NCP Secure Entry Client for Android
Simple and Highly Secure Remote Access via Internet
Including License Management (VLS)
*Price per user. Quantity must be 5 or greater
Our Price: $46.00
Including License Management (VLS)
*Price per user. Quantity must be 25 or greater
Our Price: $42.55
Including License Management (VLS)
*Price per user. Quantity must be 50 or greater
Our Price: $40.25
- Pricing and product availability subject to change without notice.
- For more than 100 users, please use our Quote Request Form!
NCP's Secure Clients for Android are available for mobile end-devices with the Android 5.x "Lollipop" and 4.x "Ice Cream Sandwich" operating systems. The clients are easy to use and provide highly secure Remote Access to the company network. They are compatible with all common third-party IPsec VPN gateways including Cisco, Juniper, Check Point, Fortinet, SonicWALL, Netgear, D-Link, Microsoft Server 2008 R2, Sophos (Astaro), and ADTRAN. The NCP Secure Android clients are also available with the NCP Volume License Server.
You can choose between two versions:
- NCP Secure VPN Client for Android
- NCP Secure VPN Client Premium for Android
- Support of Widgets
- IKEv1 (Main Mode, Aggressive Mode), IKEv2 support
- IP address assignment via local IP address/manually or IKE config mode
- XAUTH on/off
- Split/full tunneling network access
- Pre-shared key
- PKCS#12 certificate support
- One-time-password support (OTP support)
- Auto reconnect mode - After starting the VPN connection the client will always try to reconnect after interruption of a Wi-Fi or cellular connection, until the connection is manually disconnected by the user.
- Configurable connection mode (always, auto-reconnect)
- Profile import of .pcf, .wgx, .ini or .spd files
- NCP VPN Path Finder® Technology
- FIPS Inside
- Easy administration
- Low training costs
- Modularity and scalability
- Fast availability of cutting-edge technologies through software updates
- Fast return on investment (ROI) through low operating costs (total cost of ownership (TCO)).
- High usability for users and administrators
- NCP Path Finder Technology: Remote Access despite blocked IPsec connections
- License management
|Secure Entry Client for Android: Technical Data|
|Operating System||Android 4.0 and above|
|License Management||Distribution of licenses by the Volume License Server|
|Standards||Support of all Internet Society IPsec Standards|
|Virtual Private Networking||IPsec (Layer 3 Tunneling), RFC conformant; IPsec proposals can be determined by the IPsec Gateway (IKE, IPsec Phase 2); Event log; Communication only in tunnel; MTU Size Fragmentation und Reassembly; DPD; NAT-Traversal (NAT-T); IPsec Tunnel Mode|
|Encryption||Symmetric processes: AES 128,192,256 bits; Blowfish 128,448 bits; Triple DES 112,168 bits; Dynamic processes for key exchange: RSA to 2048 bits; Seamless Rekeying (PFS); Hash Algorithms: SHA-256, SHA-384, SHA-512, MD5, DH Groups 1, 2, 5, 14-18|
|FIPS Inside||The NCP Secure Android Client uses an embedded FIPS 140-2-validated cryptographic module (Certificate #1747) running on an Android platform per FIPS 140-2 Implementation
Guidance section G.5 guidelines. FIPS conformance will always be maintained when any of the following algorithms are used for establishment and encryption of the IPsec connection:
|Authentication Processes||IKEv1 (Aggressive und Main Mode), Quick Mode; XAUTH for extended user authentication;
IKE Config Mode for the dynamic assignment of a virtual address from an internal pool
(private IP) ; PFS
|Strong Authentication||PKCS#12 Interface for using User (Soft) Certificates
Multi Certificate configuration
One-Time Passwords and Challenge Response System; RSA SecurID Ready
|Auto Reconnect||A connection is automatically established if the Internet connection has been interrupted or the communication medium has changed from WiFi to mobile data transmission. Configurable connection mode (always, manual)|
|VPN Path Finder||NCP VPN Path Finder Technology, Fallback IPsec /HTTPS (Port 443) when port 500 or UDP encapsulation can not be used (prerequisite: NCP VPN Path Finder Technology required at the VPN Gateway)|
|IP Address Assignment||DHCP (Dynamic Host Control Protocol); DNS: central VPN gateway selection using public IP address allocated by querying a DNS server|
|Line Management||DPD (Dead Peer Detection) with configurable polling interval; Short Hold Mode; WLANRoaming (Handover); Timeout|
|Data Compression||IPCOMP (lzs), Deflate|
|Internet Society RFCs and drafts||RFC 2401 –2409 (IPsec), RFC 3947 (NAT-T negotiations), RFC 3948 (UDP encapsulation), IP Security Architecture, ESP, ISAKMP/Oakley, IKE, XAUTH, IKECFG, DPD, NAT Traversal (NATT), UDP encapsulation, IPCOMP|
|English; Connection control and management, connection statistics, log files; trace tool for error diagnosis; traffic light icon indicates connection status|
|Technical Features||VPN Client||Premium||Enterprise|
|Virtual Private Networking|
|PKCS#12 Interface for private key in soft certificates Multi Certificate configuration|
|PKCS#12 Interface for private key in soft certificates Multi Certificate configuration||–|
|One-Time Passwords and Challenge Response System; RSA SecurID Ready|
|VPN Path Finder||–|
|IP Address Assignment|
|import function supporting file formats:*.ini, *.pcf, *.wgx und *.spd||–|
|Internet Society RFCs and Drafts|
|Internet Society RFCs and Drafts|
Android Devices and NCP Solutions:
Universal VPN Clients for companies of all scales for Android Tablets and Smartphones
Do you own a mobile end device running on the Android 4.x operating system? Would you like to use it to securely access data on the company network via VPN? If your answer to both questions is "yes", NCP developed the perfect software for you: the NCP Secure VPN Clients for Android.
The following VPN clients for Android end-devices are available:
|NCP managed Android Clients|
|NCP Secure Enterprise Android VPN Client||NCP Secure Android Client Volume Edition||NCP Secure VPN Clients for Android|
|How to buy||specialist retailer / invoice||specialist retailer / invoice||Google Play / credit card|
|User||About 50 ot more||About 5 -50||Workstation|
|Management-Tool||Secure Enterprise Management||Volume License Server||No Tool|
Managed Android VPN Clients
NCP's Secure Enterprise Android Client is part of the NCP Enterprise series and can be comfortably managed with NCP's Secure Enterprise Management. The client allows comfortable and highly secure remote access to the company network and it is compatible to IPsec gateways of various producers.
NCP's Volume License Server (VLS) is an additional tool for the Android VPN Client Volume Edition which is available for 5 + User. This tool simplifies license management.
NCP VPN Clients on Google Play
The VPN Clients NCP Secure VPN Client for Android and NCP Secure VPN Client Premium for Android are available on Google Play. The two IPsec VPN clients have been designed for private use or use in small scale environments containing only a small number of Android Smartphones or Tablet PCs. They are also compatible to all major IPsec VPN Gateways. Further information on NCP Google Play Store VPN Clients.
Can I import configuration files?
Yes, you can directly import configuration files (*.pcf, *.spd, *.wgx, *.ini) from other manufacturers or files (*.ini) exported by the NCP configuration exporter.
You further have the option to import the configuration file "ncpphone.cfg". Please note that this configuration file only contains the VPN profile for the communication medium LAN.
Please copy the file "ncpphone.cfg" to the "\NCP\Import" directory on the internal or external SD card of the Android phone. In Windows Clients this file is usually located in "C:\Program Files (x86)\NCP\Secure Client\". You can now import the configuration data from that file into the Android Client via the "Import / Export" option. If the file is located in the correct directory, the system displays the entry "ncpphone.cfg" and next to it a box which can be checked. Check this box and then press the "Back" button to leave the menu. With that, the configuration data has been imported correctly and a connection can be established.
How do I import a certificate?
Currently support is provided for a certificate stored in a PKCS#12 file located on the Android phone's internal or external SD card in the "\NCP\Import" directory.
Import the certificate into the Android Client using the "Import / Export" option (menu - Import / Export); select either "Import User Certificates" or "Import CA Certificates" dependent on the type of certificate being imported.
Finally, select the certificate as "Certificate" in the Profile settings.
What does the error message:
"Ike: NOTIFY : x : RECEIVED : NO_PROPOSAL_CHOSEN : 14" mean?
This error message means that the IPsec Phase 2 encryption settings are incorrect. Currently the Client only supports a limited list of proposals. If the VPN server requires a type of encryption not in that list, this error message will be generated when the Client attempts to establish a connection to the server. The facility to fully configure the settings will be implemented in the next version of the Client. In the interim, a workaround is to create the correct configuration ("ncpphone.cfg", see above) on a Windows Client and import that into the Android Client.
Is there an NCP Secure Client for Android versions earlier than V4.0?
Manufacturer dependent restrictions mean that, on Android versions earlier than V4.0, the NCP VPN Client can not be sourced from the Android Market and then installed in the normal way. To circumvent this problem, NCP has developed an NCP Secure Client that requires either a "rooted" device or a specially adapted Android kernel. NCP only supplies this product to hardware manufacturers or system integrators or for major projects.
Where do I store the Cisco parameters "Group Password" and "Group ID"?
Save the "Group Password" parameter as the "Pre-shared Key" in the NCP Android Client. Also, with connections to Cisco servers, "Exchange Mode" is then usually set to "Aggressive Mode".
Save the "Group ID" parameter as the "IKE ID", and then set the "IKE ID Type" to "Free string used to identify groups".
Does Google Play accept other methods of payment apart from credit cards or is there another ordering process?
Google Play only accepts credit cards. However, both NCP Enterprise Versions for Android operating systems are available through our reseller and partner.
How does the configurable connection mode of the Premium Client work?
The VPN tunnel always starts automatically without interaction with the user. If connection setup fails, the client tries to establish a connection every 20 seconds. In order to permanently disconnect the tunnel, the user should select a different profile, which has been configured for the manual connection mode. Please note that after cold booting the device, the user has to manually initiate the first VPN connection setup.
NCP's Secure VPN Client Premium automatically reconnects a VPN tunnel (auto-reconnect: default setting) if a connection has been interrupted or the communication medium has been changed (3G/WiFi). Under certain circumstances, however, for example with bad 3G reception, it might happen that the VPN reconnect fails and the connection remains disconnected. Users who wish a permanent VPN connection can counter this by setting the communication mode to "always". With that setting an established VPN connection will only be permanently disconnected if the user selects a different VPN profile.
Why does NCP's Secure VPN Client not work on my Android 4.x system?
NCP's Secure VPN Client requires a VPN-API, which has to be installed on the Android 4.x operating system. If the system displays an error message after installation of the client, please contact the manufacturer of your device or install the latest systems software or Android version; you will find both on the manufacturer's support websites.
Download the NCP Secure Entry Client for Android Data Sheet: Secure Client for Android (PDF).
Download the NCP Volume License Server Data Sheet (PDF).