Vita
A fast IPSEC-based VPN gateway
VPN technology is a key enabler for end user security in insecure environments. Vita aims to achieve high performance (beyond 10G speeds) on commodity server hardware. Vita is intended to be both simple in terms of code, as well as in terms of deployment, and non-invasive to deploy in existing networks. Vita also strives to be affordable, in terms of both energy footprint and cost of maintenance: its goal is to make the best possible use of commodity hardware while remaining easy to deploy safely.
- The project's own website: https://github.com/inters/vita
Why does this actually matter to end users?
VPN's tend to be hard to configure, and standards based (IPsec) ones in particular. Vita runs on commodity hardware, implements IPsec for IPv4, specifically "IP Encapsulating Security Payload", or ESP) in tunnel mode. It uses optimized AES-GCM 128-bit encryption based on a reference implementation by Intel for their AVX2 (generation-4) processors.
It is suitable for 1-Gigabit, 10-Gigabit (and beyond?) Ethernet. Vita delivers automated key exchange and rotation, with perfect forward secrecy (PFS) and dynamic reconfiguration (meaning it can update routes while running.
If you are operating a Vita node, you can easily access relevant statistics of your running Vita node .
This project was funded through the Internet Hardening Fund, a fund established by NLnet with financial support from the Netherlands Ministry of Economic Affairs and Climate Policy.
