array-ssl-vpn-logoSunil Cherian, the VP of Product Marketing at Array Networks and I had a great meeting at the end of a long day at Interop. The SSL VPN challenger has introduced a green product line. 

 Array's new AppVelocity (APV) appliance utilizes a low power 1U server. It uses 60% less power than other appliances, and the performance features assure that network bandwidth is 30% lower. In addition to these benefits, the process of off-loading caching, connections, and SSL processing, APV significantly reduces server overhead by 40% or more.

In addition to the APV, Sunil also provided his perspectives on two other new products:

Desktop Direct (announced August 2007) is a user-defined Windows terminal service. Before leaving the office, a user browses to the registration portal from the desktop to be available remotely. Using the portal the user defines their corporate credentials (account ID, password sequence) which is validated against the user's privileges.

The registration process automatically populates the database with the IP address, domain name, machine name etc. and asks the user to type in a friendly name such as "My Desktop" that is easy enough for the user to remember. When the user comes back to the access URL, they sign in with credentials and are presented with icons and desktop names associated with each of the desktops that they have registered.

Clicking on the icon takes them in to their desktop with single sign-on. The Array system provides detailed audit logs in addition to providing authentication, authorization and encrypted transport. Array also ensures controls over activities such as clipboards, copy, paste and sound redirection in order to make sure that all data transits through the corporate network leveraging the existing IDS/IPS and other security tools without rebuilding all of these in DMZ. It is a simple experience for the user as well as the administrator to get this control over remote desktop access.

Of course, the terminal server allows the user to access their work files and desktop from any browser and Internet-attached computer. Thousands of users can be supported on a single appliance since delivering only the presentation layer remotely consumes such little bandwidth. According to Sunil, Desktop Direct can support 17,000 users with 32 kbps/user and a typical 40 ms delay (not noticeable).

I also learned about the WiFiProtect product which offers a new method for balancing the need for WiFi network security and guest services for legitimate use of visitors to the business. Have you ever been a visitor to a customer, a partner or a supplier and over the course of the time spent in their offices needed access to email, to web services or your own corporate VPN? I have. Most companies deal with this poorly. One company makes all WiFi users engage a VPN client over the WiFi, ignoring the needs of guests. Another vendor tells clients to just use the Ethernet port in the table (How safe is that?)

So, what WiFiProtect does is support both authenticated users and guests. Users connect and authenticate themselves to the Array prior to accessing any resources, Internet or otherwise. Acting as both DNS and DHCP server for the WiFi-attached users, the Array redirects initial browser requests to a login portal where employees must authenticate and guests must register. Guest registration requests have to be confirmed by authenticated users (via email) so as to create a chain of legitimate business control. 

The WiFiProtect can be used with applications like Desktop Direct to assure particularly controlled and speedy WiFi service for the enterprise campus.

Array Networks is definitely a company in secure networking to watch.


This post has already been read 0 times!