[Translate to Englisch:]

A Remote Access VPN Requires Ease of Use

Connecting, configuring, and monitoring
as easy as can be.

End devices that are intelligent and easy to operate are every user's dream. Administrators, however, demand the same level of transparency and manageability in the wide area network (WAN) as they are used to from the local area network (LAN). In order to meet the needs of all users, NCP's remote access VPN solution offers comprehensive automation as well as configuration, display and monitoring options.

NCP Remote Access VPN - an overview of the most important features:

Intuitive graphical user interface

Independent of the operating system, all NCP VPN Clients graphically display all connections and security statistics. Comprehensive cursor-sensitive tool tips offer quick information in clear text. Designed as one click solution, the software automatically carries out connection setup to the company network, while the user is able to monitor all phases. If an error occurs, it is displayed in red. It simplifies troubleshooting and support.The summary language selection facilitates international application.  

Integrated support for 3/4 G Cards

NCP's Secure Client integrates and supports 3/4G cards of various suppliers, i.e. displays them in the Client Monitor. This integration and support is the key to the display of field strength, provider and selected radio network. The installation of delivered management software of maps distributors and the associated call for an additional user interface can be cancelled.

Mobile broadband support for Windows 7

LTE currently allows the highest wireless communication rates. Since the virtual COM ports used before Windows 7 had become a bottle neck with LTE data communication, using Windows Mobile Broadband Interface now ensures maximal data communication speed. A further advantage of Mobile Broadband Support is the integrated dialer of NCP's VPN Client which automatically supports all current and future 3G/4G cards of Windows 7.

Easy setup and management of a client configuration

Each NCP Secure Client has its own configuration file in which it saves all connection parameter. The administrator can specify each parameter field and may store these as necessary against additional changes by the user.  That creates configuration freedom for the realization of individual remote-access requirements.

APN from SIM Card

The APN (Access Point Name) defines the access point of a mobile data connection at a provider. If the user changes provider, the system automatically takes APN data from the corresponding SIM card and uses it in client configuration. Through that, it is easy to use inexpensive, local providers abroad.

Automatic Media Recognition

The NCP VPN Client checks each connection establishment that selects available transmission media and automatically chooses one from the given sequence. The manual network selection is naturally given further on.

Wi-Fi roaming

If a teleworker moves within the reception area of several access points using the same SSID, the system automatically chooses the strongest access point available. Applications which communicate via a tunnel do not even "notice" this access point roaming. NCP's Secure Client is able to roam access points within a company network (e.g. while changing locations with a laptop) without having to set up a new data connection and logon to the gateway, again and again. This allows for continuous remote access despite changing IP addresses.

Seamless Roaming

You can call "seamless roaming" the logical advancement from "WiFi roaming". With "Seamless Roaming" the devices are able to automatically change between various networks, for example between LAN, WiFi and 3/4G. This further facilitates mobile computing and enables the state "always on" - meaning continuous and constant availability of applications of the mobile telework station. The client is able to automatically change the communication medium during a session and to dynamically redirect the VPN tunnel, while the user does not even notice this process.

VPN Path Finder

This feature allows for remote access behind firewalls whose settings prevent IPsec based data traffic (Port 500 or UDP encapsulation not possible). With the help of the VPN Path Finder technology, the NCP Secure Client can use Port 443 of the firewall (Fallback IPsec / HTTPS). This allows for a holistic IPsec-based implementation of the security policy (prerequisite: NCP VPN gateway, starting with v 8.0, at the corporate headquarters).

IKEv2 support

In contrast to IKEv1, IKEv2 is faster during connection set up because it needs fewer prompts than its predecessor. Apart from that IKEv2 supports various protocols (e.g. NAT-T, DPD) which were required but not supported by version 1. Instead of XAUTH, EAP is used as the basis for authentication. The Mobility and Multihoming Protocol (MOBIKE) ensures higher reliability of IPsec tunnels in mobile applications. NCPs VPN Client Suite is designed to be easy to configure and allows performant connection setup. The specifications of IKEv2 make setup of virtual private networks easier, more flexible and more reliable. Supporting IKEv2 makes the NCP VPN Client Suite compatible to almost every other available VPN gateway - amongst others the Microsoft Windows Server 2008 R2.

Windows pre-logon

When using the Windows Pre-Logon function, the user can already establish a VPN tunnel in the company headquarters BEFORE logging on to the Windows system. The user logon to the local Windows system then occurs through this VPN tunnel, so that it is authenticated to the central Windows domain / Active Directory. As of this client version, the secure login to a WLAN HotSpot is possible already in the pre-logon phase, ie. the client is optimally protected by the integrated dynamic firewall at any time of logging on to the HotSpot.

Central management for fully automatic VPN operation

You can integrate NCP's Secure Enterprise Clients into a centrally managed VPN. This includes tasks like client configuration, mass roll outs, software updates, certificate administration and security policies checking NCP Secure Enterprise Management easily handles these tasks.

Dynamic personal firewall

All NCP Secure Clients have a dynamic personal firewall. Click here for more information.

Home Zone

When the Home Zone feature is activated, a special user profile is used for the home office network. Users just need to click the Home Zone button and the correct network configuration is made automatically. This includes special firewall rules set up by administrators which only apply when the user is in their home office. This means that users can access their printer or scanner in the home office network. If the user leaves the Home Zone, the existing firewall rules are reactivated. The computer recognizes automatically where it is according to the network address. This means that when the user returns to the Home Zone, the computer will switch network settings automatically without the user having to click the Home Zone button.


The VPN bypass function in the NCP VPN Client allows the IT administrator to configure the client so that certain applications are exempted from the VPN and the data is sent over the Internet even when split tunneling is disabled. This has the advantage that applications such as video streaming no longer overwhelm the server with terabytes of data.