IPSec VPN

With a built-in RFC 2865 compliant RADIUS server and a LDAP authentication broker that are enhanced with two-factor authentication, DualShield offers strong, two-factor authentication to any VPN remote access without compromising the user’s experience.

For IPSec VPN authentication, DualShield utilizes one-time passwords (OTP) and does not require users to install any new software. Users will continue to use the same VPN client as they’re using now, and simply enter a one-time password or a combination of their static password and one-time password in the place where the password is required.

Multiple Authentication Choices

DualShield provides a wide selection of portable OTP tokens in a variety of form factors, ranging from hardware tokens, software tokens, mobile tokens to USB tokens. These include:

• Deepnet SafeID
• Deepnet MobileID
• Deepnet GridID

• RSA SecurID
• VASCO DigiPass Go
• OATH-compliant OTP tokens

In addition to the support of one-time password, DualShield also supports on-demand password for IPSec VPN authentication. The product that provides on-demand password in the DualShield platform is Deepnet T-Pass. Deepnet T-Pass is an on-demand, token-less strong authentication that delivers logon passwords via SMS texts, phone calls, twitter direct messages or email messages.

Supported VPN Devices

DualShield supports any VPN devices or applications that employ RADIUS or SAML authentication protocol, including:

• Cisco ASA
• Citrix CAG/Netscaler
• Microsoft UAG & TMG
• Juniper SA

• Sonicwall
• Watchguard
• Barracuda
• Astaro

• Checkpoint
• NetMotion Mobility XE
• F5 FirePass
• Fortinet

• Aruba
• AEP
• Array Networks

DualShield for IPSec VPNs offers the ultimate security for VPN remote access without compromising the user’s experience.