All Amaranten Firewall products are fully IPsec compliant, which makes the products accomplished VPN gateways with
maximum flexibility.

Thanks to the close-knit integration where each VPN connection is treated as a logical interface in the firewall, filtering,
logging, monitoring and bandwidth management can be performed on VPN connections as precisely as on regular Ethernet
interfaces.

Both LAN-to-LAN solutions and roaming clients are supported, and the number of simultaneous VPN connections can be up
to several thousand, depending on your product model. Amaranten Firewall may also be used to route and filter traffic
between remote networks, which makes it possible to design complex VPN networks with a minimum of administrative effort.

For authentication, both Pre-Shared Keys (PSKs) and X.509 certificates can be used. In addition, unique user identification
lists for access control can be specified per VPN connection.

This, combined with the Amaranten VPN Client, which also includes full support for hardware tokens, such as certificates
stored on smart cards, makes Amaranten products ideal components in any larger PKI solution.

Amaranten Firewall supports a large number of encryption algorithms, including AES, 3DES, Blowfish, Twofish, CAST-128
and DES. Strong authentication is supported using SHA-1 and MD5.

All IPsec parameters and encryption proposals are accessible, which dramatically simplifies interoperability with other IPsec
compliant products.

Furthermore, Amaranten Firewall supports so called virtual IPs, that enable even more seamless integration with the remote
network by creating the illusion that the Amaranten VPN Client is physically located in the network.