ssl vpn
ids/ips
../../ibm ess
../../firewall/index.html
../../spam/index.html
../../anti_virus/index.html
../../authentication/index.html
../../secure application delivery/index.html

netscaler: Secure Remote Access

Simplified Rollout and Administration of Business-Critical Applications

The NetScaler 9000 Series reduces the cost and complexity associated with new application rollout by combining the essential elements of secure application networking—security, optimization, access and switching—into a single, integrated solution. And by using SSL (secure socket layer) as the underlying security protocol for remote access, the NetScaler 9000 Series requires no incremental client software and no changes to servers or LANs—eliminating the hassle associated with traditional VPN deployments.

KEY BENEFITS

Ubiquitous Access to Applications
Provides secure remote access from anywhere through standard web browser
End-to-End Application Security
Ensures the secure delivery of application data via high throughput SSL acceleration, robust attack protection and granular access control
Optimized Application Performance
Speeds end-user response times by integrating high throughput compression, static/dynamic caching and advanced TCP optimization.
Superior Scalability
Accommodates the most demanding application environments with seamless support for thousands of simultaneous users in a single system
Reduced Complexity and Cost
Eases the rollout and management of secure remote application access—requiring no changes to clients, servers or LANs.

    Broad Application and File Support
  • Standard browser-based applications and portals
  • Native client/server applications
  • File sharing and remote storage/back-up
  • Terminal access via TN3270, Telnet and other applications

Secure Delivery of Critical Application Content

Along with utilizing accelerated SSL to encrypt 100% of the data flow between the remote user and corporate servers, the NetScaler 9000 Series supports authentication through various protocols and schemes including RADIUS, LDAP, Active Directory and the system's own local database. The NetScaler 9000 Series also provides granular access control to applications and content, enabling enterprises to specify exactly which end users have access to which resources.


Accelerated Application Performance

The NetScaler 9000 Series optimizes your network by taking advantage of SSL acceleration, TCP optimization, high throughput compression and dedicated caching, allowing administrators to provide secure remote access without compromising end-user response times or performance.


Packaging

NetScaler's Secure Remote Access capabilities are bundled with all 9000 Series Secure Application Gateway / Switch products. This bundle includes SSL VPN-based remote access for 5 users. Additional user packs may be purchased separately with support from 100 to over 2500 users, and seamlessly added to the NetScaler 9000 Series systems. Additional client/server and terminal application support is available with the Secure Application Access.

Key Features

Security
Encryption
  • End-to-end encryption of application content
    		•
  • Supported protocols TLS1.0, SSLv3, SSLv2
    		•
    Authentication
  • Supports external authentication via RADIUS, LDAP, and Active Directory
    		•
  • Support for local database
    		•
  • Provides local Username/Password support
    		•
    Authorization
  • Application authorization per user/group (HTTP, IP, and Port based)
    		•
  • Application access control by user/group (non-HTTP, IP, and Port based)
    		•
    Auditing
  • User login, logout, authorization failure auditing
    		•
    Application-Level Protection
  • Defends against application level attacks such as Get Flood, SYN Flood, Tear Drop, Land, Fraggle, Zombie connection, Ping of Death, SNMP attacks


    • Applications
    Encryption
  • Windows®-based application support
    		•
  • Web-based application support
    		•
  • TCP application support (e.g. Telnet, FTP, SSH)
    		•
  • Native Client-Server TCP applications support 1, 2
    		•
  • TN3270, TN5250, VT100 and VT220 terminal support 1, 2
    		•
    Email
  • IMAP/SMTP/POP3-compatible email servers (including MS Exchange)
    		•
  • No synchronization or separate client required
    		•
  • Real-time access
    		•
  • Viewing and saving of attachments to local drive
    		•
    File Sharing
  • Copy, delete, rename files from authorized folders on the windows server
    		•
  • Transfer files to and from authorized folders on local drive and remote server

     

    		•
    Management
    Leverage Existing Infrastructure
  • Complements existing IPSec VPN technology
    		•
  • No changes to NAT or IP addresses
    		•
  • No additional opening or changing of ports on firewall
    		•
  • No application changes required
    		•
  • TN3270, TN5250, VT100 and VT220 terminal support 1, 2
    		•
    Granular Control
  • Inactivity timeout support
    		•
    Alerts
  • Via SNMP, Syslog
    		•
    Monitoring
  • Centralized access through CLI and web GUI
    		•
  • Real-time monitoring console and dashboard
    		•
  • XML/SOAP-based API for secure configuration
    		•
    Reporting
  • User activity and access logs
    		•

    1 Accessible from any Windows® (95, 98, NT, 2000, ME, XP, 2003) client running IE 4.0+
    2 Available via Secure