VPNCrypt G2000

ST Electronics (Info-Security) Pte Ltd.


High Performance VPN Gateway

VPNCrypt G2000 is a high performance Virtual Private Network (VPN) Gateway, a networking device that enables the user to leverage on public Ethernet/IP infrastructure to connect to multiple sites in a secure manner. VPNCrypt G2000 employs standard algorithms for data confidentiality and integrity protection as well as Internet Key Exchange (IKE) protocol for keys derivations and authentications. The builtin Firewall performs packet filtering and supports NAT/PAT features.

Supporting up to 800 tunnels with a maximum encrypted throughput of 1Gbps, VPNCrypt G2000 is ideal for deployments as a security gateway in corporate offices, remote sites or branch offices.

Key Features

  • • High-assurance VPN Gateway with Firewall capabilities
  • • 1Gbps throughput aggregate
  • • IPSec standards-based encryption, authentication, digital certificates and key management
  • • Supports standard algorithm for data confidentiality
  • • Supports 800 concurrent IPSec tunnels
  • • Easy deployment in existing network environment
  • • 19” rack mountable



Network Interfaces Trusted LAN 1, Trusted LAN 2, External and Management (4 x Gigabit ports):
- Fiber optic: LC connector, multi-mode/single-mode
- Copper: Ethernet RJ45
Networking Features & Protocols - IP Security/Encapsulating Security Protocol
- Support Layer 2 and Layer 3 encryption capability
- IP Compression
- QoS support
- Traffic flow confidentiality
High Availability Features
- Failover (Active/Passive mode)
- Load Balancing (Active/active mode)
- Priority Based Redundant Secure Nodes
Authentication - Pre-shared Key
- RSA Public Key Signature (up to 4096 bit)
Key Management
- Support Internet Key exchange (IKEv2)
- DH supports up to 8192 bit
– Supports ECDH (up to P-521 bit)
- Group Transport Protection: The device has the option of providing encryption and data integrity protection to all key exchange traffic including the initial key exchange traffic
Encryption Algorithm/ Modes - AES-CBC (256 bit)
Hash Algorithm - HMAC-SHA1
- HMAC-SHA2 (256, 384, 512 bit)
Performance - Zero-loss encrypted throughput up to 1Gbps, aggregated (depending on IP packet size and used encryption mode)
- Support 800 concurrent IPSec tunnels
Management Interfaces
- Fiber optic/RJ45 (remote management and local configuration)
- RS232 local console interface

- Extensive audit logging
- Alarm detection and logging
- SNMP v2c network management (operates with standard SNMP network management station)
- Supports up to 3-factor authentication

Security Features: - Tamper-resistant chassis
- Anti-tamper detection and response
Physical Characteristics: - Dimensions: 44mm(H) x 430mm(W) x 511mm(D)
- Redundant Hot-Swap PSU: 110/240VAC @ 50/60 Hz Auto-ranging
- Power Rating: 300W max
- Weight: 10 KG
Environmental: - Storage Temperature: -20ºC to 70ºC
- Operating Temperature: 0ºC to 40ºC
- Humidity: Relative 95%, non-condensing
Regulatory: - EMC/EMI: FCC Part 15 Class B
Optional Feature: - Supports customized algorithm loading feature