A Non-Intrusive Approach to Zero Trust Adoption

Instant, Zero Trust access to your network, applications and data

G/On is a scalable, Zero Trust based solution that connects all your users to internal and on-premise resources — regardless of device or location. Decrease your attack surface, enhance security and reduce complexity. Stop managing devices and empower IT to focus on innovation, not threat mitigation. It’s simplicity without compromise.

G/On: designed on three pillars

Group 1004

Software Defined Perimeter

  • Network resources are made inaccessible by default
  • Makes the application infrastructure invisible from the internet
  • Immediate reduction of attack surface
  • Mitigates breach risks and prevents threats
Group 808

Zero Trust Security

  • Identity centric, no device authentication
  • Authentication before access
  • The principle of least privilege to the network
  • All data is encrypted and protected. End-to-end encryption provides the gold-standard for protecting communication
  • Embedded 2-factor authentication 
Group 816


  • No need to change the organisational approach to VPNs and networks
  • Client application, meaning its agentless
  • No installation and no configuration required, no elevated rights to run
  • Supports ANY device policy
  • No endpoint checking required - policies built-in solution
  • Scalable, promotes data protection and prevents access to personal data
Screenshot 2021-10-19 at 16.22.46

Your guide to easy, fast and non-intrusive Zero Trust security

Like many companies, you’re likely already exploring how you can transition to Zero Trust security to decrease your attack surface, enhance security and reduce complexity.

We recently put together a new guide How G/On provides a giant leap into the Zero Trust era.

It covers the reasons companies are turning to Zero Trust, why the time for action is now and shares our Zero Trust success roadmap.

Download your copy now. 

How G/On enables business

Mobile-ready solution: it takes one physical token

No dependency for access management processes

Streamlines the user application login experience

Permission control at the individual application level

Mobile use policies (user and enterprise responsibilities) are redundant

The client can automatically find its way to the company network

No client installation, no intrusion on private devices and leaves no traces

Instant respond to an increase in client & staff demand

As more privacy and data sovereignty laws are introduced, G/On immediately meet those needs

Screenshot 2021-10-19 at 16.12.02

Enable a non-intrusive approach to Zero Trust at your organisation

 Start your G/On journey today.
Group 1018

Central management console

G/On provides full control over settings, users and usage. IT admins can control application access, prevent copy/paste/downloads and allow file downloads in a dedicated secure environment.

Group 807

Strong two-factor authentication

Remove the risk of man-in-the-middle attacks with mutual strong two-factor authentication – the client authenticates the server, and the server authenticates the client.

Group 808

Access based on permission rules

Users have application access based on permission rules or Active Directory group membership. No need to remember URLs or other information to access applications.

Specifications G/On

1. G/On General specifications

G/On Gateway Server


Operating systems version Windows Server 2019 or Windows Server 2016*
Number of users Up to 2.000 per gateway
Supported authentication server Active Directory, LDAP and local accounts

* Even though G/On Server will install and run on Windows Server 2008, Windows Server 2008R2, Windows Server 2012, Windows Server 2012R2 these
platforms are not anymore supported from G-On version 7.0 or above


G/On Database (optional)

Platform Microsoft SQL Server
Operating systems version • Microsoft SQL Server 2012, 2014, 2016, 2017 and 2019,
• Microsoft SQL Server Express 2012, 2014, 2016, 2017 and 2019






Platform Windows, Mac OS and Linux
Operating systems version • Windows 10 64-bit only*
• macOS 10.15 (Catalina) or later or macOS 11.2 (Big Sur) or later, both Intel and Apple silicon
G/On OS 30 or later based on Fedora Linux v30 or later
* G/On client also works on Windows 7 and Windows 8.1, however, these platforms are not supported anymore



Platform Windows, Mac OS and Linux
Token types USB and Windows
G/On USB Token including built-in Smartcard for two-factor mutual authentication
SoftToken on any USB, 2 GB or larger
Computer User Token installed on Windows platform

2. G/On OS

G/On OS is a secure container added to G/On to have a full lock-down in the client side. Other features include:

  • G/On OS is a hardened, minimal Fedora Linux image, which is booted directly into memory from the G/On USB Token. It does not include drivers to access hard disks, so there is no way to leave data behind, or transmit data from the computer used.
  • G/On OS comes full features with application clients for Citrix, RDP, VNC, Browsers and much more.
  • G/On OS is locked down to only allow access to the SecureGateway it was originally enrolled on.

3. G/On Components

Secure Gateway

Prevents the corporate application servers from having to be Internet-facing.

  • Data in transit between the gateway and the remote client is always encrypted using FIPS 140.2 certified AES 256-bit encryption.
  • Provides proxy services and DNS name resolving on the internal network to offer full functionality to the applications on the client.
  • Offers automatic load-balancing and fail-over functionality and works with third-party load-balancing products.
  • Additional gateways are easily created in seconds using a Gateway installer.

G/On client

Connects applications on the client to resources inside the corporate network, without a VPN. After mutual two-factor authentication, the gateway server sends a menu-object to the client that contains the start-up configuration for each application the user can use at that device, location and/or time.

Other features include:
  • Unavailable applications are not visible and access rights are enforced in the gateway, preventing the user from starting not allowed applications or elevating access rights.
  • The G/On-client also provides the automatic launch of applications and Single-Sign-On (SSO).
  • The client can encapsulate all traffic in HTTP and traverse proxies, without sacrificing on security.
  • G/On clients are easily created using a G/On Client Installer, either by the admin or an end user and are available for Windows, MacOS and selected Linux-distributions.

G/On Security Token

A small USB form factor token with a mobile smartcard integrated in the MicroSD-card. End users receive a fully functional G/On client which is either pre-enrolled, or the end user goes through a simple enrolment process to activate the G/On client. During enrolment, the smartcard generates a private/public keypair. The public key is used for smartcard authentication, the private key is protected by the smartcard and can never leave it. The G/On Security-token can therefore be uniquely identified based on the smartcard private/public keypair during authentication time.

G/On Desktop Client

Runs from a computer instead of a G/On USB-token and uses the computer as a second authentication factor instead of a smartcard. Only available on Windows.

4. G/On Infrastructure



G/On is Easy to Use

But there’s no need to figure it out all on your own.

Group 1014

Service Desk Support

Need technical support? Log in to the ServiceDesk or email your query.

Group 1019


The one-stop shop for all technical documentation.

Discover how G/On can help: