Increasing the affairs of individuals and enterprises are being conducted in an automated manner over the Internet. Enterprises now engage in selling their products and services over the Internet; individuals also engage in communicating with one another over the Internet; employees may also engage in accessing secure resources of their employers over the Internet, etc.
One ever present and daunting issue with this activity is Internet security. Some transactions may be innocuous and may not require any substantial security. However, a growing number of transactions do involve sensitive material associated with enterprises and individuals, such as corporate secrets, personal data, etc. A variety of security mechanisms exist to address this issue.
For example, some enterprises may install dedicated connections for secure communications between parties. Yet, this approach is less pervasive with the advent of Virtual Private Network (VPN) techniques. A VPN permits an insecure connection to be used to achieve secure communications between parties engaged in a transaction.
VPN transactions use authentication and encryption techniques for purposes of ensuring that communications are secure. Essentially, a VPN permits insecure communications lines to be used in a secure manner.
In some cases, the servers or gateways that provide a VPN may go down and become unavailable to a user. When this occurs, a user is typically required to manually reconnect to an alternative VPN gateway, which is time consuming and which results in lost communications that occur when the user is unaware that his/her VPN gateway has in fact failed on him/her.
In other cases, the VPN gateway may not go down but may become heavily taxed such that a user experiences delayed responses from the VPN gateway. At the same time, other VPN gateways may have excess capacity. Thus, there is inefficient load balancing with VPN communications, which in turn effects how available a user perceives a particular VPN to be at any particular point in time.
Although a substantial amount of industry effort has been expended to provide load balancing and fail over support for databases and directories; there has been very little advancement and work in this area with respect to VPN communications.
Consequently, there is a need for improved techniques for delivering highly available VPN's.