VPN Client Software
Your network is constantly evolving as you integrate more business applications and consolidate servers. In this environment it’s becoming extremely complex to maintain total security while users such as employees or subcontractors are working remotely with customers and partners. They need to get access to applications and servers quickly, easily, and securely.
The Tunneling Protocol offers full IKE support. Our IKE implementation is based on the OpenBSD 3.1 implementation (ISAKMPD), thus providing the best compatibility with existing IPSec routers and gateways. Full IPSec support :
- Main mode and Aggressive mode
- MD5 and SHA hash algorithms
- Hash algorithms
MD5-HMAC 128 bit authentication
SHA1-HMAC 160-bit authentication
- Encryption
DES-CBC 56 bit encryption
3DES-CBC 168 bit encryption
AES 128, 192, 256 bit encryption
- Diffie Hellman Group Support
Group 1 : MODP 768
Group 2 : MODP 1024
Group 5 : MODP 1536
Group 14 : MODP 2048
- Authentication Mechanism
Preshared Key
X509 Certificate support (PEM)
X-Auth
- Certificate
Flexible Certificate Support (PEM, PKCS12, …)
- Key Management
ISAKMP (RFC2408)
IKE (RFC2409)
- IPSec Mode
ESP
Tunnel
Transport
- IKE Mode
Main
Aggressive
Quick
- USB stick mode
All formats supported (SD, MMC, …)
Auto close and Auto open IPSec tunnels when plugging in or removing USB Stick
Security Elements (e.g. network, configuration, shared key, certificates, ...) cannot be used on other computers
- Connection Technologies
DSL, dial-up modem, GPRS link, Ethernet, PCMCIA cards, WIFI, etc.
- Networking
NAT traversal (Draft1, 2 & 3) allow IPSec connection through a NAT device. Main mode & agressive mode, NAT keep Alive, Payload NAT_OA, IP
address emulation
Multi tunneling to several Gateways
DNS and WINS resolutions supported
Support of Dead Peer Detection (DPD)
- Peer to Peer
Peer to Peer connections
Accepts incoming IPSec Tunnels
- Blocking capabilities
'IPSec only' traffic filtering
Can block all other connections than the VPN connections.
- Management Options
Client configuration in hidden mode
Set of command lines to make deployment and management easier
Capability to start before logon
- Performance
Runs as a service on Win2K or XP
High performances, no system overhead
Around 75 sec download over DSL
- Supported Platforms
Windows 95, 98, Me, NT4, 2000, XP.
- Supported VPN Gateways
Astaro, Bewan, Billion, Bintec, Cisco, D-Link, Efficient Network, Fortinet, FreeSwan, OpenSwan, OpenBSD, GTA, Hotbrick, Linksys, Microsoft, Netasq, Netcelo, Netgear, Netscreen, Securepoint, Sonicwall, Speedtouch, Symantec, Tuxgate, Zyxel, etc.
