The 5 challenges G/On solves / Technology Highlights / Technical Information / Products / Home

Authenticate the user

G/On features 2-factor user authentication. Each G/On client is tied to one or more unique hardware identifiers on the USB key or the PC on which they are installed so the G/On Server can absolutely verify them. This makes these physical objects “something you have”, while your username and password is “something you know”.

G/On also features mutual client/server authentication to prevent phishing.

Secure the device

Ensuring that every PC is always 100% secure is impossible so G/On avoids this problem.

The PC hosting a G/On connection never becomes a node on your network, and our unique “lock to process” feature prevents any unknown applications from executing once the G/On application connection has been established. This prevents external viruses, Trojans or malware from exploiting the existing connection to spread into the internal system.

Protect the data

G/On does not use VPN tunnelling protocols such as IPSec, SSL, L2TP and PTPP.

Instead it simply encrypts all data using 256-bit AES. Checksums are then used to prevent man-in-the-middle, relay and spoofing attacks. This ensures both high performance and stable connectivity.

Control network access

The G/On Server only responds to legitimate G/On clients that know its unique shared secret. All G/On traffic enters via just one port on the firewall. (IANA has assigned Port 3945 to EMCADS traffic but the system can also be set up to use any TCP port.)

Manage application access

The G/On Server enables IT administrators to manage every aspect of every connection. Access to applications can be defined based on where you connect from, what group you belong to in Active Directory and who you are.


Authenticate the user G/On features 2-factor user authentication. Each G/On client is tied to one or more unique hardware identifiers on the USB key or the PC on which they are installed so the G/On Server can absolutely verify them. This makes these physical objects “something you have”, while your username and password is “something you know”. G/On also features mutual client/server authentication to prevent phishing.

Secure the device Ensuring that every PC is always 100% secure is impossible so G/On avoids this problem. The PC hosting a G/On connection never becomes a node on your network, and our unique “lock to process” feature prevents any unknown applications from executing once the G/On application connection has been established. This prevents external viruses, Trojans or malware from exploiting the existing connection to spread into the internal system.

Protect the data G/On does not use VPN tunnelling protocols such as IPSec, SSL, L2TP and PTPP. Instead it simply encrypts all data using 256-bit AES. Checksums are then used to prevent man-in-the-middle, relay and spoofing attacks. This ensures both high performance and stable connectivity.

Control network access The G/On Server only responds to legitimate G/On clients that know its unique shared secret. All G/On traffic enters via just one port on the firewall. (IANA has assigned Port 3945 to EMCADS traffic but the system can also be set up to use any TCP port.)

Manage application access The G/On Server enables IT administrators to manage every aspect of every connection. Access to applications can be defined based on where you connect from, what group you belong to in Active Directory and who you are.