|
|
 |
| Virtual
Private Network (VPN)
The
Astaro VPN (Virtual Private Network) gateway uses
a variety of data encryption methods to create a
secure communications “tunnel” over
the public Internet.
Multiple
Architectures
To
accommodate the needs of branch offices, home users,
and “road warriors”, the VPN gateway
supports a variety of VPN architectures, including
Net-to-Net, Host-to-Net, and Host-to-Host.
Broad
Protocol and Client support
The
Astaro VPN gateway supports a broad range of VPN
protocols like IPSec, L2TP over IPSec, and PPTP.
Administrators
can select from a broad range of VPN clients, including
the native Windows and Windows Mobile PPTP and L2TP
over IPSec clients, the Mac OS X VPN client, and
other VPN clients that follow the IPSec standard,
including the Astaro Secure Client. Different clients
can be mixed in an Astaro VPN environment.
|
Additional
Resources:
More
from Astaro: VPN client software
– Astaro Secure
Client
Astaro
Secure Client is an easy-to-use remote working software
based on the latest VPN technology.
The software provides smooth integration with a remote
network and may be used with any popular IPSec-compliant
gateway.
Learn more... |
| Certificate
Authority
The
Astaro Security Gateway includes an internal certificate
authority with authentication based on PKI-trustchain.
This enables the use of digital certificates without
requiring that certificates be generated centrally
and distributed to remote sites.
Certificates
from external and public Certificate Authorities
can also be used. X509 CRL support means that Certificate
Revocation Lists can be imported to revoke disabled
or expired certificates.
IPSec
Dead Peer Detection
The
Astaro VPN gateway automatically detects when IPSec
gateways and clients become unavailable, so that
network outages and IPSec peer crashes can be detected
and remedied quickly.
Simplified
Remote Access
Dynamic
IP addresses and DNS/WINS server addresses, taken
from a virtual address pool or provided by an DHCP
server, can be distributed automatically to simplify
remote access. IPSec client configurations can be
distributed from a central point, simplifying mass
rollouts of IPSec VPNs.
|
 |
| Integrates
Into Existing Environments
Astaro’s
VPN gateway is easy to integrate into existing environments.
It can authenticate VPN users against local databases,
Radius Servers, Novell eDirectory, Microsoft Active
Directory, and LDAP-compliant enterprise directories.
It can also apply access policies based on users
and groups, IPs and networks, and PKI-based IPSec
user groups. Connections to LDAP servers can be
encrypted using SSL/TLS standards, so that authentication
against LDAP data sources can be performed securely
over the Internet.
Firewall
Integration
Astaro’s
VPN gateway is fully integrated with Astaro’s
firewall. IPSec VPNs can utilize NAT traversal and
virtual IP addresses. Firewall settings are generated
automatically when VPN clients are configured. Packet
filter policies can be specified on a per-user basis.
VPN user groups can be created and used to grant
access rights.
| Encryption
algorithms supported: |
Authentication
methods include: |
IPSec protocols include: |
| AES
(Rijndael) |
Passphrase
(PSK) |
Internet Key Exchange (IKE) |
| DES |
Certificates (X.509v3) |
Encapsulated
Security Payload (ESP) |
| 3DES |
Raw
RSA Keys |
Layer
2 Tunneling Protocol (L2TP) |
| Blowfish |
CHAP,
MSCHAP, MSCHAPv2, and PAP |
NAT-Traversal |
| Serpent
128-bit |
RADIUS
(for L2TP, IPSec and PPTP) |
|
| Twofish
128-bit |
|
|
| MPPE
(40 and 128 bit) |
|
|
|
|
|
