G/On creates one access route to the internal applications and uses internal DNS servers. The SecureGateway isolates the remote computer from the internal network. Users can still use their personal applications.
G/On provides two-factor mutual device and user authentication If required, it can connect a user identity to a device.
No complex start-up and login procedures. Insert the G/On USB Token, launch the G/On Client, log in with AD credentials and select the apps needed. Single-sign-on is include and the most used apps can automatically be started after authentication.
G/On is available for Windows, MacOS and Linux (selected distributions).
G/On OS is a secure container added to G/On to have a full lock-down in the client side. Other features include:
- G/On OS is a hardened, minimal Fedora Linux image, which is booted directly into memory from the G/On USB Token. It does not include drivers to access hard disks, so there is no way to leave data behind, or transmit data from the computer used.
- G/On OS comes full features with application clients for Citrix, RDP, VNC, Browsers and much more.
- G/On OS is locked down to only allow access to the SecureGateway it was originally enrolled on.
Prevents the corporate application servers from having to be Internet-facing.
- Data in transit between the gateway and the remote client is always encrypted using FIPS 140.2 certified AES 256-bit encryption.
- Provides proxy services and DNS name resolving on the internal network to offer full functionality to the applications on the client.
- Offers automatic load-balancing and fail-over functionality and works with third-party load-balancing products.
- Additional gateways are easily created in seconds using a Gateway installer.
Connects applications on the client to resources inside the corporate network, without a VPN. After mutual two-factor authentication, the gateway server sends a menu-object to the client that contains the start-up configuration for each application the user can use at that device, location and/or time.
Other features include:
- Unavailable applications are not visible and access rights are enforced in the gateway, preventing the user from starting not allowed applications or elevating access rights.
- The G/On-client also provides the automatic launch of applications and single-sign-on (SSO).
- The client can encapsulate all traffic in HTTP and traverse proxies, without sacrificing on security.
- G/On clients are easily created using a G/On Client Installer, either by the admin or an end user and are available for Windows, MacOS and selected Linux-distributions.
G/ON USB TOKEN
A small USB form factor token with a mobile smartcard integrated in the MicroSD-card. End users receive a fully functional G/On client which is either pre-enrolled, or the end user goes through a simple enrolment process to activate the G/On client. During enrolment, the smartcard generates a private/public keypair. The public key is used for smartcard authentication, the private key is protected by the smartcard and can never leave it. The G/On USB-token can therefore be uniquely identified based on the Smartcard private/public keypair during authentication time.
G/ON DESKTOP CLIENT
Runs from a computer instead of a G/On USB-token and uses the computer as a second authentication factor instead of a smartcard. Only available on Windows.