VPNCrypt G20

ST Electronics (Info-Security) Pte Ltd.


Compact & High Performance VPN Gateway

VPNCrypt G20 is a compact Virtual Private Network (VPN) Gateway, a networking device that enables the user to leverage on public Ethernet/IP infrastructure to connect to multiple sites in a secure manner. VPNCrypt G20 employs standard algorithms for data confidentiality and integrity protection as well as internet key exchange (IKE) protocol for keys derivations and authentications. The built-in Firewall performs packet filtering and supports NAT/ PAT features.

Supporting up to 50 tunnels with a maximum encrypted throughput of 100Mbps, VPNCrypt G20 packs a big punch in a small foot print. It is ideal for deployments as a security gateway in corporate offices, remote sites or branch offices.

Key Features

  • • High-assurance VPN Gateway with Firewall capabilities.
  • • 100Mbps throughput aggregate
  • • IPSec standards-based encryption, authentication, digital certificates and key management.
  • • Supports standard algorithm for data confidentiality.
  • • Supports 50 concurrent IPSec tunnels.
  • • Easy deployment in existing network with 10/100/1000 Mbps LANs.
  • • Slim and Compact.



Network Interfaces - Trusted LAN 1 and Trusted LAN 2 ports: 2 x Ethernet RJ45 10/100/1000 Mbps auto-sensing port
- External port: 1 x Ethernet RJ45 10/100/1000 Mbps auto-sensing port
Networking Features & Protocols - IP Security/Encapsulating Security Protocol
- Support Layer 2 and Layer 3 encryption capability
- IP Compression
- QoS support
- Traffic flow confidentiality
High Availability Features
- Failover (Active/Passive mode)
- Priority Based Redundant Secure Nodes
Authentication - Pre-shared Key
- RSA Public Key Signature (up to 4096 bit)
Key Management
- Support Internet Key exchange (IKE v2)
- DH supports up to 8192 bit
- Supports ECDH (up to P-521 bit)
- Group Transport Protection: The device has the option of providing encryption and data integrity
protection to all key exchange traffic including the initial key exchange traffic
Encryption Algorithm/ Modes - AES-CBC (256 bit)
Hash Algorithm - HMAC-SHA1
- HMAC-SHA2 (256, 384, 512 bit)
Performance - Zero-loss encrypted throughput up to 100Mbps (depending on IP packet size and used encryption mode)
- Support 50 concurrent IPSec tunnels
Management - Interfaces:
10/100/1000 Mbps Ethernet RJ45 (remote management and local configuration)
RS232 local console interface
- Security/Configuration:
Extensive audit logging
Alarm detection and logging
SNMP v2c network management (operates with standard SNMP network management station)
- Supports up to 3-factor authentication
Security Features: - Tamper-resistant chassis
- Anti-tamper detection and response
Physical Characteristics: - Dimensions: 30mm(H) x 230mm(W) x 150mm(D)
- Power Supply: External 12VDC, 3.4A, 100-240VAC, 50/60 Hz Adaptor
- Power Rating: 40W max
- Weight: 1.25 KG
Environmental: - Storage Temperature: -20ºC to 70ºC
- Operating Temperature: 0ºC to 40ºC
- Humidity: Relative 10% – 95%, non-condensing
Regulatory: - EMC/EMI: FCC Part 15 Class B
Optional Feature: - Supports customized algorithm loading feature