It generally is standards *based*. Their customers demand it to be so. IPSec tun... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jiveturkey on June 13, 2019 | parent | context | favorite | on: The world in which IPv6 was a good design (2017)

It generally is standards based. Their customers demand it to be so. IPSec tunnel overlays, usually if not always full mesh. The non-standard part is tiny insignificant tweaks to IPSec that render it unacceptable to standards speaking endpoints, thus you can't coordinate with your open source IPSec device. Stupid myopia, because these systems depend on proprietary orchestration anyway.

basch on June 13, 2019 [–]

+1 for velocloud. SDWAN mesh between all your devices, and they provide a cloud gateway that allows you to connect to any compatible ipsec device, without having to backhaul all the data to one specific endpoint.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact