This white paper summarizes the capabilities of Aventail End Point Control and explains the range of features that increase IT control and data protection by giving users access that's finely tuned to the risks of their environment.
A ventail White Paper
E nd Point Control: Secure Anywhere Access with Reduced Risk and Increased IT ControlA ventail White Paper
Executive summary
The widespread use of SSL VPNs for remote access enables more users to gain access to your network from far more places than they would if they were using a traditional IPSec VPN. Clearly, that enhances productivity; at the same time, security threats for both the end user and IT administrators increase substantially as access extends to places that IT cannot possibly control. To effectively control these risks, it is no longer enough to manage access by user identity alone. You must also focus on the safety of the user's environment.® TAventail End Point Control enables your business to deliver secure anywhere access to network resources from the most diverse and insecure places-from airport kiosks, employee-owned PCs, wireless hotspots, and unmanaged PDAs-without sacrificing the integrity of the corporate network.
Aventail's market-leading End Point Control (EPC) capabilities enable IT administrators to differentiate remote access policy based on end-point security. Here's what Aventail EPC offers:. Secure anywhere access from multiple environments: An executive might work remotely using a corporate-issued laptop, then log on to the network in the afternoon to check e-mail from a tradeshow kiosk. Later that day, she might update a presentation from her home PC. Aventail's cross-platform EPC secures all these end points as appropriate based on the security policy you set-for example, limiting her access to certain applications or requiring Aventail's advanced data protection on riskier end points. . Multiple Policy Zones rather than an "access" or "no access" policy: You want to deliver as much access as possible to your users, without compromising security. To do that, you need more options than just "allow access" or "don't allow access." For example, a semitrusted end point allows you to provide some access but not as much as if it were a trusted end point. Aventail's industry-leading EPC enables IT to create three or more Policy Zones-for example, trusted, semitrusted, and nontrusted. This allows IT to offer users an appropriate degree of centrally managed access even if an untrusted environment doesn't warrant full access rights. . Device Interrogation: Aventail detects what is or is not on an end-point computer. Aventail automatically launches an agent from one of our best-of-breed partners prior to authentication, so login can be stopped if any malicious software (malware) is discovered. Based on what applications are found on the end point-for example, a predefined personal firewall or anti-virus application-Aventail's cross-platform EPC automatically classifies the end point into one of the Policy Zones. By doing so, Aventail ensures that the level of access granted is appropriate both to the user and the level of risk assigned to the end point. . Control and ease of administration: Aventail's combined EPC capabilities and object-based policy model constitute the industry's most powerful and easy-to-administer SSL VPN, providing the ability to easily enforce policies from a single point and deliver access with maximum security.
This white paper summarizes the capabilities of Aventail End Point Control and explains the range of features that increase IT control and data protection by giving users access that's finely tuned to the risks of their environment.
End Point Control: Secure Anywhere Access with Reduced Risk and Increased IT Control Page 2A ventail White Paper
The history: security focused on to protect corporate assets. In addition to accessing the corporate network through entry points that can't be user authentication audited, users may inadvertently leave behind information In the past, companies provided VPN access that relied at a kiosk or hotel business center if downloaded files, on the relative safety of the corporate laptop. The viewed e-mail attachments, Web pages, and passwords immobility of traditional client VPN technologies actually are cached on the computer's hard drive. For the user, reduced IT fears of security risks, such as malware the issue transcends security policy and the integrity damaging the network. IPSec clients could not be planted of the corporate network: It becomes an issue of on a kiosk and were unlikely to be deployed on a home personal privacy.network. Because... [download for more]
