Frequently Asked Questions

Is ApplicGate a firewall or network proxy?

ApplicGate is designed as a Secure Access Hub, a technology to securely route between networks enforcing a strong authentication of all communication partners.

What kind of user and client authentication are supported?

Best practice to protect network access is to use client certificates. These certificates can be software certificates or certificated on hardware crypto-token or smart cards.
For access protection ApplicGate supports one-time-password via SMS or e-mail as well as TOTP using common authenticator apps such as Microsoft authenticator, Google and Sophos authenticator.

Does ApplicGate require a dedicated Windows or Linux server?

No, ApplicGate is a highly portable application that can run on Windows, Linux or Unix in addition to the default applications on that client or server machine. ApplicGate requires a minimal footprint of only about 2 MB.

Do I need to implement one solution per use case?

All features of ApplicGate are implemented within the portable application and activated by license key. A single instance can cover multiple use cases by implementing rules for all connected networks.

Can I rewrite internal and external e-mail addresses?

ApplicGate SMTP gateway allows to add, modify and amend internal and external recipients as well as change the e-mail sender addresses within one policy. Most customers use our feature to add additional recipients to protect internal email addresses or archiving mailboxes.

How many ApplicGate instances build a Remote Service Platform?

To establish a Remote Service Platform (RSP) within enterprises or for customer support a service provider instance is required within the service providers network or as cloud instance. In every connected remote location a single ApplicGate instance need to be activated.
To build a high availability RSP all instances can be clustered.

How does ApplicGate support network segmentation?

It supports an unlimited number of network interfaces and IP addresses (IPv4 and IPv6) for filtering, routing, proxying, network segmentation, etc. Between networks a secure tunnel protects all data on transit.

Why should I not configure firewall / NAT rules for network segmentation?

Designed as a Secure Access Hub allows a clear and simple rule definition, that can be audited and logged efficiently. It allows addressing of networks with identical network addresses with strong authentication and configuration of time based rules.

What is differenciator of reverse and forward proxy?

The ApplicGate Reverse Proxy allows addressing of multiple internal web servers using one public IP address. Rules can be defined on time and URL targets, adding high availability and 24x7 serviceability to simple web applications.
The forward proxy allows a defined and protected access of user clients to secured networks or the Internet.

Still have a question? Ask your question here
or send an email to