MIDWESTERN INTERMEDIATE UNIT IV – A CASE STUDY IN INTERNET SECURITY
WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com
2
THE NEXT-GENERATION SSL VPN:
HASSLE-FREE, UNIVERSAL SECURE REMOTE ACCESS
OVERVIEW
Virtual Private Networks (VPNs) have revolutionized the way branch offices and business partners connect back to
an organization. VPNs leverage low-cost Internet access to build trusted tunnels between the central office and
branch offices or partners over untrusted networks. IPSec, the most widely adopted VPN technology, is designed to
provide robust security for data moving between two networks. Yet organizations must also solve the general
problem of secure remote access for individuals, not just for networks. Employees and business partners, for
example, frequently need to access information remotely, from another private or public network, and are
potentially behind other security and firewall equipment themselves. Unfortunately, IPSec VPNs are not well-suited
for mobile applications. Most current IPSec Mobile User VPN (MUVPN) technologies will not work reliably for
traveling users attempting to connect back to their corporate resources while behind a firewall at a customer or
partner site. IPSec MUVPNs also bring along administrative headaches and high support and configuration costs
resulting from installing and updating the software client which mimics the network-to-network connection that
IPSec was designed to support.
Organizations seeking to solve this problem require secure, authenticated access for trusted persons and
organizations, protecting their data as it flows over third-party (untrusted) networks. Furthermore, the ideal solution
will be easy to manage, will not be hindered by common firewall configurations, will offer full "on the home network"
support for all applications and resources, and be transparent to the end user.
WatchGuard Technologies, Inc. in partnership with Citrix Systems, Inc. has developed the WatchGuard Firebox®
SSL VPN Gateway with Citrix® Secure Access. This appliance meets these requirements and more, providing
dependable, secure, universal access to network resources with unparalleled ease of use for both IT administrators
and their users. Unlike most SSL VPN solutions, the Firebox SSL VPN Gateway requires no special connectors or
Webification to support applications, delivering significant administrative time and cost savings while ensuring
always-on access to specified network resources and applications by any authorized user.
SOLVING THE MOBILE ACCESS VPN PROBLEM
VPNs were created to solve the problem of establishing secure remote access over untrusted networks. Over the
years, organizations have deployed different types of solutions such as the following:
IPSec
This VPN type uses a technique known encapsulation. Encapsulation allows packets from network “A” and destined
for network “B” to be encapsulated, encrypted, and sent, on a packet-by-packet basis, to a trusted server on
network “B” where the packets are unwrapped and forwarded on to their final destination on network “B”. The
great advantage to the encapsulation approach is that ALL packets from ALL applications are supported across the
tunnel without modification. For mobile applications, IPSec VPNs rely on a “thick” client to initiate and maintain the
tunnel.
(54 strony)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji