Your network is constantly
evolving as you integrate more business applications and
consolidate servers. In this environment its becoming
extremely complex to maintain total security while users
such as employees or subcontractors are working remotely
with customers and partners. They need to get access to
applications and servers quickly, easily, and
securely.
The Tunneling Protocol
offers full IKE support. Our IKE implementation is based
on the OpenBSD 3.1 implementation (ISAKMPD), thus
providing the best compatibility with existing IPSec
routers and gateways. Full IPSec support : Main
mode and Aggressive mode MD5 and SHA hash
algorithms
NAT Traversal support of
NAT Traversal Draft 1 (enhanced), Draft 2 and 3 (full
implementation). IP address emulation. Including
NAT_OA support (floating port for IKE exchange)
Including NAT keepalive
IP Encapsulating Security:
mode tunnel & transport. Multi-tunneling to several
VPN Gateways. Allow 'IPsec only' trafic filtering.
Accepts incoming IPSec Tunnels.
Strong IPSec encryption
provided by 3DES, DES and AES using 256 bit
encryption.
Strong User Authentication
with support X-Auth, PreShared keying and X509
Certificates support. Flexible Certificate support (PEM,
PKCS12, ...). Support of Diffie-Hellman Group1, 2, 5 and
14 (i.e. 1536 and 2048).
The connection operates in
VPN Client to Gateway Mode and allows remote users and
business partners or subcontractors to securely connect
to the corporate network with strong authentication.
Peer to Peer Mode can be used to securely connect branch
office servers to the corporate information system. All
connection types including Dial up, DSL, Cable, GSM/GPRS
and WiFi are supported.
Our Multi-vendor strategy
allows us to support as many IPSec VPN gateways and
routers on the market as possible to offer a true
multi-vendor solution to entreprises. HotBrick has
certified with several IPSec VPN gateways including
Bewan, Cisco, Linksys, Netgear, Netscreen, SonicWall,
Symantec, Zyxel and Linux appliances that support
StrongS/WAN or FreeS/WAN. Please also check our
Certified VPN Gateway/Router complete list HERE. If you are experiencing
testing errors or staging errors, or compatibility
issues or configuration problems in a multi
gateways/routers environment, then you want to try the
HotBrick IPSec VPN Client.
Flexible software
deployment means software, configuration, policy and
updates can be deployed whenever and wherever it's
needed while maintaining low TCO for your organization.
HotBrick software provides the best combination of
strong security of IPSec with "lightweight" IPSec
Clients that can be web-deployed to simplify IPSec based
network-layer access. The HotBrick VPN Client is very
compact software.
A USB Stick and USB token
add another layer of security on top of IPSec. VPN
configurations and security elements (certificates,
preshared key, ) can be saved to a USB Stick in order to
remove authentication information from the
computer.
Silent install and an
invisible graphical interface allow IT managers to
deploy solutions while preventing the user from misusing
configurations.
The VPN configuration
Wizard allows the creation of VPN configurations in
three easy steps. It is designed for remote computers
that need to connect to a corporate LAN through a VPN
gateway. To look at a VPN Client Wizard screenshot, CLICK HERE.
The HotBrick VPN Client
Software operates as a Service, allowing its use on
unattended Servers.
The HotBrick VPN Client
Software allows centralized management of security
policies. Security must be managed without users even
noticing! Protection must be as transparent as
possible.
The following Windows
versions are supported: Win95, Win98 ,Me, NT, Win2000,
WinXP (including SP2)
Hash
algorithms MD5-HMAC 128 bit
authentication SHA1-HMAC 160-bit
authentication
Encryption DES-CBC 56 bit
encryption 3DES-CBC 168 bit encryption AES 128,
192, 256 bit encryption
Diffie Hellman Group
Support Group 1 : MODP 768 Group 2 : MODP
1024 Group 5 : MODP 1536 Group 14 : MODP
2048
Authentication Mechanism Preshared
Key X509 Certificate support (PEM) X-Auth
Certificate Flexible Certificate Support (PEM,
PKCS12, )
Key Management ISAKMP
(RFC2408) IKE (RFC2409)
IPSec
Mode ESP Tunnel Transport
IKE
Mode Main Aggressive Quick
USB stick
mode All formats supported (SD, MMC, ) Auto close
and Auto open IPSec tunnels when plugging in or removing
USB Stick Security Elements (e.g. network,
configuration, shared key, certificates, ...) cannot be
used on other computers
Networking NAT
traversal (Draft1, 2 & 3) allow IPSec connection
through a NAT device. Main mode & agressive mode,
NAT keep Alive, Payload NAT_OA, IP address
emulation Multi tunneling to several Gateways DNS
and WINS resolutions supported Support of Dead Peer
Detection (DPD)
Peer to Peer Peer to Peer
connections Accepts incoming IPSec Tunnels
Blocking capabilities 'IPSec only' traffic
filtering Can block all other connections than the
VPN connections.
Management Options Client
configuration in hidden mode Set of command lines to
make deployment and management easier Capability to
start before logon
Performance Runs as a
service on Win2K or XP High performances, no system
overhead Around 75 sec download over DSL
Supported Platforms Windows 95, 98, Me, NT4, 2000,
XP.
