IPsec or SSL?

IPsec can be a very complicated subject. The Defzone engineers strive to offer you VPN tools that are easy to manage yet offer speed and security. Starting with the 300 model all models support IPsec with industry standard encryption and authentication algorithms like 3DES, AES, MD-5 and SHA-1. The DES encryption algorithm is no longer considered secure and is only available for compatibility reasons. Defzone advices to use a combination of AES-128, SHA1 and DH group 2 in order to assure a high throughput and excellent security.

In the Defzone 700, 1650 series and 1850ssl we offer additional security for tunneling since these firewalls have the possibility to filter the tunnel traffic. For example: you only use your tunnel to connect to a terminal server at the head office using the TCP protocol and port 3389. You can set a policy that only allows that port 3389 and protocol TCP through that tunnel. Malicious traffic that uses other ports will be blocked thus securing home computers and laptops that are connecting to the main network.

Pre-shared Secrets as well as Certificates are supported. Defzone does not impose a licensing structure for their VPN implementation. You can deploy as many tunnels as you want (within the boundary of the unit's hardware specifications) against no additional costs. Defzone offers a free Multi-VPN client software for Windows. We recommend the use of our SSL VPN implementation in order to connect home workers and road warriors to the company's network. There are several good reasons to prefer SSL VPN over IPsec VPN, especially when dealing with mobile users. Please refer to our section about SSL/TLS VPN in order to get more insight in this matter.

The best use for IPsec tunnels is a site to site tunnel, while for road warriors a SSL/TLS tunnel is more appropriate. For a road warrior, there is no need for expensive and hard to configure IPsec-client software. The Defzone SSL/TLS solution is easy to configure (Defzone Multi VPN client) and is available free of charge. Although the Dezone IPsec solution does support remote users (home users and road warriors), SSL/TLS VPN is much more transparent in ever changing road warriors network environments (no NAT Traversal issues).

Practical firewall solutions?

A true VPN solution? Defzone is specialist in load balancing and failover technologies.

IPSec or SSL? Defzone gives you fast and flexible VPN connections.

Save your license expense

Defzone has no user licenses, no feature licenses, no update contracts, lower support costs, lower network documentation costs and... >>>

Solutions

DefZone has a portfolio of products for a wide range of organizations, from SoHo/SMB type of organizations up to large enterprises... >>>

Stop Spam !

Of the e-mails received everyday 90% is spam. Defzone helps you to reduce the load of spam on your people and network with... >>>

Service Offerings

Defzone offers a variety of customer services in order to get the most out of your Defzone Firewall.... >>>

Save your license expense

Defzone has no user licenses, no feature licenses, no update contracts, lower support costs, lower network documentation costs and... >>>

Solutions

DefZone has a portfolio of products for a wide range of organizations, from SoHo/SMB type of organizations up to large enterprises... >>>