IPSec VPN Client / Server SupportTransparent, standards-based cross-platform unified IPSec technology, extends the InJoy Firewall with capability of building VPN's and secure channels — allowing corporations to deploy it either as a VPN Gateway or as a secure VPN Client.
|With the simple IPSec VPN Wizard, even beginners can now set up a company-wide VPN.|
WHAT IS AN IPSEC VPN AND WHY DO I NEED IT?
An IPSec VPN uses modern encryption and authentication technologies to keep the data that it carries private — hidden from public view and completely protected against unauthorized access or theft. Learn more>>
InJoy Firewall - IPSec VPN benefitsTechnology from one of the world's leading IPSec Toolkit providers extends the InJoy Firewall with unique IPSec benefits:
- Easy to use and designed to boost your productivity. Includes
step-by-step GUI based configuration, a built-in user database, deployment
examples, and a wealth of convenience features. Learn more>>
- Seamlessly installed and optional, the InJoy IPSec is
implemented as a modular plugin. Simply opt not to load it and
it won't take up resources or add complexity.
- IPSec Client and Gateway support in one application eases
the configuration on both ends.
- Firewall Integration to specifically filter, log and
otherwise control IPSec traffic. To further ease the setup of
a popular configuration, the InJoy Firewall even includes a
pre-configured security level that blocks all non-IPSec traffic.
- Cross-platform unified operation ensures fast deployment
throughout the organization.
- Standards-based and third party interoperable. Tested with public test engines and an extensive range of market-leading VPN solutions.
InJoy IPSec was selected by both Nortel Networks and Cisco Systems as their exclusive VPN software partner for their enterprise OS/2 customers.
InJoy Firewall - IPSec VPN FeaturesInJoy IPSec includes all the latest features and a comprehensive palette of business-ready protocols:
- High-grade encryption standards, including
U.S. government adopted AES (Advanced Encryption Standard), 3DES,
Blowfish, DES and NULL encryption.
- Powerful Authentication through Pre-Shared Keys (PSK),
Extended Authentication (X-Auth), RSA signatures, x.509 Digital Certificates and
Group Authentication. Password prompting supported to avoid storing of passwords
on the harddisk.
- External Authentication provides possibility to store
password and other sensitive data in an external storage, like
- NAT Traversal facilitates easy IPSec deployment over
- IP Compression delivers maximum bandwidth through LZS
or DEFLATE compression.
- Dynamic IP (Road Warrior) Support allows you to accept
IPSec connections from hosts whose IP addresses you do not know
- Split tunneling allows a host to maintain tunneled VPN
communications with other hosts in the VPN while at the same time
communicating with public Internet hosts directly, outside the tunnel.
This reduces both processing and traffic overhead on the private network.
- Virtual IP allows the VPN administrator to assign an
internal (virtual) IP address to any IPSec client to unify the
internal IP address range.
- Fail-over and Fall-back allows InJoy IPSec to "fail-over"
to another VPN Server when the primary one fails, and then "fall-back"
to the primary VPN Server when it starts working again. Additionally,
Path MTU Discovery technology support provides smooth operation in
aggressive IP networks with MTU (Maximum Transmissions Unit) sizes
lower than usual.
- Wide protocol support, including manual and automatic key exchange, tunnel and transport mode, main-mode and aggressive mode.
Deployment and user friendlyInteroperability issues inspired the creation of the 100% standards-based multi-platform InJoy Firewall product, with which complicated VPN configuration, IPSec interoperability issues, and multi-platform concerns are a thing of the past.
|Step-by-step GUI Configuration Wizard||
If your IPSec VPN requirements include tunneling, encryption,
authentication, a simple user-database, a single network at each
location, and a number of remote VPN Clients, then use the new VPN
Wizard to simplify configuring InJoy IPSec at each of the endpoints.
The VPN Wizard makes use of preconfigured templates for both the VPN Server and Client. The Server is configured to accept connections from both fixed and dynamic IP addresses, even through a NAT Gateway. It authenticates the VPN Clients through Preshared Keys (a password) and through the user-account based Extended Authentication protocol.
You decide what encryption standard to use, specify what network is behind each IPSec endpoint, maintain the IPSec VPN user database and assign a Virtual IP address to the remote VPN Clients directly from the VPN Wizard.
The VPN Wizard configuration can be carried out locally or remotely, allowing the network administrator to maintain a complete VPN network from a central location.
|Tunnel Workshop||For complicated VPN configurations, InJoy Firewall supports both local and remote configuration of the Security Association database. Live on-screen help and ready-to-use samples provide the ease of use required by busy professionals.|
|Rapid deployment||Comprehensive documentation, a VPN case study and a wealth of deployment examples enable rapid deployment. External utility programs, on-the-fly configuration updates and the possibility of plain text configuration enables easy administration and maintenance.|
|Extra Productivity||The Maximum Segment Size (MSS) auto adjust feature prevents the administrative nightmare of IPSec introduced MTU problems. Perfect integration with the Firewall enables you to define security policies that affect IPSec users only.|
Once IPSec is configured, you can make use of the IPSec
monitoring capabilities to locally or remotely monitor
IPSec tunnels, internal users that have made use of the
tunnels and IPSec security logs:
WITHOUT THE INJOY FIREWALL, configuring a modern VPN that
spans multiple OS platforms,
network devices and network topologies is a major challenge!
It requires you to:
You may end up discovering product incompatibilities, steep learning curves and software vendors that end up blaming each other for their problems.