The HIPclient

Micro-Segmentation for
Desktops, Laptops,
Tablets, and Phones

Routing Icon

Secure VPN-less connectivity
for employees, vendors,
and contractors.

Cloaking Clients without Network Upgrades or Specialized Tools

The HIPclient enables secure, encrypted access from anywhere in the world, over any network for desktops, laptops, tables and phones. Our customers can now give granular remote access to the network and resources for employees, contractors, and vendors as an alternative to traditional VPN-based access, without complex management of certificates, ACLs or IPSec tunnels.

Unlike VPNs that lack segmentation once authenticated and inside the network, the HIPclient only allows secure access to its mutually authenticated and authorized machines. Now it’s easy to create private workgroup domains that are invisible and inaccessible to others, even from clients that may have valid user or application credentials. This eliminates breaches caused by credential theft or unauthorized east-west movement.

Deployment Options

Deployment Options

Windows

line

Windows 7/8/10 (32/64-bit)

Mac

line

OS 10.12 and Above

iOS

line

iOS 11.0 and Above

Android

line

6.0 and Above

Windows

line

Windows 7/8/10 (32/64-bit)

Mac

line

OS 10.12 and Above

iOS

line

iOS 11.0 and Above

Android

line

6.0 and Above

“I built a private overlay network with HIPclients, HIPservers, and HIPrelays for our DevOps team in under 10 minutes. We now have transparent MFA and end-to-end encrypted HIP tunnels so our team can SSH from anywhere without hassle. We no longer use VPNs, internal firewalls, and have simplified AWS security groups because we close all inbound ports on the servers. Other systems on the university’s shared network or in the same VPC can’t see let alone access them.”

IT Director,
Fortune 100 Manufacturing Company
Universal Mobility

Instant Access and Revocation From Anywhere

line

Granting and revoking HIPclient access to individual resources on the network is simple and instant. The security context and ability to connect clients to specific resources never changes, regardless of where a user may be coming from – the LAN, WAN or Internet. The result is access from anywhere in the world, without the complexity and inflexibility of VPNs.

HIP Invite

Automate Rapid Deployment and Access

line

Automate user device access using HIP Invite to create secure and segmented access to individual resources, not entire networks. Provide email addresses, and as users download and add their machines, they’ll have access to only the specific systems they’re allowed and cannot see or access others, even if those systems reside on the same network. This significantly simplifies the time-consuming and complex process of getting people access to resources on the network.

HIP Invite

Automate Rapid Deployment and Access

line

Automate user device access using HIP Invite to create secure and segmented access to individual resources, not entire networks. Provide email addresses, and as users download and add their machines, they’ll have access to only the specific systems they’re allowed and cannot see or access others, even if those systems reside on the same network. This significantly simplifies the time-consuming and complex process of getting people access to resources on the network.

Seamless and Transparent
Multi-Factor Authentication (MFA)

line

Once the HIPclient is installed on a device, it now has an immutable and unique machine identity. Unlike port forwarding that enables arbitrary connections with no requirement for authentication, HIPclients are authenticated and authorized based on their trusted machine identity before a peer-to-peer encrypted connection is established and credentials used.

User authentication can now be easily integrated with device-based authentication, overcoming much of the complexity associated with attempts to extend directory services to include device-based trust.

Private Workgroup Networks

Protect Intellectual
Property and Sensitive Data

line

Our customers easily and quickly create overlay networks to isolate and control access to critical systems. For example, this includes controlling administrator access to network and security infrastructure to eliminate the threat of a hacker gaining access to those systems through a system’s local management interface. Another example is creating private workgroups for DevOps, Executive, HR, and PCI teams to protect intellectual property and sensitive data from being breached by unauthorized machines with access to the same network.

Private Workgroup Networks

Protect Intellectual
Property and Sensitive Data

line

Our customers easily and quickly create overlay networks to isolate and control access to critical systems. For example, this includes controlling administrator access to network and security infrastructure to eliminate the threat of a hacker gaining access to those systems through a system’s local management interface. Another example is creating private workgroups for DevOps, Executive, HR, and PCI teams to protect intellectual property and sensitive data from being breached by unauthorized machines with access to the same network.