NEW IN G/ON 5.4

Licensing
G/On for iPad and iPhone
Hardware & Software Requirements
G/On Management & Configuration
New in G/On Management
Server Side Security
New options for access
Support for IPv6
New Menu Actions
 
Quotes
"Weeks and weeks go by without me ever seeing a service problem"
Henrik Jensen, IT Specialist, Vaekstfonden
 

 

G/On 5.5 - Secure Access from iPad & iPhone

June 7, 2011

  

G/On 5.5: Enterprise Class Security for iPad & iPhone

  

Today, Giritech releases version 5.5 of the award winning secure virtual access solution G/On. In addition to offer user the flexibility to work securely from anywhere using Windows, Mac, or Linux, G/On now also offers fully integrated secure access from Apple iOS bringing enterprise class security to iPhone and iPad.
Giritech gives users and businesses entirely new, simpler and more exciting options for remote and local access to business applications and data without compromising on security.
  • Users are getting maximum flexibility and can work from anywhere on Windows, Mac, Linux, iPad and iPhone
  • IT administrators have one tool of managing precisely what applications users can access under given circumstances
   

Free Download of G/On for iOS:

The G/On Client for iOS is downloaded for free on Apple's App Store to your iPad or iPhone. It is pre-configured for secure access to Giritech's demo site so you can immediately see for yourself how you can use iPad and iPhone in your business without compromising on security.

   

Test secure iPad/iPhone access to your own business applications:

Once you have installed the G/On Client for iOS from Apple's App Store, you can download a trial-version of the G/On Server here and get iPad and iPhone access to your own business applications.

Download Giritech Product Announcement here.

  

Download a demo client for G/On here

  

Click here to go directly to the G/On 5.5 Download section.

  
   
   

G/On 5.5 Key Highlights

Key highlights of G/On 5.5 are:

  • Use of iPad and iPhone:
    • Secure access to company web-mail, portals, intranets and other web applications
    • Secure access to Terminal Server farms, employee PC in office, or virtual desktops
    • Integrated two-factor authentication using the iPad or iPhone as authentication token
  • Superior user experience with options for single sign-on managed by the G/On Server
    • Secure access to Terminal Server farms
    • Secure access to Citrix farms
    • Secure access to web servers (single sign-on dependent on configuration)
  • New options for access to Microsoft SharePoint server and file shares
  • New options for managed access controlled by time & place, OS type, and Windows Security Center
  • New features in G/On Management, Configuration, and Reporting
  • Improved server side security and role based G/On Management client
  • Limited support for IPv6
  • Options for configuration of back-end application server fail-over and load sharing (not to be confused with G/On Gateway Server fail-over and load sharing which is part of the G/On Client configuration)
   

Licensing

New customers: Please read here for details on how to acquire a G/On license.

G/On 5.5 introduces a new and flexible licensing structure that allows for very price competitive G/On configurations targeted for specific purposes:

  • G/On for RDP: Secure Remote Desktop access to office PC, virtual desktop, and Terminal Server farms
  • G/On for Citrix: Secure access to Citrix farms
  • G/On for Web Apps: Secure access to web applications like web-mail, portals, intranets, SharePoint server etc.

Existing G/On 5 customers: All existing G/On 5 customers on active maintenance are eligible for a free upgrade to G/On 5.5.

G/On 5.5 introduces two new optional features:

  • Zones: Must be licensed separately by all new customers, but is included for existing customers
  • Application Server Fail-Over & Load Sharing: Must be licensed separately by all customers

Other license changes in G/On 5.5:

  1. A new product "G/On Server" is introduced and required for all customers and will automatically be included for all existing customers. G/On Server includes these server features that previously were optionally
    • Multiple Client Connect Ports
    • HTTP Encapsulation
    • Active Directory User Directory
    • Field Enrollment
  2. Every UAL - User Access License now contains one (1) Token Access License.
  3. Functionality of "Multiport Port Forward" is now included and feature terminated
  4. Functionality of "Launch Parameter File" is now included and feature terminated
  5. Client Feature "G/On Secure Desktop" is renamed to G/On OS
  6. G/On Help is terminated for new sales (all features)

Existing customers should contact their Giritech Partner for details. See here for G/On configurations and features.

Existing G/On 3.x customers: Existing G/On 3.x customers on active maintenance are offered software price protection when upgrading to G/On 5. Existing customers should contact their Giritech Partner for details.
Please notice: G/On 3.x customers using the first generation G/On USB H1 64MB keys will not be able to use these keys with G/On 5.

Top of Page

 
   

G/On 5.5 in Detail

Read all about G/On for iPad and iPhone here

Top of Page

 
   

Support for the latest releases of client and server OS and service packs.

See here for details: G/On Hardware and Software Requirements

   

Setup and Management of Multiple Gateway Servers

A G/On Server consists of one G/On Management server and multiple G/On Gateway servers. Multiple gateway servers scale a G/On Server to handle any number of users and provides for fail-over and load balancing. Rather than the manual configuration required in previous versions, G/On 5.5 is now including tools for installation, configuration, upgrade and management of gateway servers. Management features include:

  • Server monitoring and exception reporting
  • Stop/Restart scheduling based on user activity

The new features offer seamless and dynamic expansion of the G/On throughput by adding more server capacity as needed and without the need for any load balancing devices and other layers of infrastructure in front of the G/On Servers.

Other new features for setup and configuration

  • Support for application server fail-over/load-sharing on server side
    • A single menu action can, for instance, connect to multiple servers in a Citrix farm to avoid single point of failure for access to application servers (new Server Feature, “Application Server Fail Over & Load Sharing” requiring separate licensing)
  • Tools for configuration of interface to multiple AD and LDAP user directories
  • Automatic detection of SQL Server language encoding
  • File chooser for deployment of license file
  • Options for forced or optional client package updates at connect time for enhanced user experience
  • Functionality for automatic updates to Client Connect Address and Client Connect Port out to the clients for seamless support for added server capacity, fail over and load balancing

Top of Page

 
   

New features and improvements in G/On Management

In addition to the management of multiple gateway servers described above, a significant amount of work has been put into new features and improvements of the G/On Management server and the G/On Management client:

  • Management of active user sessions including monitoring, disconnect and update of user’s current menu
  • New reports and new reporting capabilities with drill downs to details
  • License content and compliance view
  • Review and management of users registered for G/On access
  • Improved user menu design
  • Improved G/On Management Client performance
  • Improved usability
   

Server Side Security

To fully meet the needs of organizations with separation of administrative functions and security policies in highly security focused organizations, the G/On Server has been enhanced with the following functionality:

  • The functions of the G/On Management Server are managed by a configurable role-based access control system that enables organizations to design roles for different administrative tasks. For instance, one admin role for managing access policies and another role for managing USB tokens for users.
  • Communication between the G/On Management Client and the G/On Management Server is encrypted
  • Sensitive data in configuration files (.ini files) is obfuscated
  • Additional counter measures against DOS attacks have been implemented on the G/On Gateway server.
   

New options for managing and controlling user access through G/On

G/On 5.5 adds new capabilities for managing user authentication and application authorization. This includes the ability to deny access to applications that have otherwise been authorized, if there are indications that the type, status, and external IP address of the user device does not conform with specified requirements.

  • New property on user adds date and time range for valid user authentication. Typically used for setting up temporary access for, say, external contractors.
  • Introducing “Zones” – defines circumstances – or context - for authorization of application access based on
    • IP range on the G/On Client and IP range on the G/On Server *)
    • Time of day/day of week
    • Operating System type and version
    • Status of the Windows Security Center

*) Please notice: Zone restriction on client IP addresses is not supported in release 5.5 for HTTP encapsulated client connections.

Top of Page

 
   

Limited support for IPv6

G/On 5.5 supports IPv6 for Client Connect IP Addresses which will enable the use of G/On for those organizations that are already now forced to use IPv6 for their public IP address(es). Please notice: G/On 5.5 does not support IPv6 for HTTP Encapsulated client connections. On the server side, IPv6 is only supported for connections between (separately installed) Gateway servers and the Management server.

   

Support for new application connectivity launch types and menu action templates

  • A new HTTP Proxy Protocol connection launch type with server side Single Sign-On for http basic authentication, application (web) server white listing, and server side DNS name resolution (requires “G/On for Web Apps”)
    • For instance for access to corporate intranets, Microsoft SharePoint Server and web apps
  • A new Transparent HTTP Proxy Protocol connection with server side Single Sign-On for http basic authentication and application server white listing (requires “G/On for Web Apps”)For instance for access to corporate network folders on WebDAV servers
  • A new SOCKS Proxy Protocol connection launch type (requires “G/On for Web Apps”)
  • New Menu Action Templates for
    • Access to intranets and web apps with Single Sign-On using IE based browser (GIPIE, see below)
    • Access to intranets and web apps with Single Sign-On using Firefox
    • Access to WebDAV servers with Single Sign-On
    • Access to servers via SSH (Secure Shell)
  • Full support for access to Terminal Server farms with server side Single Sign-On (was experimental in previous version – requires “G/On for RDP”). Includes support for:
    • TS Remote Apps
    • TS Connection Broker and redirection messages
  • Full support for IE-based G/On browser, GIPIE (was experimental in previous version). Supports:
    • Server side Single Sign-On for http basic authentication
    • Access to intranets, Microsoft SharePoint, and other web apps
  • New experimental RDP client (FreeRDP) for Windows and Linux
  • General improvements and enhancements of templates and menu creation wizards
eZ Publish™ copyright © 1999-2012 eZ systems as