementation: AccessSecure
Organisation: Ascend Communications
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES, with variable length keys
ESP DES (RFC-1829): YES, 32-bit or 64-bit IV
Other AH Transforms: none
Other ESP Transforms: none
Key Management: manual
Platforms: Ascend Pipeline and Max routers
Lineage of IPsec Code: Ascend (was MorningStar)
Lineage of Key Mgmt Code: not applicable
Location of Source Code: proprietary
Point of Contact: Karl Fox
Claimed Interoperability: NRL, Checkpoint, IBM, NIST, Raptor,
Secure Computing, SOS, TimeStep, TIS,
Gemini, KA9Q NOS
_______________________________________________________________________
Name of Implementation: ERP IPSEC
Organisation: Bellcore
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES, with 128, 64, & 32 bit keys
ESP DES (RFC-1829): YES
Other implemented AH transforms: none
Other implemented ESP transforms: none
Key Management: manual
Platforms: ???
Lineage of IPsec Code: ???
Lineage of Key Mgmt Code: not applicable
Location of Source Code: proprietary
Point of Contact: Antonio Fernandez
Claimed Interoperability:
_______________________________________________________________________
Name of Implementation: cisco IOS (TM)
Organisation: cisco Systems
Which IP versions are supported: IPv4 & IPv6 in progress
Implemented Features:
AH (RFC-1825,1826): In Progress
ESP (RFC-1825,1827): In Progress
AH MD5 (RFC-1828): In Progress
ESP DES (RFC-1829): In Progress
Other implemented AH transforms: AH-HMAC-MD5 & AH-HMAC-SHA in progress.
Other implemented ESP transforms: ESP-DES-MD5-Replay in progress,
proprietary DES transform.
Key Management: proprietary now; ISAKMP+Oakley in progress
Platforms: cisco
Lineage of IPsec Code: cisco Systems
Lineage of Key Mgmt Code: cisco Systems
Location of Source Code: proprietary
Point of Contact: Cheryl Madson
Claimed Interoperability: TBA
________________________________________________________________________
Name of Implementation: OnNet
Organisation: ftp Software
Which IP versions are supported: IPv4 now, IPv6 planned
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: none
Key Management: manual now; ISAKMP+Oakley is planned.
Platforms: Windows95, Windows 3.11
Lineage of IPsec Code: FTP Software;
referenced but didn't port the NRL software.
Lineage of Key Mgmt Code: FTP Software;
referenced but didn't port the NRL software.
Plan to port cisco's ISAKMP+Oakley code.
Location of Source Code: proprietary
Point of Contact: Naganand Doraswamy
Claimed Interoperability: Raptor, SCC, IBM, & TIS now;
testing with NRL is in progress.
_______________________________________________________________________
Name of Implementation: Trusted Security Firewall-Guard (GTFW-GD)
Organisation: Gemini
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: AH-SHA, proprietary
Other ESP Transforms: none
Key Management: manual, proprietary
Platforms: Gemini Trusted Firewall-Guard
Lineage of IPsec Code: Gemini
Lineage of Key Mgmt Code: Gemini
Location of Source Code: Proprietary
Point of Contact: Dr. Tien F. Tao
Claimed Interoperability: IBM SNG, MorningStar, NIST, Raptor Systems,
SCC, SOS, TIS
_______________________________________________________________________
Name of Implementation: IBM SNG
Organisation: IBM
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES, both 32-bit & 64-bit IV
Other AH Transforms: HMAC MD5
Other ESP Transforms: none
Key Management: manual, proprietary
Platforms: IBM AIX
Lineage of IPsec Code: IBM
Lineage of Key Mgmt Code: IBM
Location of Source Code: proprietary
Point of Contact:
Claimed Interoperability:
For ESP-DES & AH-MD5: NRL, JI, KA9Q, NIST, TIS, Checkpoint, SOS,
Gemini, MorningStar, Raptor, SCC, TimeStep
For ESP-DES & HMAC MD5: NIST, Raptor
_______________________________________________________________________
Name of Implementation: SafeNet
Organisation: Information Resources Engineering, Inc.
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): Planned
ESP (RFC-1825,1827): In Progress
AH MD5 (RFC-1828): Planned
ESP DES (RFC-1829): In Progress
Other AH Transforms: none
Other ESP Transforms: DES-Counter-ANSI-X9.9
Key Management: SKIP in progress; various ANSI in progress
Platforms: V.34 modem, IP over PPP, Ethernet
Lineage of IPsec Code: Information Resources Engineering
Lineage of Key Mgmt Code: Information Resources Engineering
Location of Source Code: proprietary
Point of Contact:
Claimed Interoperability: TBA
_______________________________________________________________________
Name of Implementation: BorderGuard and Security Router
Organisation: Network Systems
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): TBD
ESP (RFC-1825,1827): In Progress
AH MD5 (RFC-1828): TBD
ESP DES (RFC-1829): TBD
Other AH Transforms: none
Other ESP Transforms: ESP-DES-MD5-Replay in progress
Key Management: manual, proprietary D-H are done now.
ISAKMP+Oakley is in progress.
Platforms: Network Systems routers
Lineage of IPsec Code: Network Systems
Lineage of Key Mgmt Code: Network Systems
Location of Source Code: proprietary
Point of Contact: Ted Doty
Claimed Interoperability: TBD
_______________________________________________________________________
Name of Implementation: Eagle
Organisation: Raptor Systems
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: AH-HMAC-MD5
Other ESP Transforms: DES-CBC-MD5-Replay is planned
Key Management: manual, proprietary
Platforms: Raptor Eagle Firewall
Lineage of IPsec Code: Raptor
Lineage of Key Mgmt Code: proprietary
Location of Source Code: proprietary
Point of Contact: Jeff Kraemer
Claimed Interoperability: FTP Software, IBM SNG, MorningStar, NIST,
Secure Computing, SOS, TimeStep, TIS, Gemini
______________________________________________________________________
Name of Implementation: Sidewinder Firewall
Organisation: Secure Computing
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: none
Key Management: manual
Platforms: Sidewinder Firewall
Lineage of IPsec Code: ???
Lineage of Key Mgmt Code: not applicable
Location of Source Code: proprietary
Point of Contact: Troy de Jongh (dejongh@sctc.com)
Claimed Interoperability:
_______________________________________________________________________
Name of Implementation: PERMIT
Organisation: TimeStep
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: none
Key Management: manual, proprietary
Platforms: TimeStep
Lineage of IPsec Code: ???
Lineage of Key Mgmt Code: TimeStep ???
Location of Source Code: proprietary
Point of Contact: Stephane Lacelle
Claimed Interoperability:
_______________________________________________________________________
Name of Implementation: TIS Gauntlet
Organisation: Trusted Information Systems
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: ESP-3DES
Key Management: manual, proprietary
Platforms: TIS Gauntlet
Lineage of IPsec Code: NRL-derived
Lineage of Key Mgmt Code: TIS ???
Location of Source Code: proprietary
Point of Contact: Rick Murphy, rick@tis.com
Claimed Interoperability: NRL
_______________________________________________________________________
Name of Implementation: V-ONE SmartWall
Organisation: V-One
Which IP versions are supported: IPv4
Implemented Features:
AH (RFC-1825,1826): YES
ESP (RFC-1825,1827): YES
AH MD5 (RFC-1828): YES
ESP DES (RFC-1829): YES
Other AH Transforms: none
Other ESP Transforms: ESP-3DES, RC4, stream DES
Key Management: manual, proprietary
Platforms: V-ONE SmartWall
Lineage of IPsec Code: NRL-derived
Lineage of Key Mgmt Code: V-One ???
Location of Source Code: proprietary
Point of Contact: Jason Wang
Claimed Interoperability: NRL
______________________________________________________________________