Aventail Announces End-Point Control to Secure Remote Access
Date:
Topic Security, Encryption & Legislation
|
Aventail Announces End-Point Control to Secure Remote Access Based on a User?s Environment, Identity, and Level of Risk
SSL VPN leader partners with Bluefire Security, iPass, Foundstone, Swivel, Sygate, WholeSecurity, and Zone Labs to deliver unprecedented end-point access policy management and enforcement.
September 17, 2003 ? Aventail Corporation, the leading provider of SSL VPN appliances and services, today announced End-Point Control? (EPC) to increase the security of remote access from the riskiest end-points on the Internet. Backed by partnerships with the industry?s leading end-point enforcement vendors, Aventail?s new EPC initiative helps organizations manage and protect anywhere access to critical network resources from airport kiosks, wireless hot spots, employee-owned PCs, and PDAs. Aventail is delivering EPC with world-class policy enforcement partners, including Bluefire Security Technologies, Foundstone, iPass (Nasdaq:IPAS), Swivel, Sygate Technologies, WholeSecurity and Zone Labs**(see vendor quote sheet). With EPC, the Aventail? EX-1500 SSL VPN appliance leads the way in helping organizations control remote access policy not just based on a user?s identity, but also on their environment and level of risk.
?With the increasing use of public network services, the mobile workforce, contractor access, and even malware making its way into internal networks, DuPont believes that the client system must be able to protect itself in any network environment while securely connecting to company applications,? said John M. Davis, Technology Architect, Corporate IT Architecture, DuPont. ?Reaching this goal requires cooperative enforcement and provisioning services from end-point software including security auditing, personal firewall, antivirus, and the Aventail SSL VPN. Aventail has a proven track record in DuPont for enforcing one-time password authentication and trouble-free connectivity from any source network.?
?Today, corporations either attempt ?without success?to ban mobile and wireless access to corporate assets, or they accept a high degree of risk in return for providing greater flexibility and productivity to their employees,? said Chris Shipley, executive producer of the DEMO Conferences for IDG Executive Forums. ?With End Point Control, Aventail and its partners are addressing this challenge by increasing the range of end-points from which users can securely access corporate resources. Additionally, EPC adds teeth to the policies that IT can't enforce today, like prohibiting users from accessing the network from wireless devices that don't have a personal firewall. This gives IT the comfort they need to deliver on the promise of secure, anywhere access for the mobile workforce.?
In the past, remote access was only available to users on corporate laptops with traditional VPNs, which require the management of complex clients. With the adoption of SSL VPN technology, executives, employees, partners, and customers have come to expect anywhere access to more network resources. This includes unprecedented access to Web and client server applications from any device with a Web browser. In most cases, such as employee PCs or mobile PDAs, this access has immediate benefits for users. In others, such as airport kiosks, IT is faced with a choice of whether or not the risks of access outweigh the benefits. With the introduction of EPC, Aventail eliminates these risks by controlling access privileges based on the user?s specific level of risk?who they are, where they are, and what device they are using? in order to determine what steps can be taken to protect them. This allows IT to enforce security and extend anywhere access without the risks of the Internet?s worst-case security scenarios.
?In order for us to provide flexible secure access to users and partners, it?s critical that we can control where users are accessing systems from,? said Bruce Lee, CIO with BNP Paribas Americas. ?Aventail?s End Point Control strategy will enable us to further take advantage of the convenience of SSL VPN access with more control over policy and security. That?s the kind of innovation we?re looking for from a remote access partner.?
?The growing sophistication of mobile devices and access methods has presented IT departments with both a tremendous opportunity and challenge,? said Sarah Daniels, Aventail?s vice president of product management and marketing. ?While remote access is a must for business productivity, for it to work, organizations must be able to define access policies in order to secure and protect network resources. With End Point Control, Aventail delivers the power to do this with a highly sophisticated policy model for managing remote access risks.?
How Does it Work
Aventail?s partners enforce policies for firewalls, intrusion detection, virus protection and other client-side security issues, while Aventail encrypts and authorizes access to all corporate resources with access control policies based on both the user?s identity and the security of the user?s environment. Today Aventail delivers End Point Control through source-based access policy rules, control over split tunneling, strong authentication support, automatic detection of desktop security applications, cache protection, AutoCompletion blocking, user authorization, and crypto level access control. This allows Aventail to first detect the individual and their environment, then to secure that environment, and finally to deliver the right level of authorized access to that user.
End Point Control leverages Aventail?s flexible, object-based policy model, which includes a single, centralized location for all access policies. Aventail is committed to delivering new ways to detect users and their environment, and address their risks. The company?s product roadmap includes plans for even deeper integration with partners, stronger policy-based support, and increased control over end point activity.
Sarah Daniels from Aventail continued, ?EPC reinforces our commitment to meeting the demands of our growing customer base with SSL VPN solutions that address real-world remote access and security needs. We are dedicated to developing the most comprehensive SSL VPN solution for remote access by joining forces with world-class partners, many of whom are already a valuable part of our customers? infrastructure.?
About DEMOmobile 2003
The annual DEMO and DEMOmobile conferences focus on emerging technologies and new products, which are hand-selected by executive producer Chris Shipley from across the spectrum of the personal technology marketplace. Top executives from the leading hardware and software technology companies, venture capitalists, journalists from key industry publications and industry analysts attend the DEMO and DEMOmobile conferences to preview the most promising products and technologies for the coming year. DEMO is held in February each year and features approximately 60 new companies, products and technologies. DEMOmobile is held each fall and features approximately 35 new mobile technologies. For more information, visit http://www.idgef.com/.
About Aventail
Aventail, the recognized SSL VPN leader, is changing the way organizations define secure remote access. The company?s clientless SSL VPN appliances and services provide employees and business partners with transparent, anywhere access to any application from any Internet-enabled device.
Aventail has received numerous awards and accolades from the industry?s top publications and analyst firms. These include recognition as a leader in both the 2003 Gartner SSL VPN and Managed Remote Access Magic Quadrants; recognition as one of the top 10 security companies in Computer Business Review, Computerworld?s 100 Emerging Companies; winner of InfoWorld?s Hot Product, Network Magazine?s Product of the Year award, Giga Information Group?s Emerging Technology Scene - Best Overall Network Product, and the Crossroads A-List Award. Half a million users and 500 global organizations have purchased Aventail?s SSL VPN solutions, making Aventail the most widely deployed and proven SSL VPN on the planet. Aventail?s customers include industry leaders such as Aetna, Cerner Corporation, DuPont, Ernst & Young Global LLP, FMC, IBM Global Services, and Mount Sinai NYU.
For more information on Aventail, visit htt://www.aventail.com.
**Press Resource: Aventail?s End Point Control Vendor Quote Sheet
? Bluefire Security Technologies: ?The PDA is the most portable computing platform today, making it more vulnerable to attacks and unauthorized access,? said Tom Goodman, vice president of business development and operations for Bluefire Security TechnologiesTM. ?Bluefire and Aventail share a common vision for protecting remote users and have teamed to close the gap in enterprises? mobile security created by unsecured wireless handheld devices. We?re proud to work with Aventail on the End-Point Control initiative, offering organizations an effective solution for complete, end-to-end handheld security that combines Aventail?s market-leading SSL VPN with Bluefire?s comprehensive PDA security platform. We look forward to continued collaboration with Aventail to promote the advancement and rapid adoption of secure mobile technologies in enterprise organizations.?
Together, Bluefire and Aventail provide an end-to-end wireless handheld security solution for mobile enterprises. The new solution combines secure remote access with advanced mobile device and data protection to prevent unauthorized enterprise access using handhelds as a backdoor, minimizing organizational exposure to PDA vulnerabilities. Bluefire?s flagship product, Bluefire Mobile Firewall PlusTM, is the industry?s first complete security solution for handheld devices, providing firewall, intrusion prevention, integrity management, encryption, authentication and policy-based enterprise security management features that enable the safe use of mobile and wireless applications. Bluefire?s technology is being deployed across a wide-array of mobile enterprises including those in government, healthcare and financial services. Bluefire Mobile Firewall Plus is available for purchase on the government?s GSA and SEWP III schedules.
? Foundstone: ?Foundstone?s technology for proactive network security and vulnerability assessment, combined with Aventail?s excellence in remote network security, creates a complete and cost-effective solution for complex networks which ensures security of remote access by employees and partners,? said Stuart McClure, president and CTO, Foundstone. ?Proactively ensuring the security of your network?s remote user integrity is one of the best ways to lower unnecessary exposure to digital risks.?
Working with Aventail?s EPC initiative as the exclusive vulnerability assessment provider, Foundstone?s award-winning FoundScan Engine(TM) will evaluate a remote users? integrity based on a series of tests and acceptable risk criteria as defined by an organization's IT staff. Only by passing these tests and meeting the acceptable risk criteria will the remote user be connected to the network. Businesses and governments worldwide use the Foundstone FoundScan Engine to continually assess vulnerabilities as part of a proactive risk management strategy to comprehensibly and measurably protect the most important information from the most critical threats. Possessing one of the most dominant security talent pools ever assembled, Foundstone brings to market a unique combination of software, services and education to help IT managers to proactively protect their networks.
? iPass: ?A major part of the iPass mission is to allow enterprise IT departments to use policy-based security systems to control where, how and by whom corporate network assets are accessed,? said Mary Tate, director of technology alliances at iPass. ?This End-Point Control initiative can extend the network access end-points beyond the enterprise owned and managed access devices. If devices such as Internet kiosks or Internet caf? computers can achieve better security and gain the trust of the IT department, it would create potential for enhanced productivity by an increasingly mobile enterprise workforce.?
The iPass Corporate Access service connects a company?s remote and mobile professionals, whether at home, in the office or on the road, in approximately 150 countries. Each user accesses this virtual network through the use of an iPassConnect service interface. This easy-to-use interface lets users connect in a consistent fashion via wired and wireless broadband connections, modem and ISDN on PCs, Macs and PDAs. iPass can pass its user credentials (both username and password) to the Aventail SSL VPN and establish a secure connection automatically for the user as well as teardown the connection if the VPN is no longer up and running.
? Swivel (see related release from DemoMobile): ?The need for secure access to corporate networks has long been a challenge both for mobile workers and the IT professional that supports them,? says Fraser Thomas, chief executive officer of Swivel. ?Given its ubiquity, the cell phone provides the ideal platform for addressing this issue. The combination of Swivel?s simple to install and operate authentication system with Aventail?s SSL VPN appliance makes a compelling solution for a wide range of remote business connectivity requirements.?
Swivel has teamed with Aventail to increase security from a wide range of access points, leveraging Aventail?s EX 1500 family of SSL VPN appliances and Swivel?s PINsafe clientless authentication technology. Swivel PINsafe M2F, Swivel?s newest mobile two-factor authentication solution provides users with a unique, one-time code (based on an assigned 4 digit pin) each time they need to access secure network resources or services. PINsafe operates with mobile phones using either SMS or a Java application (for devices that support the latest 2.5 and 3G cellular technology). In either case, a security string is preloaded on the phone to be available when required, which means it can be used even in the absence of local cellular service.
? SYGATE Technologies: ?Prudent CSOs have long been frustrated that they can?t safely connect their business partners to their corporate network because of the risks to network integrity,? said Bill Scull, SVP Marketing, at Sygate Technologies. ?For the first time through this partnership with Aventail our companies offer an integrated solution that covers both corporate users and business partners.?
Aventail and Sygate, both Gartner Magic Quadrant leaders, share a history of innovation and a focus on providing safe network access for large enterprise networks. The EPC program simplifies and improves protection of remote users who are a source of increasing business advantage but are particularly vulnerable to compromise by malicious agents. Using the award-winning Sygate Secure Enterprise, organizations protect their users, computers and applications from compromise, enforce safe and correct behavior and eliminate unauthorized users from the corporate network. Sygate customers enforce business policies, and automate security best practices to regain control of network integrity, ensure compliance across the enterprise and reduce cost.
? WholeSecurity: ?WholeSecurity and Aventail are committed to providing secure remote access on any computer, anytime,? said Scott Olson, senior vice president of marketing, WholeSecurity. ?WholeSecurity is pleased to include our on-demand Confidence Online(tm) solutions in Aventail?s EPC program. By combining the leading on-demand networking and security solutions from Aventail and WholeSecurity, companies provide secure remote access while dramatically lowering the total cost of ownership (TCO) by eliminating the cost of installing, configuring, maintaining, and upgrading software on client machines.?
The integration of leading on-demand solutions from Aventail and WholeSecurity gives customers an automatic and transparent way to prevent eavesdropping and remote control programs from stealing corporate information from managed or unmanaged remote computers. Confidence Online?s patent-pending automatic, behavioral-based software provides ?Zero Hour? protection against backdoor threats including certain worms like Blaster and SoBig. Because the technology is not signature-based, PC owners do not have to rely on software patches and other reactive solutions to detect, quarantine or destroy malicious code on their computers.
? ZONE LABS, INC.: ?Zone Labs and Aventail are committed to providing safe remote access and we are pleased to work with Aventail on the EPC program,? said Paul Weinstein, vice president of strategic alliances, Zone Labs. ?The combined Zone Labs and Aventail solution provides our joint customers with the ideal means to secure all points of the extended enterprise network, successfully sealing the vulnerabilities of an exposed endpoint with an end-to-end SSL VPN solution that provides unique, inexpensive and comprehensive security for VPN sessions.?
The integration between the best-in-class security and networking products from Zone Labs and Aventail enables enterprises to enforce security policy on PCs before network access is granted, providing a secure defense against hackers, costly attacks and other Internet-borne threats. One of the most trusted brands in Internet security, Zone Labs? patented technology protects more than 25 million Internet users in global enterprises, small businesses and homes from the threats posed by hackers, data theft and malicious code. Zone Labs Integrity?, the company's best-in-class, centrally-managed endpoint security solution safeguards network endpoints from penetration by malicious code or targeted attacks with its combination of unparalleled protection for every network endpoint and central security management and enforcement capabilities.
|
This article is from Wi-Fi Technology Forum | Wireless Networking, Mobile Internet News and Reviews
http://www.wi-fitechnology.com/
The URL for this story is:
http://www.wi-fitechnology.com/displayarticle505.html
|
|
|