Call a Specialist Today! 855-958-0756

NCP Secure VPN Enterprise Client for Windows Mobile
Universal, Centrally Manageable IPsec Client Software for Windows Mobile

NCP Secure VPN Enterprise Client for Windows Mobile

NCP Products
NCP Managed VPN Client Suite
NCP Managed Secure Enterprise Windows Mobile Client
Get a Quote!


NCP's Secure Enterprise Windows Mobile Client is a component of the comprehensive NCP Secure Enterprise Solution. The communication software is designed for universal teleworking in any remote access VPN or M2M environment. Mobile teleworkers, for example, can access the central databases and applications with pocket PCs, handhelds and tablet PCs from anywhere in the world. Collecting mobile data in a customer's warehouse via PDA with integrated barcode reader and transferring the data via Wi-Fi represents another common application.


  • Secure mobile computing
  • Integrated, dynamic personal firewall
  • Worldwide dial-in to the corporate network
  • Compatible with VPN gateways from different manufacturers
  • Strong authentication with certificates
  • End-to-end security even at hotspots
  • Central management

Technical Data:

Secure VPN Enterprise Client for Windows Mobile: Technical Data
System Requirements
Mobile End Device
  • Operating system: Windows CE 3.0 (Handheld PC 2000, Pocket PC 2000), Windows 4.2 (Windows Mobile 2003 for PocketPC), Windows CE 5.0, Windows Mobile 5.0 for Pocket PC or for Smartphone, Windows Mobile 6.x, Windows Mobile 7 (i.p.)
  • Configuration: StrongARM processor (min. 200 MHz); 3.3 MB program memory, 2.1 MB memory; WAN or WLAN adapter
Configuration PC Operating system: Windows 7, Windows Vista, Windos XP (all 32/64 bit); 32 MB RAM, Configuration: At least 20 MB RAM, MS Active Sync v. 4.x or higher
Security Features The Enterprise Client supports all major IPsec standards in accordance with RFC
Personal Firewall Stateful Packet Inspection; IP-NAT (Network Address Translation); Friendly Net Detection (analysis of: current network address, IP address and MAC address of the DHCP server); secure hotspot logon; differentiated filter rules relative to: protocols, ports and addresses, LAN adapter protection, central administration with Client firewall configuration plug-in*
Virtual Private Networking IPsec (Layer 3 Tunneling), RFC-conformant; IPsec proposals can be determined through the IPsec gateway (IKE, IPsec Phase 2); Event log; communication only in the tunnel; MTU size fragmentation and reassembly, DPD, NAT-Traversal (NAT-T); IPsec tunnel mode
Encryption Symmetric processes: AES 128,192,256 bits; Blowfish 128,448 bits; Triple-DES 112,168 bits; dynamic processes for key exchange: RSA to 2048 bits; Diffie-Hellman Groups 1,2,5 seamless rekeying (PFS); hash algorithms: SHA1, MD5
Authentication Processes IKE (Aggressive mode and Main Mode), Quick Mode; XAUTH for extended user authentication; IKE config mode for dynamic assignment of a virtual address from the internal address pool (private IP); PFS; PAP, CHAP, MS CHAP V.2; IEEE 802.1x: EAP-MD5 (Extensible Authentication Protocol): Extended authentication relative to switches and access points (Layer 2); EAP-TLS (Extensible Authentication Protocol - Transport Layer Security): Extended authentication relative to switches and access points on the basis of certificates (Layer 2); support of certificates in a PKI: Soft certificates, smart cards, and USB tokens; Pre-shared secrets, one-time passwords, and challenge response systems; RSA SecurID ready.
Strong Authentication - Standards X.509 v.3 Standard; Entrust Ready PKCS#11 interface for encryption tokens (USB and smart cards); smart card operating systems: TCOS 1.2 and 2.0; smart card reader interfaces: PC/SC, CT-API; PKCS#12 interface for private keys in soft certificates; PIN policy; administrative specification for PIN entry in any level of complexity; revocation: EPRL (End-entity Public-key Certificate Revocation List, formerly CRL), CARL (Certification Authority Revocation List, formerly ARL), OCSP. CMP* (Certificate Management Protocol),
Networking Features LAN emulation: virtual Ethernet adapter with NDIS interface or transparent mode
Network Protocol IP
Dialers PPC Connection Manager, NCP Secure Dialer, Microsoft RAS Dialer (for ISP dial-in via dial-in script)
IP Address Allocation DHCP (Dynamic Host Control Protocol), DNS: Dial-in to the central gateway with changing public IP addresses through IP address query via DNS server
Transmission Media WLAN (WiFi), GSM (incl. HSCSD), GPRS, UMTS, Internet, analog modems (mobile phones)
Line Management DPD with configurable interval; WLAN roaming (handover);
Data Compression Stac (lzs), deflate
Point-to-Point Protocols PPP over ISDN, PPP over GSM, PPP over PSTN, PPP over Ethernet; LCP, IPCP, MLP, CCP, PAP, CHAP, ECP
Internet Society RFCs and drafts RFC 2401 –2409 (IPsec), RFC 3498, RFC 3947: IP security architecture, ESP, HMAC-MD5-96, HMAC-SHA-1-96, ISAKMP/Oakley, IKE, XAUTH, IKECFG, DPD, NAT Traversal (NAT-T),UDP encapsulation, IPCOMP
Client Monitor
Graphical User Interface
Multilingual (German, English); intuitive operation; configuration, connection statistics, log-files, trace tool for error diagnosis; traffic light icon for display of connection status; password protected configuration management and profile management.

*) Prerequisite: NCP Secure Enterprise Management