English

Logo

VPN Client for IPSec and SSL

gateProtect has developed his own VPN-client for contection of laptop and home-based workstations. This Client supports IPsec as well as VPN-over-SSL.

A lot of competitors only work web browser based. The gateProtect VPN-Client allows absolute access in the ssl-mode, if defined in the rule type. So it is possible to use a multitude of applications through the SSL-VPN-tunnel like remote desktop.


gateProtect attains a similar high security standard at VPN-over-SSL like certificate-based IPsec by using X.509 certificates. But by using VPN-over-SSL-Tunnel there is more flexibility.


The VPN-client supports the Single-Click-Connection developed by gateProtect. The VPN-tunnel can be established with only one mouse-click in co-operation with the configuration-file which can be exported from the firewall.


Advantages of the gateProtect VPN Client:

  • high security standards through X.509 certificates at VPN-over-SSL
  • high compatibily through IPsec and VPN-over-SSL
  • availability of all services through VPN-over-SSL-Tunnel
  • perfect co-operation with gateProtect firewall
  • easy installation with Single-Click-Connection
 

Feature Highlight

  1. Layer-8 Technology

    Layer-8 Technology


    Control of the user-based security policy



    The “Layer-8 Technology” from gateProtect treats the user identity as the 8th layer
    of the OSI model.

    All gateProtect “Next Generation Firewall Appliances” offer security and productivity at
    all levels and across all services – from layer 2 to layer 8 with identity-based policies.



    Future-proof with high security

    Most modern firewall systems support proxy-based user authentication. This means that only those services which work with proxies such as HTTP or FTP can be issued to specific users.

    The gateProtect firewall has rule-based Extended User Authentication which allows any number of services to be assigned to one user or a group of users. These services can be provided with all the known additional options such as proxies or web filters.

    If a user logs on to the firewall from a computer, all the assigned services for the computer in question are enabled.


    gateProtect offers you two ways of logging onto the firewall:

    • Web browser/UA Client: logon is via an HTTPS connection.
    • Single sign-on: Kerberos automatically passes the log on to the domain to the firewall.



    The extended user-authentication of gateProtect captivates through

    • The release of as many as desired services for a person
    • Configuration of the services for groups
    • Configuration of the services for active directory groups
    • Approval of services also in the intranet
    • Guaranteed future, because of future services are also configurable.
    • Single sign-on by Kerberos during registration at the windows domain
    • Browser-Login for operating system independence

  2. eGUI technology

    eGUI® Technology

    Revolutionizes the operation of “Next Generation Firewall Appliances”

    The greatest security risk facing modern IT networks relates to the fact that increasingly complex security functions are required in order to effectively block attacks. This inevitably leads to systems that are extremely complex to operate, which, in turn, means the risk of user errors increases exponentially. As a result of this, operation and configuration errors in IT systems are the cause of around 98% of all security vulnerabilities in companies nowadays. This risk, together with the constantly increasing amount of work that is required to manage IT security systems, means a whole new approach to the operation of professional security solutions is required.

    The answer to these problems is the patented and unique eGUI® technology from gateProtect.

    The interface concepts of the gateProtect competitors follow a “function-oriented” approach. However, this approach does not include the interaction between humans and machines. gateProtect therefore developed the eGUI® technology, which utilizes a “process-oriented“ approach that includes the consequent implementation of the ISO Norm 9241 standard. The program also provides a consistent layout, which only displays the specific information that the user actually requires for the current activity, no matter which application is being used.

     

    Major advantages of the eGUI technology

    Enormous time-savings through a significant reduction in the number of rules.
    Compared to a „function-oriented“ approach you can reduce the number of rules by a factor of up to 100.

     

    Reduction in the number of user errors thanks to the visualization of the entire network
    The visualization of the entire network and active services remarkably reduces the risk of user errors.

     

    Reduced operating costs through active management
    The combination of active management, time-savings and reduction of error rates results in a significant cost reduction compared to the competitors interface.

     

     

    Major advantages of the eGUI® technology

    Only the integration of the eGUI® technology in Next Generation Firewalls can help the administration to adhere to security policies
    in the company network in an effective and secure way. The clear overview, active management, as well as the reduction of rules are
    the major advantages when compared to list based user interfaces.

    The eGUI® technology reduces significantly the time for the configuration of the firewall, as found during a 2009 study conducted
    amongst IT Security Experts throughout Europe.

     

  3. Extended User Authentication

    Extended User Authentication

    Future-proof with high security

    Most modern firewall systems support proxy-based user authentication. This means that only those services which work with proxies such as HTTP or FTP can be issued to specific users.

    The gateProtect firewall has rule-based Extended User Authentication which allows any number of services to be assigned to one user or a group of users. These services can be provided with all the known additional options such as proxies or web filters.

    If a user logs on to the firewall from a computer, all the assigned services for the computer in question are enabled.



    gateProtect offers you two ways of logging onto the firewall:

    • Web browser/UA Client: logon is via an HTTPS connection.
    • Single sign-on: Kerberos automatically passes the log on to the domain to the firewall.



    The extended user-authentication of gateProtect captivates through

    • The release as many as desired services for a person
    • Configuration of the services for groups
    • Configuration of the services for active directory groups
    • Approval of services also in the intranet
    • Guaranteed future, because of future services are also configurable.
    • Single sign-on by Kerberos during registration at the windows domain
    • Browser-Login for operating system independence

  4. Extended VPN

    Extended VPN

    Fast and secure connection to company network

    gateProtect offers the most commonly used forms of current site-to-site and Road Warrior VPN connections via IPSec and SSL. Wizards and the eGUI® technology help with the management and set up of these connections. In addition, the firewall generates external configuration files when the VPN connections are created. These files can be used for setting up single click connections and also for site-to-site connections when importing on the firewall at a remote site.

    Furthermore, gateProtect offers an IPSec and SSL site-to-site solution with X.509 certificates which can work in bridge mode as an option. For a normal bridge, two or more network cards are linked to form a logical network. gateProtect not only allows this for network cards but also for VPN-over-SSL connections. This makes it possible to treat remote computers as if they were in the local network.