Excitor G/On® is a client/server solution implementing a distributed port forwarding proxy technology for virtualized connectivity between application clients and application servers. The Excitor G/On® Client and Gateway Server are designed to communicate over untrusted networks.
Every user device is enrolled into the Excitor G/On® Server using private/public key pairs generated by the built-in SmartCard CPU on the Excitor G/On® USB Token, or software generated on other tokens.
Excitor G/On® uses 233-bit Elliptic Curve Cryptography (ECC) for authenticating the client and server, 2048 bit RSA keys for protecting information during the setup of the payload encryption key (Secure Key Exchange) and all transmission data is encrypted using FIPS 140-2 validated 256 bit AES – nothing is transmitted in plain text.
Excitor G/On® can integrate two-factors for mutual authentication:
- The optional Excitor G/On® USB MicroSmart Token uses 233-bit ECC SmartCard generated public/private keypair for the challenge/response protocol
- User name and password is validated against company directory (AD or LDAP)
Unlike traditional VPN-based solutions, Excitor G/On® does not make a remote PC part of the network. Excitor G/On® connects users virtually to their applications through their office PC or their virtualized desktop. Excitor G/On® uses Lock2Process to prevent third–party applications access through Excitor G/On®.
The optional G/On® OS bootable USB stick boots the PC into a locked down Linux operating system, creating a known and managed environment on the remote PC.
Data Protection and Integrity
Instead of using VPN tunnelling protocols, Excitor G/On® establishes a protected, virtual connection between a user and a specific application. All data is encrypted and multiplexed through the virtual connection. Both the Excitor G/On® Client and the Excitor G/On® Server can detect tampering and will automatically disconnect the session.
No business data leaves the corporate network or is stored on the user’s PC or USB token.
Network Access Control
The Excitor G/On® Server only responds to traffic from known and approved devices and will only communicate with users following a successful authentication process.
The G/On® Management tool enables IT administrators to manage both authentication and authorization policies defining exactly which applications users are allowed access to when they are authenticated.
This provides the capability to limit access to specific applications or systems from external partners or contractors.
Excitor G/On® Remote Access Modules
Excitor G/On® offers flexible licensing options to address a variety of requirements:
- Excitor G/On® for Web Apps - Easy, secure access to web applications, portals, and Intranets
- Excitor G/On® for Citrix - Virtual access to Citrix farms - without any requirement for Citrix NetScaler, Secure Access Gateway or VPN
- Excitor G/On® for RDP - Virtual access to Terminal Server farms or directly to your PC in the office including client/server applications like ERP, CRM systems or File shares
Excitor G/On® USB MicroSmart token with Two Factor Authentication: The Excitor G/On® USB MicroSmart Token adds strong 2-factor authentication to Excitor G/On® by using a 233-bit ECC SmartCard generated public/private keypair for the challenge/response protocol alongside the user’s AD/LDAP credentials.
Excitor G/On® OS: The Excitor G/On® Client can be installed onto the PC operating system or any USB stick however for enhanced security the Excitor G/On® USB Token can include a bootable, hardened Linux operating system called Excitor G/On® OS. The user boots their PC from the USB token. Excitor G/On® OS disables local storage and drive access and connects to the company’s Excitor G/On® Server. Excitor G/On® OS is a cost effective, simpler alternative to providing managed laptops with a VPN.
For further information please contact your local Excitor sales office representative.