G/On

Scale-up remote working – without sacrificing security

Instant, secure access to your network, applications and data — from home PCs and Macs

G/On is an integrated, secure remote access solution, providing a safe environment for remote workers. It features two-factor authentication, authorisation, data encryption, network protection and secure application access. G/On makes it simple to implement, manage and control access to company data and applications.

Get in touch to find out more

No need for a VPN

G/On replaces your VPN connections with a software-defined perimeter. Operating on a zero-trust basis, G/On only allows verified users in and completely separates your network from the outside world.

Truly mobile

Launch the G/On-client from any unmanaged, private Windows or Mac computer – regardless of location. Everything users need for secure remote working is on a single USB-key, with a mobility smartcard inside. Single-sign-on is standard.

Easy to use

G/On is easy to use and fast to get started. No need for technical knowledge or any changes to the computer configuration. After logging in, users have immediate and secure access to their applications. Simple.

Scalable without complexity

Scaling remote access solutions is typically costly and time-consuming. Solutions rely on multiple products, working together to make remote connections secure. This complexity means most remote access solutions do not scale well.

G/On is different. It’s quick to install and provides everything users need to access company resources securely. G/On has built-in features for redundancy and load balancing, which means organisations can scale up home working in minutes, rather than weeks.

Add extra gateways in minutes
Built-in load balancing and redundancy
Field enrolment for fast user onboarding

Download Datasheet

Central management console

G/On provides full control over settings, users and usage. IT admins can control application access, prevent copy/paste/downloads and allow file downloads in a dedicated secure environment.

Strong two-factor authentication

Remove the risk of man-in-the-middle attacks with mutual strong two-factor authentication – the client authenticates the server, and the server authenticates the client.

Access based on permission rules

Users have application access based on permission rules or Active Directory group membership. No need to remember URLs or other information to access applications.

Unlock scalable, secure remote working without compromise. Start your G/On journey today.

Get started

Product details

G/On Specification

G/On Gateway Server
Platform	Windows
Operating systems version	Windows Server 2019 or Windows Server 2016*
Number of users	Up to 2.000 per gateway
Supported authentication server	Active Directory, LDAP and local accounts
* Even though G/On Server will install and run on Windows Server 2008, Windows Server 2008R2, Windows Server 2012, Windows Server 2012R2 these platforms are not anymore supported from G-On version 7.0 or above

G/On Database (optional)
Platform	Microsoft SQL Server
Operating systems version	• Microsoft SQL Server 2012, 2014, 2016, 2017 and 2019, • Microsoft SQL Server Express 2012, 2014, 2016, 2017 and 2019

G/ON CLIENT
Platform	Windows, Mac OS and Linux
Operating systems version	• Windows 10 64-bit only* • macOS 10.15 (Catalina) or later or macOS 11.2 (Big Sur) or later, both Intel and Apple silicon G/On OS 30 or later based on Fedora Linux v30 or later
* G/On client also works on Windows 7 and Windows 8.1, however, these platforms are not supported anymore

G/ON TOKEN
Platform	Windows, Mac OS and Linux
Token types	USB and Windows G/On USB Token including built-in Smartcard for two-factor mutual authentication SoftToken on any USB, 2 GB or larger Computer User Token installed on Windows platform

G/On Options

G/On OS is a secure container added to G/On to have a full lock-down in the client side. Other features include:

G/On OS is a hardened, minimal Fedora Linux image, which is booted directly into memory from the G/On USB Token. It does not include drivers to access hard disks, so there is no way to leave data behind, or transmit data from the computer used.
G/On OS comes full features with application clients for Citrix, RDP, VNC, Browsers and much more.
G/On OS is locked down to only allow access to the SecureGateway it was originally enrolled on.

G/On Components

Secure Gateway

Prevents the corporate application servers from having to be Internet-facing.

Data in transit between the gateway and the remote client is always encrypted using FIPS 140.2 certified AES 256-bit encryption.
Provides proxy services and DNS name resolving on the internal network to offer full functionality to the applications on the client.
Offers automatic load-balancing and fail-over functionality and works with third-party load-balancing products.
Additional gateways are easily created in seconds using a Gateway installer.

G/On client

Connects applications on the client to resources inside the corporate network, without a VPN. After mutual two-factor authentication, the gateway server sends a menu-object to the client that contains the start-up configuration for each application the user can use at that device, location and/or time.

Other features include:

Unavailable applications are not visible and access rights are enforced in the gateway, preventing the user from starting not allowed applications or elevating access rights.
The G/On-client also provides the automatic launch of applications and single-sign-on (SSO).
The client can encapsulate all traffic in HTTP and traverse proxies, without sacrificing on security.
G/On clients are easily created using a G/On Client Installer, either by the admin or an end user and are available for Windows, MacOS and selected Linux-distributions.

G/On USB Token

A small USB form factor token with a mobile smartcard integrated in the MicroSD-card. End users receive a fully functional G/On client which is either pre-enrolled, or the end user goes through a simple enrolment process to activate the G/On client. During enrolment, the smartcard generates a private/public keypair. The public key is used for smartcard authentication, the private key is protected by the smartcard and can never leave it. The G/On USB-token can therefore be uniquely identified based on the Smartcard private/public keypair during authentication time.

G/On Desktop Client

Runs from a computer instead of a G/On USB-token and uses the computer as a second authentication factor instead of a smartcard. Only available on Windows.

G/On Infrastructure