SonicWALL Aventail SSL VPNs Working Together With SonicWALL End Point Security Solutions for Granular End Point Control
|
|
- Julius Lester
- 8 years ago
- Views:
Transcription
1 SonicWALL Aventail SSL VPNs Working Together With SonicWALL End Point Security Solutions for Granular End Point Control Step by step guide on how to configure SonicWALL Aventail SSL VPNs to detect the SonicWALL Enforced Client CONTENTS Overview 2 Configuration Steps 2 Zone Options Standard (Allow) Zone for Full Access 5 Default Zone for Limited Access- Download the SonicWALL Enforced Client 9 s Quarantine Zone to Deny Access- Download the SonicWALL Enforced Client 12 a Deny Zone to Deny Access if SonicWALL 15 Enforced Client is Out of Compliance Conclusion 20
2 Overview SonicWALL Aventail SSL VPN appliances have a feature called End Point Control (EPC) which has the ability to require that incoming clients meet certain criteria before connecting, the most common being that the incoming client be running a valid and up-to-date version of an anti-virus or anti-spyware program. Upon first contact with a SonicWALL Aventail appliance, the endpoint is interrogated against an administrator-defined set of attributes called Device Profiles. If the incoming connection meets said criteria, the client is assigned into a defined Policy Zone. If not, the administrator has a number of options, including assigning the endpoint into a Default Zone or Quarantine Zone for remediation. EPC interrogation and Zone assignment is available for all Aventail access methods, including Connect Tunnel. This white paper is intended to provide step by step instruction on how the SonicWALL Aventail SSL VPN can be configured to enforce that end point devices have the appropriate version and configuration of the SonicWALL Enforced Client anti-virus solution. Both a SonicWALL Aventail SSL VPN (EX-750, EX-1600 or EX-2500) and a SonicWALL Enforced Client running on an end point device are required in order to follow the configuration steps detailed in this paper. The information presented in this paper represents the industry experience of the SonicWALL research and development team and reflects the requirements that can be met by applying SonicWALL Aventail SSL VPN solutions combined with SonicWALL Enforced Client Anti-Virus solutions. The SonicWALL solutions are referenced in the conclusion to this paper and can be reviewed in detail on the SonicWALL Web site: Configuration Steps In order for a SonicWALL Aventail SSL VPN appliance to enforce client usage of the SonicWALL Enforced Client, there are a few prerequisites: 1. The Aventail SSL VPN appliance must run firmware 8.9 or newer. This can be obtained from the Aventail Assurance portal by customers with a current software service contract for their Aventail SSL VPN appliances. You can determine the current firmware version by logging into the Aventail Management Console (AMC); the version will display in the lower-left-hand corner of the AMC home page. The firmware version can also be determined by going to the System Configuration > Maintenance page. For an example, see below. 2
3 2. The incoming client connection must run version 4.5 or newer of the SonicWALL Enforced Client. In order to determine what version a client connection is running, right-click on the client s taskbar (it s the small red shield with the M in it, on the right of the taskbar) and select About. For an example, see below. 3
4 3. On the Aventail SSL VPN appliance, in the Device Profile definition for Windows, the McAfee Inc. Vendor name must be selected and the Total Protection for Small Business Product name must be used. (There is no SonicWALL-specific entry at present; this will be resolved in a future firmware release.) Following is an example of the SonicWALL Enforced Client Device Profile: 4
5 4. The SonicWALL Enforced Client is an OEM version of the Total Protection for Small Business software application and, because of this, is recognized as such by the Aventail SSL VPN appliance. 5. While the SonicWALL Enforced Client is an anti-spyware client as well as an anti-virus client, it only shows up in the Anti-Virus enforcement category on the Aventail SSL VPN appliance. Zone Options On the Aventail SSL VPN appliance, there are a number of options regarding how the administrator can use Aventail End Point Control settings to check the SonicWALL Enforced Client and take various actions if the Client is not running or up to date. For the purpose of this whitepaper, the following scenarios will be covered: 1. Standard (Allow) Zone for Full Access: This scenario assumes that the end user has the SonicWALL Enforced Client present on their end point device and it is configured with the appropriate version 2. Default Zone for Limited Access- Download the SonicWALL Enforced Client: This scenario assumes that the end user does not have the SonicWALL Enforced Client present on their end point device. The policy will allow the user to have limited access to resources. However, in order to gain full access to resources they will need to download and install the SonicWALL Enforced Client from a link that is present on the SSL VPN portal. 3. Quarantine Zone to Deny Access- Download the SonicWALL Enforced Client: This scenario also assumes that the end user does not have the SonicWALL Enforced Client present on their end point device. However, unlike the previous scenario the user is not allowed access to any resources until they download the SonicWALL Enforced Client. They will be placed into a quarantine zone and will be provided instructions on how to download the SonicWALL Enforced Client. 4. Deny Zone to Deny Access if the SonicWALL Enforced Client is Out of Compliance: This scenario assumes that the end user does have the SonicWALL Enforced Client but for some reason it is not the appropriate configuration (version out of date perhaps). They will be denied access until they perform the necessary update to their SonicWALL Enforced Client. 1. Standard (Allow) Zone for Full Access In this scenario, if the endpoint matches the Device Profile that was defined for the SonicWALL Enforced Client, then it will be placed into a Trusted Zone and given full access to all internal applications: a) First, define a Standard Zone named Trusted Zone within the previously-defined Enforce SonicWALL Device Profile: 5
6 b) Next, in the appropriate Community, under End Point Control Restrictions, place the new Trusted Zone into the In use box in the Standard Zone settings to make the Zone available to the Community: 6
7 c) In the Access Control rules, modify the appropriate rule and add the Trusted Zone. In this example, any user in the AD Realm will be permitted access to the Corporate Shared Drive, the intranet, OWA, and Terminal Services applications only if the endpoint is classified into the Trusted Zone. 7
8 d) After an authorized user logs into the WorkPlace from an endpoint that is running the SonicWALL Enforced Client, that endpoint is classified into the Trusted Zone, and the user is allowed access to all applications: 8
9 2. Default Zone for Limited Access Download SonicWALL Enforced Client In this scenario, if the endpoint does not match the Device Profile that was defined for the SonicWALL Enforced Client then it will be placed into a Default Zone and given access to a subset of internal applications. Also, a link is provided in the Default Zone to download and install the SonicWALL Enforced Client. a) Define a new URL Resource for the SonicWALL Enforced Client installation. The exact syntax of the URL is where CK is the Company Key which is a SonicWALL-generated company designation for an installation of the Enforced Client. Multiple licenses can be applied to the same Company Key. Only the hostname is defined in the URL Resource, while the remainder of the URL can be defined on the Start page option in the Advanced settings of the WorkPlace Shortcut: 9
10 b) When defining an external URL as Resource, is it important that the hostname gets added to the Resource Exclusion List that is located at the bottom of the Resource table. This tells the Aventail appliance not to translate the URL, so that the endpoint s browser will resolve the URL to the correct public Web site: 10
11 c) Define a new Access Control rule for endpoints placed into the Default Zone that are not running an Enforced Client or that are not up-to-date (as defined in the Device Profile) that will permit access only to specified applications and the SonicWall Enforced Client download link: d) Note that the Default Zone does not have to be added to the list of Standard Zones in the appropriate Community. The Default Zone is always present and is the last available Zone. In this example, since the endpoint will not match the Trusted Zone, it will fall into the Default Zone. 11
12 e) After logging into the WorkPlace from an endpoint without the SonicWALL Enforced Client running, the endpoint is classified into the Default Zone and is allowed access to only a subset of applications and a link to download the SonicWALL Enforced Client: 3. Quarantine Zone to Deny Access- Download SonicWALL Enforced Client Another option is if the endpoint does not match the Device Profile that was defined for the SonicWALL Enforced Client, then it will be placed into a Quarantine Zone and given access to a link to download and install the Client. In the Quarantine Zone, no application access is permitted outside of the remediation links that are defined. a) Under the End Point Control Zone settings, define a new Quarantine Zone. As part of the definition, the administrator can specify any text they would like to appear in the Zone and also any useful Web links that can be used for remediation purposes. In this example, a link is defined to the SonicWall Enforced Client installation URL as described above. 12
13 b) In the appropriate Community under End Point Control Restrictions, change the Zone fallback options from Place into default zone to Place into quarantine zone and the SonicWALL Quarantine Zone is specified: 13
14 c) After logging into the WorkPlace from an endpoint without the SonicWALL Enforced Client running, the endpoint is classified into the SonicWALL Quarantine Zone and is only permitted access to the remediation link specified: 14
15 4. Deny Zone to Deny Access if SonicWALL Enforced Client is Out of Compliance Finally, the Deny Zone can be used to deny access to an endpoint that matches a specific Device Profile. In this example, assume that a new version (5.0) of the SonicWALL Enforced Client has just been put into production and deployed to all end users. If a user tries to log into the WorkPlace from an endpoint that is running a SonicWALL Enforced Client with a version other then 5.0, they will be placed into the Deny Zone, not allowed any access at all into the internal network, and given a message explaining why they are denied access and whom to contact. a) Under the End Point Control Zone settings, define a new Device Profile called Enforce SonicWALL. This profile will check to see if the endpoint s SonicWALL Enforced Client version is equal to 4.x (and therefore not version 5.0). Other options can be set to check the last time the signatures were updated or the last time the file system was scanned: 15
16 16
17 b) Under the End Point Control Zone settings, define a new Deny Zone. In this Zone, we specify the Device Profile that we want to check for (Enforce SonicWALL) and also a custom message that we want to display to the end user: 17
18 c) In the appropriate Community, make the new Deny Zone available under the End Point Control restrictions: 18
19 d) After logging into WorkPlace from an endpoint that is not running the correct version of the SonicWALL Enforced Client, the endpoint is placed immediately into the Deny Zone and the predefined message is displayed: 19
20 Conclusion The SonicWALL E-Class Aventail SSL VPN appliances provide secure access from employees, business partners, and customers to Web applications, client/server applications, and file shares. The Aventail SSL VPN appliances provide remote access control that manages and secures application access based on the ability to identify the following three things: 1) Who is the user? Identify users based on strong authentication. Group users into communities and groups based on admission policy. 2) What is on the end point device? Interrogation of the end point to determine the device identity and device integrity, and allow the results of the interrogation to be leveraged within admission and access control policies 3) What are the resources that the user needs to access? Allow access to individual applications based on who the user is and the trust level for the device used for access. The Aventail SSL VPN appliances makes these resources available from a range of access methods including a standard Web browser, an ActiveX or Java-enabled Web browser, or a native client preinstalled on the device on a wide range of platforms and devices that include Windows, Macintosh, Linux, and PDAs or smartphones. Administrators determine the resources that users will be allowed to access, and the Aventail SSL VPN appliances transparently and dynamically provision the access methods appropriate for those resources. All access control is handled centrally via the Web-based management console. Why SonicWALL Aventail SSL VPNs? 1) More devices, more access points: The pace of innovation in remote access technology has increased dramatically over the past decade. Broadband access to the Internet has become not merely ubiquitous, but an expected standard, at work, at home, and everywhere in between. Mobile devices have proliferated to the point where laptops, PDAs, and smartphones, mobilized with sophisticated wireless and cellular connectivity, are increasing the phase-out of traditional desktop PCs. The rise in VoIP has turned phone calls into data resources, and transformed telephony into yet another network access methodology. 2) Work is increasingly moving beyond the network perimeter: Traditional network boundaries are disappearing, and the office no longer has anything to do with any specific physical location. Work is conducted from field offices and home offices, partner sites and manufacturing sites. Increased access has resulted in increased productivity. Business partners require access to internal enterprise resources from end point locations behind their own firewalls. Remote teleworkers and day extenders in all business capacities connect to business applications and files via WiFi hotspots at their home or neighborhood cafes. Enterprise boundaries are blurring, with outside partners, vendors, and consultants playing an increasingly vital a role in daily operations, often collaborating in cross-functional teams requiring secure access to inside application resources from outside devices, traversing internal and external firewalls. 20
21 3) IT is facing new challenges for controlling access: The increasingly mobile trends in technology and business operations have accelerated the replacement of traditional network nodes from IT-managed hard-cabled desktops to wireless laptops and mobile devices. Even when these devices are issued by IT, usage has become difficult for IT to control. An end user might use the same mobile computing device at home as in the office, use a personally-owned device for business purposes, or use a corporate-owned device for personal purposes. It is increasingly hard for IT to be able to restrict what users do with access devices, and to limit ways in which users expose these devices to threats that can impact the security of enterprise resources. To learn more about SonicWALL Aventail SSL VPN solutions, visit: 21
22 Contacting SonicWALL If you require technical assistance for your SonicWALL UTM appliance or SonicPoint, check these online SonicWALL resources: The support site: The interactive online Knowledge Portal: If you cannot find the information you need, contact SonicWALL telephone support at one of these numbers: North America Telephone Support U.S./Canada or International Telephone Support Australia Austria + 43(0) EMEA + 31(0) France + 33(0) Germany + 49(0) Hong Kong India Italy Japan + 81(0) New Zealand Singapore Spain + 34(0) Switzerland UK + 44(0) Note: If you find that the number appropriate to your geographic region does not work, please visit for the latest technical support telephone numbers. More Information on SonicWALL Products Contact SonicWALL, Inc. for information about SonicWALL products and services at: Web: sales@sonicwall.com Phone: (408) Fax: (408) Author: dparry@sonicwall.com and dbuckwald@sonicwall.com Prepared by SonicWALL, Inc Version 1.3, Updated January
Why Switch from IPSec to SSL VPN. And Four Steps to Ease Transition
Why Switch from IPSec to SSL VPN And Four Steps to Ease Transition Table of Contents The case for IPSec VPNs 1 The case for SSL VPNs 2 What s driving the move to SSL VPNs? 3 IPSec VPN management concerns
More informationBEST PRACTICES FOR SECURE REMOTE ACCESS A GUIDE TO THE FUTURE
BEST PRACTICES FOR SECURE REMOTE ACCESS A GUIDE TO THE FUTURE The future trend is towards a universal access control model, one which inverts the network so that the protective perimeter is concentrated
More informationBest Practices for Secure Mobile Access
Best Practices for Secure Mobile Access A guide to the future. Abstract Today, more people are working from more locations using more devices than ever before. Organizations are eager to reap the benefits
More informationSonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity
SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria
More informationHosted Email Security Quick Start Guide
Hosted Email Security Quick Start Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential
More informationDell SonicWALL Aventail 10.6.5 Connect Tunnel User Guide
Dell SonicWALL Aventail 10.6.5 Connect Tunnel User Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates
More informationAventail Connect Client with Smart Tunneling
Aventail Connect Client with Smart Tunneling User s Guide Windows v8.7.0 1996-2006 Aventail Corporation. All rights reserved. Aventail, Aventail Cache Control, Aventail Connect, Aventail Connect Mobile,
More informationDell SonicWALL Secure Virtual Assist: Clientless remote support over SSL VPN
Dell SonicWALL Secure Virtual Assist: Clientless remote support over SSL VPN Businesses can enhance user satisfaction, productivity, profitability and security by leveraging existing infrastructure to
More informationProtecting Network Infrastructure. Mobile Workers. Florian Malecki - SonicWALL EMEA Enterprise Product Marketing Manager
Protecting Network Infrastructure to Secure Distant Access and Mobile Workers Florian Malecki - SonicWALL EMEA Enterprise Product Marketing Manager SonicWALL: Protection at the Speed of Business Founded
More informationClean VPN Approach to Secure Remote Access
Clean VPN Approach to Secure Remote Access A clean VPN approach delivers layered defense-in-depth protection for the core elements of business communications. CONTENTS Extending Business Beyond the Perimeter
More informationSSL-VPN 200 Getting Started Guide
Secure Remote Access Solutions APPLIANCES SonicWALL SSL-VPN Series SSL-VPN 200 Getting Started Guide SonicWALL SSL-VPN 200 Appliance Getting Started Guide Thank you for your purchase of the SonicWALL SSL-VPN
More informationThe Advantages of Using Aventail VPN
SECURE MOBILE ACCESS USING SSL VPNS September 2005 Prepared by Peter Rysavy http://www.rysavy.com 1-541-386-7475 Executive Summary Remote access has become increasingly complex. It s no longer about traveling
More informationAventail SSL VPN. Installation and Administration Guide. Version 9.0.0
Aventail SSL VPN Installation and Administration Guide Version 9.0.0 2008 SonicWALL, Inc. All rights reserved. SonicWALL is a registered trademark of SonicWALL, Inc. Other product names mentioned herein
More informationSonicWALL Mobile Connect. Mobile Connect for OS X 3.0. User Guide
SonicWALL Mobile Connect Mobile Connect for OS X 3.0 User Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION
More informationIPSec vs. SSL VPN: Transition criteria and methodology
IPSec vs. SSL VPN: Transition criteria and methodology A comparison of SSL VPN and IPSec VPN technologies and recommended implementations based upon use case Abstract Business mobility has driven the need
More information10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN
10 Strategies to Optimize IT Spending in an Economic Downturn Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN Current Economic Landscape 2 Basically you Basically you ve had to throw
More informationCitrix Access Gateway
F E A T U R E S O V E R V I E W Citrix Access Gateway Citrix Access Gateway is a universal SSL VPN appliance that combines the best features of IPSec and typical SSL VPNs without the costly and cumbersome
More informationPRODUCT CATEGORY BROCHURE. Juniper Networks SA Series
PRODUCT CATEGORY BROCHURE Juniper Networks SA Series SSL VPN Appliances Juniper Networks SA Series SSL VPN Appliances Lead the Market with Secure Remote Access Solutions That Meet the Needs of Organizations
More informationBest Practices for Secure Remote Access. Aventail Technical White Paper
Aventail Technical White Paper Table of contents Overview 3 1. Strong, secure access policy for the corporate network 3 2. Personal firewall, anti-virus, and intrusion-prevention for all desktops 4 3.
More informationPRODUCT CATEGORY BROCHURE
PRODUCT CATEGORY BROCHURE SA Series SSL VPN Appliances Juniper Networks SA Series SSL VPN Appliances Lead the Market with Secure Remote Access Solutions That Meet the Needs of Organizations of Every Size
More informationSecure remote access market analysis: The Dell SonicWALL difference
Secure remote access market analysis: The Dell SonicWALL difference Dell SonicWALL advantages over the competition Introduction To drive high levels of user productivity and sustain a competitive edge,
More informationWhy switch from. Page title appears here. cum evendi dest faceat raest, a poritis. fuga. It pel ipsunt mo quunt.
SSL VPN Page title appears here Why switch from This is placeholder body copy. Ebit doloreici te quo invendit maio. Eolesequi se debis dici simi olum volupta denestoria verem del erumquidit, sumquia voluptate
More informationThe Advantages of Aventail VPN (Virtual Private Network)
SECURE WIRELESS NETWORKING USING SSL VPNS Prepared by Peter Rysavy http://www.rysavy.com 1-541-386-7475 T ABLE OF C ONTENTS EXECUTIVE SUMMARY...2 PREVALENCE OF WIRELESS NETWORKS...3 SECURITY CHALLENGES
More informationIPSec vs. SSL VPN: Transition Criteria and Methodology
IPSec vs. SSL VPN: Transition Criteria and Methodology A comparison of SSL VPN and IPSec VPN technologies and recommended implementations based upon use case CONTENTS Abstract 2 IPSec VPNs: Designed for
More informationSecuring the Small Business Network. Keeping up with the changing threat landscape
Securing the Small Business Network Keeping up with the changing threat landscape Table of Contents Securing the Small Business Network 1 UTM: Keeping up with the Changing 2 Threat Landscape RFDPI: Not
More informationFamily Datasheet AEP Series A
Trusted Security Everywhere Family Datasheet AEP Series A Covering: Hardware Edition Virtual Edition Load Balancer AEP Networks, Inc. All rights reserved. Secure Application Access 2500. 4500. 6500. 8500
More informationFor more information refer: UTM - FAQ: What are the basics of SSLVPN setup on Gen5 UTM appliances running SonicOS Enhanced 5.2?
TM SSL-VPN: How to setup SSL-VPN feature (NetExtender Access)... of 6 1/12/2013 11:46 PM Question/Title UTM SSL-VPN: How to setup SSL-VPN feature (NetExtender Access) on SonicOS Enhanced (SonicOS 5.6 and
More informationAventail SSL VPN. Getting Started Guide. Version 8.6
Aventail SSL VPN Getting Started Guide Version 8.6 1996-2005 Aventail, Aventail Cache Control, Aventail Connect, Aventail Connect Tunnel, Aventail End Point Control, Aventail Management Console, Aventail
More informationNATIONAL GATEWAY SECURITY SURVEY
NATIONAL GATEWAY SECURITY SURVEY REPORT SUMMARY The National Gateway Security Survey 2008 was carried out for value added distributor Wick Hill, specialists in secure infrastructure solutions, and sponsored
More informationRemote VPN: Remote access for personal devices
Remote VPN: Remote access for personal devices Documentation Team. March 2013. About Remote VPN Remote VPN 1 provides staff and students with secure, authenticated remote access to personal and shared
More informationMove over, TMG! Replacing TMG with Sophos UTM
Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access
More informationSonicWALL Secure Wireless Network
SONICWALL Ä SonicWALL Secure Wireless Network Integrated Solutions Guide ^ Official guide from SonicWALL Written by SonicWALL engineers and documentation specialists Appropriate for all audiences, from
More informationProfessional Integrated SSL-VPN Appliance for Small and Medium-sized businesses
Professional Integrated Appliance for Small and Medium-sized businesses Benefits Clientless Secure Remote Access Seamless Integration behind the Existing Firewall Infrastructure UTM Security Integration
More informationRelease Notes. Platform Compatibility. Supported Operating Systems and Browsers: AMC. WorkPlace
Secure Remote Access SonicWALL Aventail E-Class SRA EX-Series 10.5.6 Platform Compatibility The SonicWALL Aventail E-Class SRA EX-Series 10.5.6 release is supported on the following SonicWALL appliances:
More informationSSL VPN Technical Primer
4500 Great America Parkway Santa Clara, CA 95054 USA 1-888-NETGEAR (638-4327) E-mail: info@netgear.com www.netgear.com SSL VPN Technical Primer Q U I C K G U I D E Today, small- and mid-sized businesses
More informationHosted Email Security 2.0 Quick Start Guide
Hosted Email Security 2.0 Quick Start Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential
More informationClean VPN Approach to Secure Remote Access for the SMB
Clean VPN Approach to Secure Remote Access for the SMB A clean VPN approach delivers layered defense-in-depth protection for the core elements of business communications. CONTENTS Extending Business Beyond
More informationSecuring Citrix with SSL VPN Technology
Securing Citrix with SSL VPN Technology An AEP Networks Solution Summary For years, Citrix Systems has dominated the server-based computing market as the solution of choice for application access across
More informationHow To Use A Dll Sonicwall Aventail E-Class Secure Remote Access (Sra) From A Pc Or Ipad To Awna (Awna) For A Mobile Device (For Awn) For An Enterprise
E-Class Secure Remote Access Series Secure remote access for the enterprise Easy, secure and clientless remote access for the enterprise With maturing mobile technologies, booming global markets and heightened
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationWhen your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.
Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using
More informationTowards End-to-End Security
Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu
More informationHow To Secure A Remote Worker Network
Key Steps to a Secure Remote Workforce Telecommuting benefits the employee and the company, the community and the environment. With the right security measures in place, there s no need to delay in creating
More informationE-Class Secure Remote Access Series
E-Class Secure Remote Access Series Secure remote access for the enterprise Easy, secure and clientless remote access for the enterprise With maturing mobile technologies, booming global markets and heightened
More informationE-Class Secure Remote Access Series
E-Class Secure Remote Access Series Enable mobile and remote worker productivity while protecting from threats Easy, secure mobile and remote access for the enterprise The proliferation of mobile devices
More informationHow To Protect Your Endpoints From Attack
2012 Endpoint Security Best Practices Survey GLOBAL RESULTS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Top tier organizations fare better against attacks... 8 Finding 2: Top tier organizations
More informationEmail Security 8.0 User Guide
Email Security 8.0 User Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential damage to
More informationavast! Small Office Administration Console Small Office Administration Console User Guide
Small Office Administration Console User Guide 1 2 Introduction to the Small Off ice Administrat ion Console The Small Office Administration Console provides central management capability for your installation
More informationDriving Company Security is Challenging. Centralized Management Makes it Simple.
Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary
More informationMUNICIPAL WIRELESS NETWORK
MUNICIPAL WIRELESS NETWORK May 2009 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationWhite Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com
Protecting Mobile Apps with Citrix XenMobile and MDX citrix.com Mobility is a top priority for organizations as more employees demand access to the apps and data that will make them productive. Employees
More informationEND-TO-END SECURITY WITH SA SERIES SSL VPN APPLIANCES
SOLUTION BRIEF END-TO-END SECURITY WITH SA SERIES SSL VPN APPLIANCES Ensure Remote Users and Devices Meet Security Requirements Before Granting Access to Network Resources Challenge As the global workforce
More informationNetwork Security. Intertech Associates, Inc.
Network Security Intertech Associates, Inc. Agenda IT Security - Past to Future Security Vulnerabilities Protecting the Enterprise What do we need in each site? Requirements for a Security Architecture
More informationMobile workforce management software solutions. Empowering the evolving workforce with an end-to-end framework
Mobile workforce management software solutions Empowering the evolving workforce with an end-to-end framework 2013 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected
More informationCharter Business Desktop Security Administrator's Guide
Charter Business Desktop Security Administrator's Guide Table of Contents Chapter 1: Introduction... 4 Chapter 2: Getting Started... 5 Creating a new user... 6 Recovering and changing your password...
More informationUse Host Information in Policy Enforcement
Use Host Information in Policy Enforcement Although you may have stringent security at your corporate network border, your network is really only as secure as the end devices that are accessing it. With
More informationProduct Line Brochure
Product Line Brochure SonicWALL asdfsdadsafsadfsdafasdfds SonicWALL E-Class Series Historically, enterprise security solutions have been technologically limited, notoriously expensive or difficult to deploy
More informationNew Trusted Partner Client-Based Access for Windows XP and Windows 7 Includes Juniper Netconnect VPN client and CyberGatekeeper client
New Trusted Partner Client-Based Access for Windows XP and Windows 7 Includes Juniper Netconnect VPN client and CyberGatekeeper client Copyright 2011 FMR Corp. February 2011 Trusted Partner Access Pre-InstallationWorksheet
More informationSECURE ACCESS TO THE VIRTUAL DATA CENTER
SOLUTION BRIEF SECURE ACCESS TO THE VIRTUAL DATA CENTER Ensure that Remote Users Can Securely Access the Virtual Data Center s Virtual Desktops and Other Resources Challenge VDI is driving a unique need
More informationComodo Endpoint Security Manager SME Software Version 2.1
Comodo Endpoint Security Manager SME Software Version 2.1 Quick Start Guide Guide Version 2.1.111114 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Endpoint Security Manager - SME Quick
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationBYOD Policy & Management Part I
Introduction Many of today s endpoints are neither known nor protected. According to Gartner, enterprises are only aware of 80 percent of the devices on their network. Those 20 percent of unknown devices
More informationWHITEPAPER IPSEC VPN Vs. SSL VPN
WHITEPAPER IPSEC VPN Vs. SSL VPN Introduction Whether a result of tele-working initiatives, contingencies for events such as 9/11, SARS, and the East Coast Blackout, or just addressing the need to balance
More informationEnterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect
Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...
More informationSecure, Mobile Access to Corporate Email, Applications, and Intranet Resources
APPLICATION NOTE Juniper NETWORKS SSL VPN and Windows Mobile Secure, Mobile Access to Corporate Email, Applications, and Intranet Resources Table of Contents Introduction.........................................................................................
More informationicrosoft TMG Replacement with NetScaler
icrosoft TMG Replacement with NetScaler Replacing Microsoft Forefront TMG with NetScaler for secure VPN access Table of contents Introduction 3 Configuration details 3 NetScaler features to be enabled
More informationMOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES
MOBILITY & INTERCONNECTIVITY Features SECURITY OF INFORMATION TECHNOLOGIES Frequent changes to the structure of enterprise workforces mean that many are moving away from the traditional model of a single
More information642-647. Deploying Cisco ASA VPN Solutions Exam. http://www.examskey.com/642-647.html
Cisco 642-647 Deploying Cisco ASA VPN Solutions Exam TYPE: DEMO http://www.examskey.com/642-647.html Examskey Cisco 642-647 exam demo product is here for you to test the quality of the product. This Cisco
More informationGetting Started Guide
SonicWALL Network Security Appliances NETWORK SECURITY TZ 100 / TZ 200 Series Getting Started Guide SonicWALL TZ 100/200 series Getting Started Guide This Getting Started Guide provides instructions for
More informationPermeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions
Permeo Technologies WHITE PAPER HIPAA Compliancy and Secure Remote Access: Challenges and Solutions 1 Introduction The Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996 has had an
More informationAccessing TP SSL VPN
Accessing TP SSL VPN This guide describes the steps to install, connect and disconnect the SSL VPN for remote access to TP intranet systems using personal notebooks. A. Installing the SSL VPN client Junos
More informationFortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201
FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201 Course Overview Through this 2-day instructor-led classroom or online virtual training, participants
More informationReverse Proxy with SSL - ProxySG Technical Brief
SGOS 5 Series Reverse Proxy with SSL - ProxySG Technical Brief What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the functionality for a robust and flexible reverse proxy solution. In addition
More informationSonicWALL SRA Virtual Appliance Getting Started Guide
COMPREHENSIVE INTERNET SECURITY SonicWALL Secure Remote Access Appliances SonicWALL SRA Virtual Appliance Getting Started Guide SonicWALL SRA Virtual Appliance5.0 Getting Started Guide This Getting Started
More informationEXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS
EXTENDING THREAT PROTECTION AND WHITEPAPER CLOUD-BASED SECURITY SERVICES PROTECT USERS IN ANY LOCATION ACROSS ANY NETWORK It s a phenomenon and a fact: employees are always on today. They connect to the
More informationCisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security
White Paper Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security Introduction Organizations that want to harness the power of the web must deal with
More informationCheck Point NAC and Endpoint Security Martin Koldovský SE Manager Eastern Europe mkoldov@checkpoint.com
Check Point NAC and Endpoint Security Martin Koldovský SE Manager Eastern Europe mkoldov@checkpoint.com NAC is Here to Enforce identity-based access policies Control who is accessing what Prevent guests
More informationDell SonicWALL SRA 7.5 Citrix Access
Dell SonicWALL SRA 7.5 Citrix Access Document Scope This document describes how to configure and use Citrix bookmarks to access Citrix through Dell SonicWALL SRA 7.5. It also includes information about
More informationSecure Remote Access Give users in office remote access anytime, anywhere
Secure Remote Access Give users in office remote access anytime, anywhere June 2008 Introduction As organizations strive to increase productivity, secure remote access to network resources becomes increasingly
More informationSAAS VS. ON-PREMISE SECURITY. Why Software-as-a-Service Is a Better Choice for Email and Web Threat Management
SAAS VS. ON-PREMISE SECURITY Why Software-as-a-Service Is a Better Choice for Email and Web Threat Management How SaaS Solves the Problems of On-Premise Security Businesses traditionally invest in security
More informationBYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?
BYOD How-To Guide How do I securely deliver my company s applications and data to BYOD? Table of Contents Harness the power of BYOD with Mobile Workspaces Why BYOD? Enterprise Mobile Requirements Mobile
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationFEATURE. THE RISE OF SSL VPNS by Ian Kilpatrick, chairman Wick Hill Group. Summary of feature. 1300 words. * Recent growth of SSL VPNs
FEATURE THE RISE OF SSL VPNS by Ian Kilpatrick, chairman Wick Hill Group 1300 words Summary of feature * Recent growth of SSL VPNs * Aim of VPN technology - controlled, secure and managed access to any
More informationCitrix Access on SonicWALL SSL VPN
Citrix Access on SonicWALL SSL VPN Document Scope This document describes how to configure and use Citrix bookmarks to access Citrix through SonicWALL SSL VPN 5.0. It also includes information about configuring
More informationCLEARPASS ONGUARD CONFIGURATION GUIDE
CONFIGURATION GUIDE REVISION HISTORY Revised By Date Changes Dennis Boas July 2015 Version 1 initial release TABLE OF CONTENTS... 1 INTRODUCTION... 3 CONFIGURATION WORKFLOW... 4 CONFIGURE POSTURE POLICIES...
More informationConfiguring DHCP for ShoreTel IP Phones
Configuring DHCP for ShoreTel IP Phones Network Requirements and Preparation 3 Configuring DHCP for ShoreTel IP Phones The ShoreTel server provides the latest application software and configuration information
More informationMaaS. MaaS. UNIVERSAL WIRELESS CLIENT: How to simplify mobility and reduce the cost of supporting mobile workers. www.maas360.com.
UNIVERSAL WIRELESS CLIENT: How to simplify mobility and reduce the cost of supporting mobile workers www.360.com Table of Contents THE PRICE OF FREEDOM...1 THE UNIVERSAL WIRELESS CLIENT...1 Connecting
More informationNetwork protection and UTM Buyers Guide
Network protection and UTM Buyers Guide Using a UTM solution for your network protection used to be a compromise while you gained in resource savings and ease of use, there was a payoff in terms of protection
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationEnabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media
Enabling Business Beyond the Corporate Network Secure solutions for mobility, cloud and social media 3 Trends Transforming Networks and Security Are you dealing with these challenges? Enterprise networks
More informationIncrease Productivity and Reduce Security Risks for Teleworkers
Increase Productivity and Reduce Security Risks for Teleworkers An overview of how teleworking helps meet today s productivity demands, what additional network security risks anywhere access can create,
More informationFIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES
FIREWALL Features SECURITY OF INFORMATION TECHNOLOGIES To ensure that they stay competitive and in order to expand their activity, businesses today know it is in their best interests to open up more channels
More informationCisco Small Business ISA500 Series Integrated Security Appliances
Q & A Cisco Small Business ISA500 Series Integrated Security Appliances Q. What is the Cisco Small Business ISA500 Series Integrated Security Appliance? A. The Cisco Small Business ISA500 Series Integrated
More informationMobile Access Software Blade
Mobile Access Software Blade Dimension Data BYOD event Jeroen De Corel SE BeLux 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012 Check Point Software Technologies Ltd.
More informationRelease Notes for Websense Web Endpoint (32- and 64-bit OS)
Release Notes for Websense Web Endpoint (32- and 64-bit OS) Updated: 8-Feb-2013 Applies To: Websense Cloud Web Security solutions Use the Release Notes to learn about: What s new in Websense Web Endpoint?
More informationProtecting Your Roaming Workforce With Cloud-Based Security
Protecting Your Roaming Workforce With Cloud-Based Security How to use the cloud to secure endpoints beyond your perimeter By Tsailing Merrem, Senior Product Marketing Manager Remote and roaming workers
More informationWe d Like That on Our Laptops, Notebooks, Tablets and Smartphones, Please
latest thinking We d Like That on Our Laptops, Notebooks, Tablets and Smartphones, Please Enabling enterprise mobility with Microsoft System Center and cloud Enterprise mobility is no longer the domain
More informationIT Services. VPN Connectivity Guide. 1 IT Systems
IT Services VPN Connectivity Guide 1 IT Systems Introduction...3 Cass VPN Service...4 Prerequisites...5 Connectivity process...6 Pilot Group Feedback...13 2 IT Systems Introduction This document briefly
More informationTime Warner Cable Business Class IP VPN & Managed IP VPN User Guide
Time Warner Cable Business Class IP VPN & Managed IP VPN User Guide Table of Contents 1. TWCBC IP VPN & Managed IP VPN Service Overview... 4 2. How to Order New Services... 5 2.1 Mobile IP VPN Client Licenses...
More informationSafeEnterprise SSL igate Managing Central Access to Resources with VPX Technology
SafeEnterprise SSL igate Managing Central Access to Resources with VPX Technology Introduction SSL is a well-established, high performing and secure technology for Internet transactions. The strength of
More information