• Provides dynamic plug and play – VPN Gateways can be added to or removed from a
cluster dynamically without disrupting network traffic
• Provides a single system image (SSI) – all VPN Gateways in a given cluster are
configured as a single system
• High level of redundancy in the master/slave cluster design; even if three master VPN
Gateways in a cluster would fail, additional slave AVGs will still be operational and can
accept configuration changes
Certificate and Key Management
• Server and client authentication
• Generation and revocation of client certificates
• Automatic retrieval of certificate revocation lists (CRLs)
• Validation of private keys and certificates
• Generation of certificate signing requests (CSRs)
• Generation of self-signed certificates
Public Key Infrastructure
• RSA pair key generation
• Server certificate enrollment
• Server key and certificate import/export
• Key and certificate renewal
Supported Key and Certificate Formats
• PEM
• DER
• NET
• PKCS12
• PKCS8
• KEY(MS IIS4.0)
User Guide
Software Features
April 2013
27