German | English

HOBLink VPN 1.8 Enterprises expand their Security Policy with IPsec, Network Address Translation (NAT) and Strong Authentication. With HOBLink VPN you have a complete package for the creation of a Virtual Private Network infrastructure in your enterprise.
	Overview Download Free Test Version How to Purchase Further Information

 

Product Overview

The Internet is an economical and flexible network infrastructure that is available all over the world, 24 hours a day, 7 days a week. . Many enterprises use the Internet as a central communications platform, which can certainly be an effective cost-cutting measure. But how do these companies ensure the security and performance of their Internet communications?  It is of the utmost importance that internal network resources be protected from unauthorized access.

VPN - the Solution

HOBLink VPN is a modular security solution and part of the HOBLink Connectivity product range. The main component of this product range is "HOB Enterprise Access" (EA), a central platform for the configuration, management and administration of all HOBLink software products.

 

Sample scenario for HOBLink VPN deployment.

 

Even in the smallest version the administrator can use the EA functionalities. With HOBLink VPN the user has at his disposal the VPN Gateway und the VPN Client, the modules VPN configuration, VPN management and VPN LogView. If "HOB Enterprise Access" is already being used, the new modules are installed as "Plug-Ins." Objects and user settings that have already been defined remain the same.

 

Another component of HOBLink VPN is the "HOBLink Security Manager," which is used to generate X.509 certificates. HOBLink VPN is installed on PC hardware. This enables high scalability as regards performance.

Flexibility

The software to be installed is the same for the HOBLink VPN Gateways and Clients. The only difference is the configuration. Remote gateways can use economical DSL connections with a flat rate pricing policy. The "roaming" function enables operation without fixed IP addresses. HOBLink VPN provides "end-to-end" security, so there is no need at all for an ISP's VPN. This ISP independence provides great flexibility in the choice of regional ISPs, resulting in further savings potential.

Product Characteristics

• Protection of the private network from attacks over the Internet via the implementation of a Security Policy.
• Protection of the entire data communication in the enterprise through IPsec and IKE/ISAKMP standards (RFC 2401-ff) with strong encryption and authentication.
• User authentication with Radius (e.g., RSA ACE-Server)
• Smartcard authentication, TeleSec
• NAT - Network Address Translation, translation of source and target IP addresses ─ protects local addresses.
• NAT-T (Traversal) / UDP Encapsulation. IPsec over any router, firewalls and WLAN hotspots
• Central configuration, administration and management with HOBLink Enterprise Access (LDAP)
• Can be installed on PC platforms running under WinNT/W2K (others in development) roaming operation without fixed IP addresses (ISDN, DSL, wireless, GPRS, UMTS, analog, etc.)
• Application Level Gateway (FTP etc.)
• Security Manager for certificate generation
• Interoperable with third-party VPN Gateway products (insofar as they support RFC 2401-ff )
• The same "look & feel" for all software modules

Product Benefits

• Large potential savings through consolidation of communication lines for mobile users, home workers, branch offices, etc.
• Increase corporate security while at the same time sparing company resources
• Raises efficiency
• VPN users can call up data directly - mapping and directory structure are unaffected (Look & Feel same as in the LAN)
• Secures comprehensive communication
• Easy administration
• Location independent
• Completely scalable, all the way down to the individual user. The number of VPN tunnels depends on the deployed PC hardware and the type of encryption

Security

HOBLink VPN combines comprehensive security with the greatest flexibility. It also has the indispensable firewall functionality with "NAT" and "Security Policy." The security policy is applied to all Gateways and VPN Clients (Personal Client Security). The entire configuration, administration and management are based on SSL. With the certificate manager the administrator can generate and manage the corresponding SSL and VPN keys. Thus authenticity and integrity are ensured.

Authenticity:

By using pre-shared keys, DSA and RSA digital signatures HOBLink VPN guarantees that the information that you receive really does come from the claimed source.

Integrity:

Both the Authentication Header (AH) and the Encapsulating Security Payload (ESP) can use the Hash methods MD5 and/or SHA to detect data manipulation. In this way it is assured that the received message has not been tampered with.

Confidentiality:

Through the use of IPsec (ESP), HOBLink VPN makes certain that nobody is in a position to decrypt data sent between the sender and recipient. HOBLink VPN allows you to choose between the encryption methods AES (128/256 Bit), 3DES, DES, RC4, BLOWFISH, CAST, DES, DES_IV32, DES_IV64.

UDP Encapsulation (NAT-T)

Now you can use all public hot spots with your own VPN client, just as well as private IP address ranges (e.g., mobile networks). IPsec is packed into UDP packets. In this way, HOBLink VPN supports connections over NAT devices. These can be, for example,  DSL routers or firewalls. Due to the UDP encapsulation, multiple tunnels can be established.

Extended Dialer Function

All connections that a client uses can be conveniently placed as icons on your desktop. To connect, just double-click..

Radius Protocol Implementation

Another authentication method available with HOBLink VPN is that implemented with the RADIUS protocol. This is used for interaction with Radius servers or authentication solutions that permit the use of authentication tokens, e.g., RSA SecurID

Local Preshared Keys

To further increase security, HOBLink VPN now supports preshared keys. The users save these to their local clients and use them for authentication. Usually, a corporation would store the preshared keys in LDAP servers or the HOB Enterprise Access Server. During authentication, they are encrypted and sent to the client. Theoretically, a user could read out and decrypt the encrypted key on the LDAP or EA Server. The local preshared keys effectively prevent this.

TeleSec Card Support

HOBLink VPN now supports authentication with TeleSec SmartCards.

Additional Features

• Full implementation of IPsec standards: 
  AH/ESP, Tunnel-Mode in acc. w. RFC 2401 ff
• Support for certificates, digital signatures with integrated Security Manager, PKI
• Complete control of the IP data traffic on the basis of an individually created security policy
• Configurable control of services/ports
• HOB Enterprise Access (EA) configuration
• Optional data compression.

HOBLink VPN Gateway und HOBLink VPN Client are fully integrated in the "HOB Enterprise Access" design which can be used to configure and administrate them. With HOB Enterprise Access the administrator can centrally manage all user and configuration data.

This is especially advantageous when there are many users and/or network objects to manage or create. An optional connection to conventional LDAP servers and data import/export is also supported by HOB Enterprise Access (EA).

User data need no longer be created nor stored in several locations. The configuration can be placed in a tree structure in HOB EA or in LDAP.

The Most Important Benefits of HOB Enterprise Access:

• Central Configuration
• Central Administration
• Central Management
• Inheritance of network objects by gateways and clients
• SSL security for communications between Enterprise Access Server, the administrator and the gateway or client.

With the inheritance function for configuration data, gateways and clients can be added quickly and easily, and policies can be just as easily changed. There is also a plausibility check for the security policy. The entire configuration and management console is intuitively designed,  making the administrator's tasks simpler to perform.

Remote Management

Below is a listing of the most important functions of the module "HOBLink VPN – Remote Management":

• Starting and stopping of the VPN
• Editing startup options
• Editing network configuration
• Booting the system
• Querying the software version
• Installing updates, patches
• Importing new license codes.

LogView

With LogView the administrator can monitor all processes relevant to the individual policies for which the auditing function has been activated. To reduce the amount of data to be transferred, a time limit can be set. It is also possible to filter for specific data, e.g., IP address, protocol, policy number action, etc. 

 

Download Free Test Version

 

How to Purchase

HOBLink VPN can be obtained from an:

• HOB Business Partner
• HOB Qualified HOBLink Reseller

Further Information

Datasheet (.pdf)

Administrator Guide

 

Further Information / How to Purchase

You can get further information on or purchase HOB products from any of our international offices or from HOB International Distributors & Resellers.

For technical information please contact our support department.

 

 

 

 

webmaster@hobsoft.com, Last Updated: 19-May-10

Home Privacy Contact Directions Software Tests Impressum