Dutch IT security company FoxIT, has released it's version of OpenVPN. OpenVPN-NL is used by the Dutch government for confidential communication. It has been developed at the request of the NBV, part of the Dutch Intelligence and Security Service (AIVD). One of FoxIT founders, Ronald Prins has an academic and professional background in encryption and has worked for the AIVD previously. The main reasons for developing were; -The product (OpenVPN) allows many insecure configurations, such as turning off encryption, or the use of outdated cryptographic functions in security critical places. -The trust to be put in the supply chain of the software is not warranted. The Dutch government simply cannot verify whether all the versions and releases out in the wild are legitimate (i.e. secure and uncompromised) versions of OpenVPN. The difference is that OpenSSL has been changed for PolarSSL; encryption has been changed from BF-CBC/SHA1 to AES-256-CBC/SHA256 (with no other options available). Also, the OpenVPN code has been scrutinized, resulting in removing some 8000 lines of code (insecure and less secure options) and adding 4000 new lines of code (hardening). OpenVPN-NL has been certified as NLNCSA criteria Level 2/NATO 'Restricted' classification. OpenVPN-NL is available for Windows, Ubuntu, Suse Enterprise, Redhat Enterprise and Debian. It's open source so available to everyone; source code link More details and DL location can be found at FoxIT website link.