•••••••

Support of Windows 10, 8.x, 7 and VistaIKEv1, IKEv2, IKE Config Mode, X-Auth, certificates (X.509)Independent Licence De- and ReactivationEasy installation with wizard / assistantSupport of IPSec over TCP, NCP Path Finder technologyIntegrated WLAN configuration3G UMTS/4G LTE dialer with integrated budget manager

bintec Secure IPSec Client - for professional application

bintec Secure IPSec Client

bintec Secure IPSec Client07.06.2016

Subject to technical alterations

Page 2 / 6

bintec elmeg GmbH - Suedwestpark 94 - 90449 Nuremberg - GermanyPhone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25E-Mail: info@bintec-elmeg.com - www.bintec-elmeg.com

bintec Secure IPSec Client - for professional application

The bintec Secure IPSec Client is a powerful IPSec software application for professional remoteaccess VPN solutions. It enables secure remote access to company data for mobile employeesand telecommuters.

Product description

The bintec Secure IPSec Client supports the Microsoft 32-bit and 64-bit Operating SystemsWindows 10, Windows 8.x, Windows 7, Vista, and it enables secure remote access to companydata. Based on IPSec standards and in combination with VPN Gateways of bintec elmeg GmbHthe bintec Secure IPSec Client realizes secured tunnels for access to the central datanetwork. The integrated Personal Firewall ensures the protection of the end user system.

A wizard leads through the installation and a configuration assistant helps to create a preciseconnection profile. Is the VPN connection established, the user applies to the applications infamiliar manner, without thinking about security functions. Furthermore the graphical userinterface informs about the current VPN tunnel connection status.

Featured with comprehensive security functions, the Secure IPSec Client is an ideal solution forhome offices or mobile employees with a need for a secured remote access to delicate centralcompany data.

bintec Secure IPSec Client

bintec Secure IPSec Client07.06.2016

Subject to technical alterations

Page 3 / 6

bintec elmeg GmbH - Suedwestpark 94 - 90449 Nuremberg - GermanyPhone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25E-Mail: info@bintec-elmeg.com - www.bintec-elmeg.com

Features

•

••

••••••

•••

•

The bintec Secure IPSec Client is applicable in any VPN environments. Itallows communication between  VPN Gateways of severalmanufacturers using the standard compliant IPSecimplementation. Furthermore the bintec Secure IPSec Client supportsall current operating systems. Additional features admit theimplementation of integrated remote access VPN solutions.

The features (amongst others):Dial-In via different media types  (LAN, WLAN, 4G-LTE, 3G-UMTS,xDSL, ISDN) and automatic assortment of the necessary media typeCompatibility with VPN gateways of different manufacturersSupports Windows 8, Windows 7, Vista, and Windows XP (32- and64-bit)Adoption of strong authentication and encryption methodSupport of IPSec over TCP, based on the NCP Path Finder technologyIntegrated Personal FirewallPrioritization of VoIP dataAutomatic Hotsport identificationTransparent authentication at the access point via predefined logindataIntegrated WLAN configurationprevention for misuse of dial applications (0190 and 0900Extensive IPSec functions - Dead Peer Detection, NAT-Traversal, IKEConfig Mode, IKE X-AuthEase of use (graphical user interface)

Secure

•••••••••

IPv6-ready dynamic personal firewallEncryptionStrong authentication and encryptionFIPS 140-2 certifiedSupport for multiple certificatesParameter locksAutomatic modification of firewall rulesProtection against malicious dialer software (0190 and 0900)Integrated personal firewall

User-friendly

•••••

Convenient to use thanks to graphical user interfaceIntegrated support for 3G/4G hardwareConnectivity-awareAutomatic hotspot detectionSeamless roaming - VPN remains intact when device switches to a different network

bintec Secure IPSec Client07.06.2016

Subject to technical alterations

Page 4 / 6

bintec elmeg GmbH - Suedwestpark 94 - 90449 Nuremberg - GermanyPhone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25E-Mail: info@bintec-elmeg.com - www.bintec-elmeg.com

Mobile

•••

Automatic connection to the company networkContinuously stable VPN connectionsSupport for IPSec over TCP based on NCP PathFinder technology

Notes on installing bintec-elmeg Secure Client 3.x

In case of an update of the operating system Windows 7, Windows 8 or Windows 8.1 to Windows10, please note obligatory to uninstall the bintec elmeg Secure Client before updating!Thereby it's recommended to save the configuration file as well as the used certificatesseparatly.Only after finishing the update to Windows 10, installation of the bintec elmeg Secure Client(v3.02 or higher) should take place.

No restrictions apply when installing bintec-elmeg Secure IPSec Client on a Windows 8 system forthe first time. If a bintec elmeg Secure Client has been installed on the system previously,however, it must first be completely uninstalled before installing version 3.0.

Variants

IPSEC-VPN-CLIENT5 (80512) 5 x bintec elmeg Secure IPSec Clients, supports Windows 10, 8, 7 � (32/64 Bit)

IPSEC-VPN-CLIENT10 (80513) 10 x bintec elmeg Secure IPSec Clients, supports Windows 10, 8, 7 � (32/64 Bit)

IPSEC-VPN-CLIENT1 (80511) 1 x bintec elmeg Secure IPSec Client, supports Windows 10, 8, 7 � (32/64 Bit)

Features

Administration / Management

Online & off-line activation Activation can be carried out online (internet access from the respective PC is required) or off-line

(internet access from a different PC is required).

Deactivation IPSec Client licenses may only be activated and used on one system at a time. Customers have the

ability to deactivate a license which is no longer being used on a particular system in order to

activate it on a new system. (version 3.0 and higher)

Configuration Easy to use due to graphical user interface with build in installation wizard

WLAN Configuration Integrated WLAN configuration

Integrated Dialer (RAS) Integrated Dialer for ISDN, GSM, UMTS and LTE with build in budget manager

Client Monitor Graphical User Interface for connection control and monitoring

System Logging Easy diagnosis thanks to integrated advanced logging

bintec Secure IPSec Client07.06.2016

Subject to technical alterations

Page 5 / 6

bintec elmeg GmbH - Suedwestpark 94 - 90449 Nuremberg - GermanyPhone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25E-Mail: info@bintec-elmeg.com - www.bintec-elmeg.com

Operating System / Languages

Supported Operating Systems Windows 10, Windows 8.x, Windows 8 (also TabletPC; no Windows RT 8.x), Windows 7, Windows

Vista, Windows XP up to v 2.32 - all 32/64 Bit

Supported Languages English, French, Spanish and German

IPSec Features

Seamless Roaming VPN connections remain intact even when the connection type changes (LAN/WLAN/mobile data)

IPSec VPN IPSec RFC 2401-2409

IPSec Algorithms AES (128,192, 256 Bit), 3DES (168 Bit), Blowfish (128-448) RSA (1024 or 2048)

IPSec Hashes MD-5, SHA-1, SHA-256, SHA-384, SHA-512 and DH-Groups 1, 2, 5, 14-18

IKE Versions IKEv1 and IKEv2 - with Pre Shared Keys and certificates (X.509)

IPSec IKE Config Mode IKE Mode Config allows the dynamic assignment of client IP configuration (IP address, DNS and

WINS servers)

IPSec IKE XAUTH IKE Protocol Extended Authentication for extended user authentication, necessary or OTP (One

Time Password, inclusive Smart Cards and Token) solutions

IPSec Dead-Peer-Detection Provides continues connection monitoring

IPSec NAT-T Support of NAT Traversal (NAT-T) for connections over routers with activated NAT

IPSec Certificates (PKI) Support of X.509 certificates

IPSec PKI Standards Entrusts Smart Cards: PKCS#11, for Encryption Token TCOS 1.2 and 2.0, Smart Card Reader

Interfaces CT-API and PC/SC, PKCS#12, CSP

IPSec Certificate Revocation List EPRL - End-entity Public-Key Certificate Revocation List (CRL), CARL - Certification Authority

Revocation List, (ARL), OCSP - Online Certificate Status Protocol

IPSec over TCP (NCP Path

Finder)

IPSec Fallback to TCP, e.g. 443 (HTTPS), based at the NCP Path Finder technology, to overcome

firewalls with activated IKE Port 500 filters

FIPS inside The Client has a FIPS-compliant cryptographic algorithm (certified in accordance with FIPS 140-2).

FIPS compliance is achieved when the following algorithms are used to establish and encrypt the

IPSec connection:

FIPS Inside Algorithms - Encryption algorithms: AES 128, 192, 256-bit or triple DES; - Hash algorithms: SHA1, SHA256,

SHA384 or SHA512-bit - DH group: group 2 or higher

Media Type LAN, WLAN, XDSL, ISDN, GSM, UMTS, LTE, inclusive automatic type of media detection

DynDNS Query of the current IP address via a public DynDNS Server

HotSpot Automatic Hotspot detection

Security

Stateful Inspection Firewall Stateful Inspection Firewall for IPv4 and IPv6, directional controlled packet filter with controlling of

the connection state, application filtering

Friendly Net Detection Automatic detection of unsecure and secure network and dependent of that an activation and

deactivation of firewall rules

bintec Secure IPSec Client07.06.2016

Subject to technical alterations

Page 6 / 6

bintec elmeg GmbH - Suedwestpark 94 - 90449 Nuremberg - GermanyPhone: +49 - 911 9673-0 - Telefax: +49 - 911 688 07 25E-Mail: info@bintec-elmeg.com - www.bintec-elmeg.com

Security

Password-Protection Password protection for profile management and configuration for avoid unauthorized access to

configuration parameters.

Accessoires

Software Licenses

IPSEC-CLIENT1-UPDATE (80516) Update bintec elmeg Secure IPSec Client for 1 client for two major releases

IPSEC-CLIENT5-UPDATE (80517) Update bintec elmeg Secure IPSec Client for 5 clients for two major releases

IPSEC-CLIENT10-UPDATE (80518) Update bintec elmeg Secure IPSec Client for 10 clients for two major releases