SSL VPN With the development of cloud computing and mobile devices, modern workforces have become increasingly mobilized and distributed. This trend requires business organizations to prepare its IT infrastructure to facilitate a secure and efficient remote access to business resources with full efforts. understands those business challenges and is committed to provide solutions for those increasing demands of modern businesses. Leveraging from its innovative technologies, releases its superior SSL VPN products. Compared with other existing SSL VPN solutions, SSL VPN offers the best level business driven solution with extraordinary access speed, unique virtualization and security technologies. www.sangfor.com
Access Optimization Never Been So Fast SSL VPN provides remote user with extraordinary access performance and experience by embedding acceleration technologies without additional license fee! Less Bandwidth Required Compression is commonly used in other solutions but not enough to offer a high-speed SSL VPN connection. SSL VPN innovatively adopts the byte cache technology into SSL VPN sessions, which effectively eliminates 30-90% of redundant traffics on SSL VPN links and improves the access speed of remote users. Byte Cache - Average Link Speed (Realtime) Service Uptime 0day(s) 0hour(s) 10minute(s) [Optimization Effect] 8000 6000 4000 2000 0 09:22 09:23 09:24 09:25 09:26 Before Optimization:0.0 KBps After Optimization: 0.0 KBps Reduces more than 75% of redundant data and releases a significant portion of the bandwidth for critical traffics Smooth Performance under Harsh Network Environments Under harsh network environments such as cross-border, cross-operator, Wi-Fi and 3G networks with high packet loss rate or high latency, the access speed would be significantly lower than one had expected. SSL VPN employs HTP (High-speed Transfer Protocol) to smooth the transfer environment and minimize the negative impact of packet loss and latency. Thus, end users are able to consistently enjoy a favorable access experience. 120 100 80 60 40 20 0 Lost 3% Delay 1000ms Lost 5% Lost 10% Delay 300ms Delay 100ms HTP transmission rate KB/S Optimal access experience under any environments TCP transmission rate KB/S Access Optimization on Tablets and Mobile Devices In order to solve the display and slow connection problems that tablets and mobile devices users might encounter when accessing browser-based applications, SSL VPN not only optimizes the page display and mobile access, but also provides various image optimization policies such as image filtering and compression to prevent the problems mentioned above. Ideal solution for mobile access optimization Full Utilization of Resources Considering real-life deployment, SSL VPN is also equipped with Intelligent Link Selector and Resources Load Balancer. The Intelligent Link Selector can automatically select the optimal link for remote access when there are multiple links, and the Resources Load Balancer can assign each access to the ideal server when the related application is carried by multiple servers. By using the exclusive acceleration technology of SSL VPN, enterprises are able to provide users with a satisfied and efficient remote access experience, which eventually improves the working productivity of remote workforces.
AT&T AT&T Bidirectional Do More with Less Application virtualization: Tablets and smart phone access; Bring Your Own Device; Local virtualization: Endpoint Compliance; Network/System Logical Isolation. Application Deliveres Applications as On-demand Service With diversity of endpoints and business applications, IT managers have always been looking for a better remote access solution. That is, business applications can be securely delivered to remote workforces as on-demand service via a browser, with no limitation to remote workspaces, application types or available endpoints. Then SSL VPN Remote Application is the answer. SSL VPN Keyboard input, mouse click Interfaces of remote applications Server-based applications Remotely operation Remote Application for Application - Interfaces of published applications are pushed to endpoints screens as virtual access windows, thus end users are able to remotely access the applications through a browser; - Operation and control on applications occur in the server-end, no business data will be stored locally. With Remote Application, business applications are virtualized, centralized and managed in the datacenter and instantly delivered as a service to those users in need. Since everything occurs within the virtual application servers, by all means users are virtually operating in the enterprise network, which avoided any possibility of information leakage. Smooth Access from Tablets and Smart Phones As business applications are delivered to remote workforce as on-demand service, remote workforces can now access any published applications freely from any endpoints with a browser including mobile devices, no matter the applications are based on Windows or in the form of B/S and C/S. Enterprise-wide Application Remote Application solution virtualizes the business applications and improves the portability, compatibility and manageability of those applications. It cuts down the maintenance cost since all applications are operates and managed in the datacenter. With its remarkable ease of deployment and affordable price, enterprises are able to carry out the enterprise-wide application virtualization in a fast and cost-effective way. Smart phones Laptops LAN / WAN Tablets Desktops
Secure Desktop through Local When application data is delivered to remote workforce, enterprises have to take the risk of potential information leakage, since data can be out of control once leaving the enterprise network. Application virtualization was the solution to prevent such risks, however, huge costs and great changes to existing IT infrastructure may keep IT managers away. Therefore, SSL VPN Secure Desktop can be a favorable alternative choice as a light-weight virtualization solution in the endpoints. Local Default desktop Minimize exit SSL VPN INTERNET Common data Print Save to local disk Copy & Paste to local resource Cached / temp.files Secure desktop Confidential data Secure Desktop mirrors a virtual desktop from the default desktop on remote endpoints. Users need to access protected resources through Secure Desktop and other resources through default desktop. Secure Desktop is a protected workspace that achieves logical isolation between the Internet and local resources. No data can be leaked out with instant data encryption, peripherals control and write restrictions in the protected space. When you exit the secure desktop, all access records and usage traces will be cleared. Thus core business data can be protected in a better way. In addition to offering benefits to remote access criteria, with proper deployment in LAN environment, Secure Desktop can also benefit enterprises as system/network logical isolation solution in a convenient and cost-effective way. Secure Connection SSL VPN has built-in all-round security protection polices including identity authentication, endpoint security, transmitting security and resources authorization polices to achieve a secure remote connection. Identity Authentication Authentication: Supports up to eight types of authentication methods: - User name/password, LDAP, RADIUS, CA (Certification Authority); - Certificate/USB key based authentication, Dynamic token, Hardware ID, SMS. Account Binding: Binds SSL VPN user accounts to authorized applications accounts for account compliance and management. Transmission Security Tunnel Encryption: SSL session encryption. Dedicated SSL VPN Tunnel: Provides the flexibility of disconnecting all other Internet connections but SSL VPN session to prevent intrusions and attacks from the Internet. Man-in-the-middle Attack Detection: Detects and alerts if the endpoint is suffering Man-in-the-middle attack before it is connected to the intranet. Endpoint Security Host Checker: Endpoint detection and scanning of operating system, registry file, personal firewall, anti-virus files, user-customized security rules and other security policies prior to user login as well as during SSL VPN sessions. Cache Cleanup: Wipes off any cached data when the SSL VPN session terminates, which avoids data leakage if any remote users are accessing SSL VPN with a public endpoint. Resources Authorization Policy User-Role-Resource Assignment: Accurately and meticulously assigns resources to specifically defined users or roles, which avoids unauthorized usage of published applications.
Simplified Management and Consolidated Infrastructure SSO SSL VPN simplifies the account/authentication by allowing administrators to do seamless combination with the LDAP/RADIUS servers and supporting SSO (single-sign-on) with published applications. Flexible Deployment Various deployment features are offered for consolidating it into the existing IT infrastructure with typical functions such as the asymmetrical cluster and cloud cluster. Asymmetrical cluster supports robust clustering of different hardware models for scalability. Cloud cluster assigns SSL VPN requests to the fastest and most healthy appliance when SSL VPNs are deployed in multiple data centers that are located in different places. Simplified User Administration IT administrators are provided with management tools such as message broadcaster and bandwidth controller. Message broadcaster enables IT administrators to broadcast warnings or notifications to their SSL VPN users. Bandwidth controller allows IT administrators to allocate the bandwidth precisely for fair usage and avoid bandwidth congestion among their SSL VPN users. Furthermore, access logs can be kept and IT managers are able to export those data to enterprises log servers by Syslog/SNMP. Advantages SSL VPN was designed to deliver much more than just a secure connectivity between remote users and the enterprise resources. Embedded acceleration technology differentiates SSL VPN from other competing products in the market by achieving 3-50 times faster connection in comparison. technology smooth the business application availability in every way including the application and endpoint compatibility, efficiency, manageability and security. The best-in-class SSL VPN appliance is promised to deliver enterprise business with maximized value and low TCO (Total cost of ownership). Acknowledges and Achievements ability to execute challengers Sangfor leaders Source: Gartner (Nov 2011) As of Nov 2011 percentage 31.1% 34% 36% 39.2% Source: Frost & Sullivan; China niche players visionaries completeness of vision 2008 2009 2010 years 2011 Magic Quadrant For SSL VPNs NO.1 in China for 4 consecutive years
INC. Hong Kong Add: Unit 3 on 12/F., Billion Trade Centre, 31 Hung To Road, Kwun Tong, Kowloon, Hong Kong Tel: (+852) 3427 9160 Fax: (+852) 3427 9910 Email: sales.hk@sangfor.com.hk Singapore Add: 10 Jalan Kilang #01-05 Sime Darby Enterprise Centre, Singapore 159410 Tel: (+65) 9829 7169 Email: sales.sg@sangfor.com.hk Indonesia Add: Sequis Plaza Building, 20th Floors, Jl. Jend. Sudirman Kav.25 Jakarta Selatan 12920 Tel: (+62) 21 2933 2643 Fax: (+62) 21 2933 2643 Email: sales.id@sangfor.com.hk Malaysia, Vietnam Add: No. 7-8, Boulevard Mid Valley City, Lingkaran Syed Putra, 59200 Kuala Lumpur, Malaysia Tel: (+60) 3 2201 0192 Fax: (+60) 3 2282 1206 Email: sales.malay@sangfor.com.hk Thailand Add: 29 Vanissa Building 4th Floor, Unit 4G, Soi Chidlom, Ploenchit Road, Lumpini, Patumwan, Bangkok, 10330 Thailand Tel: (+66) 2 254 5884 Fax: (+66) 2 254 5884 Email: thailand@sangfor.com / thailand@sangfor.com.hk US Add: 2901 Tasman Drive, Suite 107, Santa Clara, California 95054, USA Tel: (+1) 408-520-7898 Fax: (+1) 408-520-7898 Email: info@sangfor.net EMEA Add: Unit 1, The Antler Complex, 1 Bruntcliffe Way, Morley, Leeds LS27 0JG, United Kingdom Tel: (+44) 0 845 533 2371 Fax: (+44) 0 845 533 2059 Email: sales@sangfor.co.uk Website: www.sangfor.co.uk marketing@sangfor.com www.sangfor.com Global Service Center: +60 12711 7129 (7511)