|
Strong 2-factor authentication
|
No. Requires users to invest in secure token solution.
|
No. Requires users to invest in secure token solution.
|
Yes - integral part of the solution.
|
|
User Device Security
|
Having a VPN client installed on the PC limits you to that PC. It also increases the need for strong authentication as anyone who can access that PC can potentially launch the connection.
Additional tools may be required that use downloadable Active X or Java components to check the PC's security status or erase traces of the user's session.
Other supplementary solutions include personal firewalls, antivirus and anti-spyware service, and encrypted hard drives.
|
Having to rely on the web browser of a PC you have no control over increases the need for end-point security.
Additional tools may be required that use downloadable Active X or Java components to check the PC's security status or erase traces of the user's session.
Other supplementary solutions include personal firewalls, antivirus and anti-spyware services.
|
The G/On client creates a nodeless connection to the G/On Server. This means the PC hosting the connection does not become part of the network. This significantly minimizes the risk of viruses and worms etc. being replicated into the network.
Also, G/On only connects users to the specific applications. Further, this can be regulated based on which PC they are using and where they are connecting from (IP address and subnet mask) via the Zones feature.
|
|
Application isolation and protection
|
None
Remote PC is connected directly to the company network.
|
None
SSL's use a browser as the application client.
|
Each application launched by the user gets its own encrypted connection. G/On's unique "Lock-to-Process" technology prevents other applications from exploiting the connections. This effectively avoids malware from infecting company networks.
|
|
End-to-end AES data encryption
|
Many legacy IPSec VPNs still use slow heavy encryption schemes such as 3DES. VPNs typically encrypt the tunnel but not the data.
|
Limited to 128-bit SSL encryption. Hardware acceleration is often required for large groups of users.
|
G/On uses 256-bit AES as default. Checksums are included to ensure data integrity.
|
|
SUMMARY
|
Higher cost of ownership than SSL VPNs due to need to install a client. Adding a secure token solution further increases cost.
|
Cheaper than IPSec VPNs but more vulnerable to spyware and limited to web-enabled applications.
|
Best value for money because it includes 2-factor authentication, as well as mutual client/server authentication. G/On also avoids the risk involved with providing full network access plus it encrypts all the data end-to-end.
|
