|
1.
Introducing the Syswan VPN Client
The Syswan VPN Client is an IPSec VPN software for all current Windows versions that allows users to establish secure encrypted connections over the Internet, usually between remote workers and their corporate network. IPSec is the most secure way to connect to the enterprise LAN as it provides strong user authentication, strong tunnel encryption with the ability to cope with existing networks and firewall settings.
Syswan IPSec VPN Client is the result of many
years of experience in network security and Windows network driver development,
as well as extensive research in all related areas.
This IPSec VPN Client completes our range of networking and security products and like all our products, it is extremely easy to install and use.
The Syswan VPN Client offers total compatibility towards the Syswan Duolinks SW24 VPN series load balancers (Duolinks SW24 VPN and Duolinks SW24 VPN Plus routers) and guarantees a flawless hardware and software solution to secure any network. IT managers and remote users can relay on software and hardware products that come from the same vendor which are reliable, secure and cross platform compatible.
The Redundant Gateway option built into
the Syswan VPN Client software and the dual WAN load balancing and redundancy
capabilities of the Syswan Duolinks SW24 series load balancers offer remote
users a unique feature that allows the Syswan VPN Client to automatically open
a VPN tunnel with an alternate gateway in case the primary gateway is down or
unreachable.
The Syswan VPN Client strategy is to support as many VPN gateways and appliance vendors as possible in order to offer users a true multi vendor IPSec VPN software solution. A large number of IPSec VPN endpoints have been successfully tested for compatibility in our labs.
The Syswan VPN Client supports most popular USB
Tokens and SmartCards that are available on the market today. New USB Token and
SmartCard devices are regularly tested in our labs for compatibility and
greater end user satisfaction.
By directly reading USB Tokens and SmartCards
to obtain stored certificates, the Syswan VPN Client helps IT managers make use
of existing corporate ID cards or employee cards that may carry digital credentials
when implementing remote VPN solutions.
The Syswan VPN Client supports many
implementations of Linux IPSec VPN like StrongS/WAN and FreeS/WAN. Therefore
the Syswan VPN Client is compatible with most of the IPSec routers/appliances
based on Linux implementations.
|
Supported OS |
Windows 2000, Windows 2003, Windows XP, |
|
Connection Mode |
Operates
as a peer-to-peer VPN as well as a "point – to – multiple" mode
without a gateway or server. All Internet connection types like Dial up, DSL,
Cable, GSM/GPRS and WiFi are supported. Allows
IP Range networking. It
can run inside a RDP session (Remote Desktop connection). |
|
Tunneling Protocol |
Full
IKE support: Our IKE implementation is based on the OpenBSD 3.1
implementation (ISAKMPD), thus providing best compatibility with existing
IPSec routers and gateways. Full
IPSec support: Main mode and Agressive
mode MD5 and SHA hash
algorithms Change IKE port |
|
NAT Traversal |
NAT
Traversal Draft 1 (enhanced), Draft 2 and 3 (full implementation) Including NAT_OA
support Including NAT
keepalive Including NAT T
Aggressive Mode Forced NAT-Traversal mode. |
|
Encryption |
Provides
several encryption algorithms: 3DES, DES and AES
128/192/256bits encryption. Support of Group 1,
2, 5 and 14 (i.e. 768, 1024, 1536 and 2048). |
|
User Authentication |
X-AUTH support PreShared keying
and X509 Certificates support. Compatible with most currently available IPSec
gateways. USB Token &
SmartCard support Flexible Certificate
support: PEM, PKCS#12... Certificates can be
directly imported from the user interface. Ability to configure one
Certificate per tunnel. Hybrid
Authentication Method support. |
|
Dead Peer Detection (DPD) |
DPD
is an Internet Key Exchange (IKE) extension (i.e. RFC3706) for detecting a
dead IKE peer. |
|
Redundant Gateway |
Redundant
Gateway offers remote users a highly reliable secure connection to the
corporate network. The Redundant Gateway feature allows the Syswan VPN Client
to open an IPSec tunnel with an alternate gateway in case the primary gateway
is down or unreachable. |
|
Mode Config |
"Mode
Config" is an Internet Key Exchange (IKE) extension that enables the
IPSec VPN gateway to provide LAN configuration to the remote user's machine
(i.e. Syswan VPN Client). With Config-Mode the end-user is able to address
all servers on the remote network by using their network name (e.g.
//myserver/marketing/budget) instead of their IP Address. |
|
USB Stick |
VPN
configurations and security elements (certificates, preshared key,…) can be
saved into an USB Stick in order to remove security information
(e.g.authentication) from the
computer. Automatically open and close tunnels when plugging in or removing USB Stick. |
|
Smart Card and USB Token |
The
Syswan VPN Client can read Certificates from Smart Cards to make full use of
existing corporate ID card or employee cards that may carry Digital
credentials. |
|
Log console |
All
phase messages are logged for testing or staging purposes to easily narrow
the view on specific aspects. |
|
Flexible User Interface |
Silent
install and invisible graphical interface allow IT managers to deploy
solutions while preventing user to misuse configurations. Tiny
Connection Panel and VPN Configuration Panel can be available to end-users
separately with Access Control. Drag
& drop VPN Configurations into the Syswan VPN Client. Multiple
keyboard shortcuts to easily navigate the Syswan VPN Client interface. |
|
Scripts |
Scripts
or applications can be launched automatically on several events (e.g. before
and after a tunnel opens, before and after a tunnel is closed). |
|
Configuration Management |
User
Interface and Command Line. Password
protected VPN configuration file. Specific
VPN configuration file can be provided within the setup. |
|
|
|
|
|
|
|