Quantum Safe IPsec Toolkit (QuickSec Quantum) is first to market, complete IPsec software implementation with Quantum Safe cryptography support. Quantum Safe cryptography is designed to be resistant to quantum computer attacks and is required by any up-to-date security product.
Quantum Safe IPsec Toolkit builds on the legacy, experience and performance of the Rambus Classic IPsec Toolkit and brings IPsec into the quantum safe era. A complete, highly scalable IPsec implementation that supports all relevant (100+) RFCs and standards required for servers and clients that need to communicate with any type of client/server device and interoperate with existing networks. The Linux data plane (supported without any kernel dependency) is ideal for high traffic deployments in physical or virtual environments.
Quantum Safe IPsec Toolkit is optionally integrated with FIPS 140-2 or FIPS 140-3 validated crypto modules and suited for vendors of physical and virtual cloud/networking products, SASE, SD-WAN, printers and embedded devices.
Our IPsec implementation provides lowest development costs and fastest time to market. It takes care of all the complexities of IPsec, it is up to date and enables our customers to focus on their end products.
Contact
Product Brief
How the Quantum Safe IPsec Toolkit works
QuickSec Quantum is designed to be modular but also works seamlessly as a whole. It provides two run-time configuration options: C API and XML configuration file. And has multiple integration points e.g. IKE library, data plane API or policy manager API.
As our customers develop products that must work seamlessly with various other IPsec implementations, Quantum Safe IPsec Toolkit is extensively tested for interoperability and compatibility as part of the QA process.
It offer the following advanced features:
- High session set-up rate. Able to reach 3500 IPsec tunnels established per-second with two key exchange rounds (ML-KEM-768 and ECDH) on an 8-core CPU; scales well on multicore architectures.
- Tunnel number only limited by available computing resources.
- High availability (HA). HA can be achieved with the native clustering implementation based on RFC 6311 or the APIs for import and export of IKE and IPsec SAs.
- Easy debugging. Enables requesting detailed logs for specific tunnels for problem resolution in large deployments without impacting performance.
- Multi-tenancy: supports independent and overlapping virtual routing and forwarding (VRF) instances for multiple networks or eNodeB support of multiple operators
- Generic data plane API. QuickSec Quantum integrates with Linux kernel IPsec data plane or any other data plane supporting the same API. Additionally, a higher-level generic data plane API allows integration with any IPsec data plane.
- External cryptography API. This API enables the use of 3rd party hardware (HSM) or software cryptographic module.
- IPsec boundary. Defining an IPsec boundary ensures that no packets are violating the security policy by enforcing it in the kernel.
Leading companies are using QuickSec for implementations in Cloud, SASE, SD-WAN, enterprise security gateways, high-security government appliances, high-capacity carrier gateways, eNodeB, embedded devices and printers.