WinGate (computing)
Encyclopedia
WinGate is an Integrated Gateway
Management system for Microsoft Windows
, providing firewall and NAT
services, along with a number of integrated proxy server
s and also email services (SMTP, POP3 and IMAP servers).
In the mid to late 1990s, WinGate was almost ubiquitous in homes and small businesses that needed to share a single Internet connection between multiple networked computers. The introduction of Internet Connection Sharing
in Windows 98
however, combined with increasing availability of cheap NAT-enabled routers, forced WinGate to evolve to provide more than just internet connection sharing features. Today, focus for WinGate users is primarily access control, reporting, bandwidth management and content filtering.
WinGate comes in three versions, Standard, Professional and Enterprise. The Enterprise edition also provides an easily configured virtual private network
system, which is also available separately as WinGate VPN. Licensing is tiered by the number of concurrently connected users, and available in a range of sizes to suit any budget or network size.
The current version of WinGate is version 7.0.1.3337 (released 25 November 2011).
, several circuit-level proxies (SOCKS 4/5, and proprietary Winsock redirector), and multiple proxy servers
. This provides a comprehensive access framework, and allows the maximum level of access control.
WinGate's policy framework allows the creation of specific access rules, based on user account details, request details, location of user, authentication level and time of day. The policy framework is based on a user database and user authentication. WinGate allows use of either WinGate's built-in user database, the Windows user database, or the user database of an NT domain or Active Directory. Authentication can use integrated windows usernames and passwords (NTLM) and other authentication schemes. WinGate can also be used without authentication, or can assume user identity based on IP address or computer name.
WinGate can also authenticate individual users on a Terminal server, and maintain separate user contexts to provide user-level control, and for applications that do not support authentication by using the WinGate Client software.
WinGate provides a fully customizable, self-configuring DHCP server
to assist with network configuration. It also supports multi-interface and multiple topology deployment including multiple DMZ
s.
WinGate provides an integrated Email server (POP3 server and retrieval client, SMTP server, and IMAP4 server) with message routing features and per-email restrictions. This can be used to provide company email services, or to provide protection and additional security (encryption and authentication) for an existing email system.
The WWW Proxy provides a transparent proxy for ease of administration, plus a shared proxy cache for improved surfing performance. It can also be used to secure access to internal web servers with either browser-based authentication or a Java-based applet.
Proxy services in WinGate support SSL/TLS connections, dynamic network binding (automatic response to network events such as addition or removal of network interfaces), and gateway pre-selection (to direct service for a particular application out a specific Internet connection).
Packet-level bandwidth management is also provided to allow control of bandwidth associated with certain users or applications, and is able to be configured on a per-time-of-day basis.
Also available for WinGate are optional components that provide Antivirus scanning for email, web and FTP, and content filtering for web traffic.
installed a pirated copy of WinGate 5 in a deliberately insecure configuration to be used by spammers. These installations used non-standard ports for SOCKS and WinGate remote control and so in general did not interfere with other software running on the infected host computer. This resulted in some antivirus software
incorrectly identifying WinGate as malware
and removing it.
Since early 2006 Qbik has been in development for the successor to WinGate 6. Initially labelled WinGate 2007, a technical preview was eventually made available in June 2007, slated for release in early 2008. At this time the revolutionary new policy system was introduced, based around a flow-chart decision tree which provided complete user-control over policy structure. Soon after this the product was re-labelled WinGate 2008. The year 2008 came and went without a WinGate release. As did 2009. Qbik however was still in full development of WinGate 7 as it is now called, and in fact moved their own company gateway to the product in December 2009.
Since March 2010 betas of WinGate 7 have been available to people registered in the WinGate 7 beta program. A built-in updater service keeps these beta users up-to-date, and updates have been released on a nearly weekly basis.
In September 2010 Qbik officially launched a YouTube channel, showing a number of videos showing WinGate 7 in operation. Finally it could be seen in a concrete form. The following month Qbik opened up its WinGate 7 Beta forum to the general public and invited all interested to participate in the beta program.
On 28 May 2011 WinGate 7 entered public Beta. On 1 July 2011 WinGate 7 Beta 2 was released, on 8 July Beta 3, and on 25 October RC 1 was released. The public release of WinGate 7.0 was build 3332 on 15 November 2011.
Gateway (telecommunications)
In telecommunications, the term gateway has the following meaning:*In a communications network, a network node equipped for interfacing with another network that uses different protocols....
Management system for Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
, providing firewall and NAT
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
services, along with a number of integrated proxy server
Proxy server
In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...
s and also email services (SMTP, POP3 and IMAP servers).
In the mid to late 1990s, WinGate was almost ubiquitous in homes and small businesses that needed to share a single Internet connection between multiple networked computers. The introduction of Internet Connection Sharing
Internet Connection Sharing
Internet Connection Sharing is the use of a device with Internet access such as 3G cellular service, broadband via Ethernet, or other Internet gateway as an access point for other devices...
in Windows 98
Windows 98
Windows 98 is a graphical operating system by Microsoft. It is the second major release in the Windows 9x line of operating systems. It was released to manufacturing on 15 May 1998 and to retail on 25 June 1998. Windows 98 is the successor to Windows 95. Like its predecessor, it is a hybrid...
however, combined with increasing availability of cheap NAT-enabled routers, forced WinGate to evolve to provide more than just internet connection sharing features. Today, focus for WinGate users is primarily access control, reporting, bandwidth management and content filtering.
WinGate comes in three versions, Standard, Professional and Enterprise. The Enterprise edition also provides an easily configured virtual private network
Virtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
system, which is also available separately as WinGate VPN. Licensing is tiered by the number of concurrently connected users, and available in a range of sizes to suit any budget or network size.
The current version of WinGate is version 7.0.1.3337 (released 25 November 2011).
Features
From version 6.5, WinGate runs on Microsoft Windows from Windows 2000 to Windows 7, both 32 and 64 bit. Prior versions are still available for earlier OSes back to Microsoft Windows 95. At its core, WinGate provides all 3 levels of Internet Access: a stateful packet-level firewall with NATNetwork address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
, several circuit-level proxies (SOCKS 4/5, and proprietary Winsock redirector), and multiple proxy servers
Proxy server
In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...
. This provides a comprehensive access framework, and allows the maximum level of access control.
WinGate's policy framework allows the creation of specific access rules, based on user account details, request details, location of user, authentication level and time of day. The policy framework is based on a user database and user authentication. WinGate allows use of either WinGate's built-in user database, the Windows user database, or the user database of an NT domain or Active Directory. Authentication can use integrated windows usernames and passwords (NTLM) and other authentication schemes. WinGate can also be used without authentication, or can assume user identity based on IP address or computer name.
WinGate can also authenticate individual users on a Terminal server, and maintain separate user contexts to provide user-level control, and for applications that do not support authentication by using the WinGate Client software.
WinGate provides a fully customizable, self-configuring DHCP server
Dynamic Host Configuration Protocol
The Dynamic Host Configuration Protocol is a network configuration protocol for hosts on Internet Protocol networks. Computers that are connected to IP networks must be configured before they can communicate with other hosts. The most essential information needed is an IP address, and a default...
to assist with network configuration. It also supports multi-interface and multiple topology deployment including multiple DMZ
Demilitarized zone (computing)
In computer security, a DMZ is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet...
s.
WinGate provides an integrated Email server (POP3 server and retrieval client, SMTP server, and IMAP4 server) with message routing features and per-email restrictions. This can be used to provide company email services, or to provide protection and additional security (encryption and authentication) for an existing email system.
The WWW Proxy provides a transparent proxy for ease of administration, plus a shared proxy cache for improved surfing performance. It can also be used to secure access to internal web servers with either browser-based authentication or a Java-based applet.
Proxy services in WinGate support SSL/TLS connections, dynamic network binding (automatic response to network events such as addition or removal of network interfaces), and gateway pre-selection (to direct service for a particular application out a specific Internet connection).
Packet-level bandwidth management is also provided to allow control of bandwidth associated with certain users or applications, and is able to be configured on a per-time-of-day basis.
Also available for WinGate are optional components that provide Antivirus scanning for email, web and FTP, and content filtering for web traffic.
Notoriety
Versions of WinGate prior to 2.1d (1997) shipped with an insecure default configuration that - if not secured by the network administrator - allowed untrusted third parties to proxy network traffic through the WinGate server. This made open WinGate servers common targets of crackers looking for anonymous redirectors through which to attack other systems. While WinGate was by no means the only exploited proxy server, its wide popularity amongst users with little experience administering networks made it almost synonymous with open SOCKS proxies in the late 1990s. Furthermore since a restricted (2 users) version of the product was freely available without registration, contacting all WinGate users to notify of security issues was impossible, and therefore even long after the security problems were resolved there were still many insecure installations in use.Sobig worm and WinGate 5
Some versions of the Sobig wormComputer worm
A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
installed a pirated copy of WinGate 5 in a deliberately insecure configuration to be used by spammers. These installations used non-standard ports for SOCKS and WinGate remote control and so in general did not interfere with other software running on the infected host computer. This resulted in some antivirus software
Antivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
incorrectly identifying WinGate as malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
and removing it.
WinGate 7 - the next generation
Since early 2006 Qbik has been in development for the successor to WinGate 6. Initially labelled WinGate 2007, a technical preview was eventually made available in June 2007, slated for release in early 2008. At this time the revolutionary new policy system was introduced, based around a flow-chart decision tree which provided complete user-control over policy structure. Soon after this the product was re-labelled WinGate 2008. The year 2008 came and went without a WinGate release. As did 2009. Qbik however was still in full development of WinGate 7 as it is now called, and in fact moved their own company gateway to the product in December 2009.
Since March 2010 betas of WinGate 7 have been available to people registered in the WinGate 7 beta program. A built-in updater service keeps these beta users up-to-date, and updates have been released on a nearly weekly basis.
In September 2010 Qbik officially launched a YouTube channel, showing a number of videos showing WinGate 7 in operation. Finally it could be seen in a concrete form. The following month Qbik opened up its WinGate 7 Beta forum to the general public and invited all interested to participate in the beta program.
On 28 May 2011 WinGate 7 entered public Beta. On 1 July 2011 WinGate 7 Beta 2 was released, on 8 July Beta 3, and on 25 October RC 1 was released. The public release of WinGate 7.0 was build 3332 on 15 November 2011.
Version history
| Date | Version |
| 2011 | WinGate 7.0.1 (November 25) |
| 2011 | WinGate 7.0 (November 15) |
| 2009 | WinGate 6.6 (Current is 6.6.4) |
| 2008 | WinGate 6.5 |
| 2007 | WinGate 6.2 |
| 2005 | WinGate 6.1 |
| 2004 | WinGate 6.0 |
| 2003 | WinGate 5.2.3 (last version in this family) |
| 2002 | WinGate 5.0 |
| 2001 | WinGate 4.5 (last version in this family) |
| 2000 | WinGate 4.0 |
| 1998 | WinGate 3.0 |
| 1996 | WinGate 2.0 |
| 1995 | WinGate 1.0 |