CRYPTOPRO NGATE –
ALL-IN-ONE SOLUTION TO
PROTECT COMMUNICATIONS
CryptoPro NGate is a high-performance VPN gateway based on the TLS protocol. CryptoPro NGate enables administrators to organize a protected remote user access to corporate resources via insecure networks (e. g. the Internet).
The CryptoPro NGate gateway has flexible access settings. Using it, employees of a company can log in to enterprise servers from any device (using different ways including an access via browser), according to access policies managed by an enterprise network administrator.
CryptoPro NGate main features
■ Simple access differentiation. In contrast to similar systems available in the market, CryptoPro NGate provides an opportunity for communicating with remote users with the use of multi-factor authentication. That implies that users can access only certain resources in accordance to established at an enterprise. As a result, it becomes much easier to administer a range of different user groups that have access to many various resources. It helps to reduce the number of errors in administration and the risk of confidential data leakage.
■ Client applications for different platforms. Currently, many software solutions for accessing company resources through VPN gateway client do not have client applications for several widely used platforms. However, there is no such problem when using CryptoPro NGate, because it has VPN clients for Windows, Linux, macOS, iOS and Android for various device types, making it easier to manage connections.
■ Access through browser. When accessing through a browser, users enter their personal portal, customized according to their roles. The portal displays a list of resources a user can access in compliance with corporate policies. The list of resources can contain both web resources and client-server applications.
■ TLS offloading. NGate can be used for offloading the resource-intensive TLS connections on backend servers. This can help to improve their performance and to reduce the load on content delivery servers, enabling them to perform their main functions stably.
Advantages of CryproPro NGate
■ Low hardware platform requirements. The well-designed and optimized VPN gateway provides high performance and productivity even if not very powerful hardware is used. This means that the hardware platform requirements for both gateway and remote users become lower.
■ Scalability. CryproPro NGate is easily scalable and can be used in different scenarios. The gateway ensures a simultaneous operation of up to 35.000 connections with one device. Furthermore, there exists an opportunity of improving the gateway performance by scaling the hardware vertically. The performance of a single gateway is also high; data streams up to 10 Gbit / s can be processed. Moreover, the solution can ensure the security of much bigger data streams in cluster configurations (up to 32 gateways in a cluster simultaneously).
■ Compatibility. Compatibility with various products implementing the TLS protocol is ensured.
■ Cluster configuration. A high-performance gateway cluster with a load balancer can be configured. In the cluster, where all sessions are synchronized, up to 32 devices can work.
Various types and characteristics of hardware platforms (russian lang)
Technical characteristics of access gateways
■ Gateway capacity in VPN mode with authentication — up to 10 Gb / s;
■ Simultaneous authenticated connections support — up to 35.000;
■ Processing up to 8.000 new connections per second;
■ Configuration of application access permissions for remote users based on policies;
■ Integration with Active Directory;
■ Identifying users by different methods:
— using Active Directory or LDAP;
— using certificates;
— using an internal user database.
■ Access differentiation based on user certificate fields;
■ Connecting remote users with both a VPN client and portal access (through a browser);
■ Working in a virtual environment;
■ NTP (Network Time Protocol) support;
■ SNI (Server Name Indication) support.