ECOS SECURE GATEWAY APPLIANCES (SGA) consist in one or more secure servers offering various features to secure company networks.

The features are as follows:
VPN gateway, proxy, authentication server (PKI + RADIUS), mail gateway (incl. spam filter), CA (certificate authority), token management, State-Full-Inspection firewall, router.

Central administration

The flexible concept can be adapted to various scenarios and allows, depending on the requirements, to distribute functions to several ECOS SGA appliances with central administration. Thus, two-step security concepts for company networks can easily be realized through a firewall with a downstream VPN gateway / secure server.

As ECOS SGA appliances are best suited to build up extensive and easily manageable infrastructures, they can also be used as central components to connect multiple offices. The SGA appliance then acts as master for a further set of SGA appliances which are located at branch offices and configured as slaves in order to provide a central management.


VPN gateway

The ECOS MOBILE OFFICE STICK can be used to provide a secure external access to a server situated behind an ECOS SECURE GATEWAY APPLIANCE. This remote access solution needs no software installation or administrator privileges and runs on any internet-connected Windows PC. Our ECOS SECURE BOOT STICK and ECOS SECURE BOOT MODULE solutions alternatively allow a highly secure remote access to central terminal servers from within a secure Linux environment.



The integrated stateful inspection firewall offers various settings and customizable configuration options. Particularly the central administration contributes to significantly reduce complexity in scenarios with extensive device installation.

The incoming http/https proxy allows authentication at the firewall itself to protect internal web servers such as Outlook Web Access.


Additional features

  • When used as a mail gateway, an optional spam filter can be activated.
  • An integrated CA (certificate authority) allows the creation of digital certificates, and an integrated smart card and token management adds to the PKI functionalities.
  • Additionally, OTP tokens (one-time password generator) can be managed by the appliance.
  • An automated up-to-date service keeps the appliance on the latest level and ready for future features.

  • VPN gateway (PPTP, IPsec, SSL VPN)
  • Application level proxies
  • Spam filter for mail gateway (optional, ECOS SECURE GATEWAY APPLIANCE – SGA only)
  • Synchronization of users on different servers (i.a. ADS, SGA only)
  • Bandwidth management, QoS
  • Integrated CA (Certificate Authority, SGA only)
  • Integrated smart card and token management (SGA only)
  • One-time password system (OTP)
  • Stateful inspection firewall with extensive packet filtering rules
  • LDAP-based
  • High availability module for high availability solutions
  • Up-to-date service for component topicality (optional)
  • Modular hardware concept, extendable by ISDN, ADSL, UMTS interfaces
  • SGA-V: suitable for VMware, Citrix XenServer, Hyper-V, Oracle VirtualBox and any certified hardware
  • SGA-50-CF: for small businesses (e.g. connecting multiple offices) – offered by our partners in conjunction with the respective hardware

 Contact form