Request demo
NQX™ Quantum-safe encryption

Technical details

Learn more about NQX technologies for DDoS protection, encrypted data flow, and branch connectivity.


NQX datasheet Talk to sales

How does NQX work?

NQX software delivers quantum-safe encryption for L2 (data link layer) and L3 (network layer) VPN data transport, DDoS protection, and flexible branch connectivity for Ethernet frames and IP packets. NQX software provides high-performance packet processing for rule-based forwarding, encryption/decryption, and filtering for Ethernet-based IPv4/IPv6 networks.

NQX appliances support various branch connectivity solutions by providing copper and optical 1 and 10 gigabit Ethernet interfaces. NQX Central Manager allows configuring appliance functions, including creation and distribution of encryption keys.

The easy-to-use web-based interface helps operational personnel with their daily work of maintaining VPN network.

NQX includes interfaces for third-party systems for easy integration for syslog servers as well for asset and observatory tools.


NQX high-level setup

  • Interconnecting data centers
  • Building VPN connections through public (Layer 3) or private (Layer 2) networks.
  • One appliance can be used for both layers at the same time.
  • Appliances can be clustered on sites where high availability is needed.
  • General protection for private LANs from the Internet Access rules.
  • All nodes, keys, and connections are managed from a single Central Manager system.

Hardware options

NQX Nano

For branch and small offices

  • 6x 10/100/1000M RJ45 Ethernet
  • 6 Gbps throughput,
  • 3 Gbps IPsec L2/L3,
  • 200k flows/sec

NQX Desktop

For medium offices and small datacenters

  • 6x 10/100/1000M RJ45 Ethernet,
    expandable with 2 port 10G SFP+
  • 20 Gbps throughput
  • 10 Gbps IPsec L2/L3
  • 200k flows/sec


For medium datacenters and headquarters

  • 8-24x RJ45 Ethernet, 0-16x 1G SFP, 4-12x Ethernet 10G SFP+
  • 60 Gbps throughput
  • 30 Gbps IPsec L2/L3
  • 300k flows/sec

NQX Server

For large datacenters and cloud solutions

  • 4-port Ethernet 1G / 10G SFP+
  • 40 Gbps throughput
  • 30 Gbps IPsec L2/L3
  • 300k flows/sec

Detailed information about the hardware options available in the NQX Datasheet

NQX datasheet

Main features


Security feature

  • 256 bit security level throughout the system for encryption keys, MAC keys, key agreement keys, and authentication keys
  • Authentication using Public Key Certificates or Shared Secrets
  • 521 bit ECDH key exchange, alternative 8kbit Diffie-Hellman key exchange, and 16kbit Diffie- Hellman
  • Protection from Quantum threat using automatic PostQuantum Preshared Keys (PPK) for Key Exchange and Authentication
  • Perfect Forward Secrecy for session keys
  • Adjustable IKEv2 and IPSec cryptoperiods and cipher modes
  • IKEv2 DoS protection using bounded Adaptive WRED with upper bound on IKEv2
  • Emergency security features to purge sessions and keys

Networking feature highlights

  • Flexible L3 operations with native dualstack architecture, IPv4 and IPv6 support
  • Unlimited Ipsecs VPN support for both L2 and L3, all frames and protocols
  • BGP4 for IGP/EGP dynamic routing
    Dynamic Host Configuration Protocol (DHCP)
  • Network address translation (NAT) and NAT travelsal support for mobile and broadband access
  • Link aggregation (LACP) for redundancy and increasing bandwidth.
  • Media access control address (MAC) table
  • Rule-based forwarding for granular flow management


Central Management feature highlights

  • Browser based user interface
  • Inventory management for nodes, configurations and software releases
  • VPN wizards for easy service provisioning
  • Mass provisioning functions
  • Holistic Service monitoring
  • Security policies with version management
  • Reporting templates
  • Role and domain-based user policy
  • Certification management for NQX nodes

Get in touch about NQX demos and pricing