VPN

OVERVIEW

Network Box’s VPN (Virtual Private Network) module offers secure site-to-site, site-to-remote, and “road warrior” connections coupled with the latest encryption technologies. It is fully-integrated with the Network Box firewall and router to provide excellent policy control. For instance, policies can be applied to encrypted vs unencrypted traffic, as well as to specific end-points.

Network Box supports three core VPN technologies – IPsec, PPTP, and SSL – in addition to L2TP and GRE protocols, in client, server, and “road warrior” configurations. The VPN module is inter-routable, so traffic can be translated between VPN technologies by a single Network Box solution.

Both SSL and PPTP VPNs can be integrated with LDAP, allowing remote users to authenticate to your network using their LDAP credentials. Dual factor authentication is supported using TOTP technology standards.  Any application which supports TOTP can be used to achieve dual factor authentication. It is also possible to assign static IP addresses to users based on their LDAP user names or on the names of the private certificates assigned to them.

Modular configuration permits multiple encapsulation layers, such as L2TP within IPsec. PSK, RSA PKI and X509 certificates are available for IPsec authentication, with all secure encryption standards (including 3DES, AES, Blowfish and CAST) fully supported. GRE over IPSec can be used for tunneling between multiple NWB devices and facilitate destination based routing over IPSec tunnels (which normally would support only policy based routing).

128 / 256 bit encryption keys are available, and 4,096 bit certificates and keys are supported for authentication.

ADVANTAGES

  •   Secure connections for site-to-site, site-to-remote, and “road warrior” configurations
  •   Full Integration with Network Box firewall and IPS
  •   Policy control and enforcement
  •   LDAP integration for SSL and PPTP authentication
  •   Latest encryption technologies
  •   Support for IPsec, PPTP, SSL, L2TP, and GRE
  •   Inter-routable (ability to translate between VPN technologies)
  •   TOTP based Dual Factor Authentication
  •   Unlimited VPN licensing for physical solutions