I was asked to configure a group of systems to do exactly this a few years back.  The 
infosec group of the company directed that all network traffic had to be encrypted.

The (software-only) solution we used was to put as many services as possible on to 
native encypted channels.  i.e.  using https://, SMTP over ssh, IMAP over ssh, etc.

Where this simply didn't work, we used stunnel (http://www.stunnel.org/) to "wrap" 
pesky forms of traffic which otherwise wouldn't encrypt due to poor cooperation on the 
part of the original software implementation (Solaris 8's LDAP implementation is 
coming to mind very quickly).

I hope this is helpful to you.

j.


*********** REPLY SEPARATOR  ***********

On 6/23/2002 at 1:00 PM Jason Lewis wrote:

>I have been looking for a way to encrypt all my local IP network traffic.
>Does anyone know of software that will do this?
>
>A VPN isn't practical, I am directly connecting to the other machines and
>I don't want to have more IP's involved.
>
>IPSec is probably the solution, but I am looking for something cross
>platform and and easy for the end user to configure.  Maybe even an app to
>easily configure IPSec would be good.
>
>PGPNet can do this, but it has been dropped by mcafee. Is there anything
>similar?
>
>I can't find any apps that address encrypting network traffic.  Is the
>only real solution hardware?
>
>jas




Reply via email to