Rock VPN - Workstation Protector

The Rock VPN Workstation Software is a part of the Rock VPN suite of products. Used in conjunction with other Rock VPN product models or with third party IPSec compliant products, the Workstation Software allows you to set up secured communications between your workstation and other user workstations, servers or networks.

Product Description

The Rock VPN Workstation Software is an easy-to-use package that allows you to communicate securely with other Rock VPN and other IPSec compliant Virtual Private Network products. The Rock VPN Workstation Software package extends the network stack of the operating system to provide full-featured communication security. It is a standards-based product using the IETF IPSec and IKE protocols. With the Workstation Software you can selectively enable privacy, integrity and authenticity of information sent from your PC to another IPSec-enabled PC or gateway. The secure traffic can be safely sent across the Internet and other untrusted networks, allowing you to participate securely in user communities, corporate or dial-up VPNs, as well as Intranet VPNs.

Benefits

With the Workstation Software, end-users can simultaneously participate in a number of VPNs. Its comprehensive IPSec functionality, peer-to-peer operation, combined with various strong encryption algorithms makes it flexible and versatile to be deployed in any situation.

Features and Specifications

IPSec features supported:

• AH/ESP tunnel and transport mode
• Main, Quick and Aggressive modes
• Expiration of Security Associations (SAs) using time and/or kilobytes
• NAT Traversal
• Path MTU discovery

Platforms supported:

• Model number Workstation Protector:
• Windows 95/98/ME
• Windows NT 4.0 (Service Pack 3 and above)
• Windows 2000

Network support:

• Ethernet
• Dial-up

Smart card support:

• TeleSec PKS Netkey
• TeleSec NKS Netkey

Encryption algorithms supported:

• DES (56 bit), 3DES (168 bit)
• IDEA (128 bit)
• Blowfish (40 - 446 bit)
• AES /Rijndael (128, 192 or 256 bit)

Authentication and Key Exchange support:

• IKE (formerly known as ISAKMP/Oakley)
• Diffie-Hellman (768, 1024 bit)
• RSA (1024, 2048 bit)
• Signatures: RSA, DSS, X.509
• Pre-shared secrets
• Perfect forward secrecy (PFS) support for Diffie-Hellman in Quick Mode
• Private keys can be PIN protected

Hash functions supported:

• MD5
• SHA1

Standards supported:

• IETF IPSec
• ISO X.509 v3
• PKCS #1, #10, #12
• SCEP / CMP

Certification Authorities supported:

• VeriSign
• RSA Data Security Certificate Server (Keon)
• Baltimore
• Entrust

Certificate Management:

• Automatic retrieval and processing of certificates and Certificate Revocation Lists (CRLs)
• X.509v3 certificates supported
• Automatic certificate enrolment using SCEP / CMP

Management:

• Flexible to support organisation’s security policy
• GUI-based configuration
• Use of wizards for installation and configuration
• Live configuration
• Granular control based on IP address, subnet address, address range, port and protocol
• Event log viewer
• Security Association (SA) monitor (both phase I and II)
• Quick policy selection
• Password protection for policy
• Management software included for
• Remote management
• Local management
• Centrally manageable using Central Manager

Download PDF Version: