Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Neoteris inks deals to broaden SSL service

Posted: 07 Aug 2003 ?? ?Print Version ?Bookmark and Share

Keywords:neoteris? secure socket layer? ssl? mcafee? java?

Neoteris Inc. has expanded its support of Secure Sockets Layer service in its security gateways to encompass three layers of client and clientless secure access. The expansion builds on deals with McAfee Security and Fortinet for anti-virus gateways, and on pacts with McAfee, Zone Labs, InfoExpress and Sygate for integrating a host checker application programming interface (API) to monitor end point security compliance.

Neoteris, an early provider of Secure Sockets Layer-based gateways, has signed up more than 400 customers and 1 million users since launching its first products in 2001. By offering three levels of secure transactions based on SSL, it has moved into direct competition with some Internet Protocol secure (IPsec) virtual private network (VPN) vendors, while calling into question the need for some types of dedicated SSL accelerator hardware systems.

Vivian Ganitsky, manager of product marketing at Neoteris, said the bulk of the company's customers will want a clientless core-access system in which nodes operating within the enterprise can gain full access to all Web services. Neoteris offers a second option for certain power clients, in which a "secure application manager" uses thin-client proxy technology that allows some forms of dynamic TCP port access and NetBIOS tunneling, but which imposes limitations in functions such as Java downloads.

Neoteris this month will begin offering a third, client-based SSL option for telecommuters and remote users, in which a network proxy provides the equivalent function of an SSL VPN, giving a remote user full IP services, including streaming media, Wi-Fi, and voice-over-IP support.

Of its three options, Neoteris makes no secret of the fact that its original clientless model still has the widest applicability, and the lowest total cost of ownership over time. The application proxy and network proxy options are provided for the sake of completeness, allowing corporations to give the right level of SSL access support for power laptop users and general telecommuter clients.

The client-based "network connect" option allows support of advanced IP protocols such as H.323 and Session Initiation Protocol. A standard Web browser used with the network connect environment allows firewalls and network address translation systems to be freely traversed. Although this is a thin-client technology as opposed to the clientless corporate-level Neoteris system, it does not require the full client installation used in IPsec and other systems. Access to the corporate network can be controlled by IP address, port range, or protocol type.

The purpose in the deals with Sygate, Zone Labs, InfoExpress and McAfee was to integrate the host checker API directly with the external vendors' products. The host checker API allows Neoteris' Instant Virtual Extranet platform to confirm that third-party firewall, virus scan and intrusion detection systems operate in compliance with corporate security policies.

Separately, Neoteris signed pacts with McAfee and Fortinet to allow anti-virus scanners to operate as front ends to the Neoteris Access family, scanning attachments from Web-based mail applications such as Lotus Notes and Outlook WebAccess to remove viruses before mail goes into a corporate LAN.

Flexible approaches

Neoteris' full clientless Core Access system entails few incremental costs, Ganitsky said. With the other two options, some changes to desktop programs may be required and some OS dependencies may be encountered. A third-party end point security product is strongly recommended for the network connect option.

"This shows the full flexibility of SSL approaches," Ganitsky said. "It is not our intention to move into IPsec VPN for remote access at all."

- Loring Wirbel

EE Times

Article Comments - Neoteris inks deals to broaden SSL s...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top