|
CHECK LIST SSL VPN Purchase Checklist More secure. More access. It's that simple.
This checklist includes all of the most important capabilities to consider when evaluating and comparing SSL VPN vendors and their technology solutions. SSL VPN requirements are organized into six categories: broad access options, ease of use, ease of management, security, vendor technology leadership, and vendor reputation.
BROAD ACCESS OPTIONS
Clientless browser-based access to Web applications, Broad end-point support for prevailing and emerging e-mail, intranet, and file shares technologies, including managed networks, wireless networks, business extranets, remote laptops, mobile Clientless integrated agent access to client/server ® ® ® PDAs, smart phones, and kiosksapplications, such as Microsoft Outlook and Windows Terminal Services Broad application support, not only for Web applications, but also those that use UDP, TCP/IP Web-delivered VPN client for complete network access to protocols, as well as access to Windows Terminal authorized resources ®Services and Citrix , and back-connect applications Layer 3 connection with Layers 4-7 policy control, such as VoIP, even from wireless devices such as PDAsproviding bi-directional policy control for secure access to Interoperability with existing infrastructure, including client/server and back-connect applications corporate and customizable portalsPolicy-driven access using full IP network tunneling over Dynamically-adaptive firewall, proxy, and Network SSL-based on the security of the end-point device Address Translation (NAT) traversal Broad multiplatform support for prevailing and emerging Support for mapped drives and file browsingtechnologies, including Windows, Windows Mobile/T ® ® ®Pocket PC , Macintosh , Linux , Internet Explorer , T ® TSafari , Firefox , Symbian , and WAP 2.0 browsers
EASE OF USEEasy portal access to Web-based or client/server Automatic launch of most appropriate remote access applications, as well as Windows file shares (SMB/CIFS/ method without user interventionDFS) from virtually any end-point device Automatic dynamic resolution of address, proxy Seamless Web-delivered remote access VPN client for a traversal, and route conflicts when using the tunnelfull "in-office" experience
EASE OF MANAGEMENT
Fast and easy setup in as few as 15 minutes Native access to Citrix and Windows Terminal Services ®Centrally managed, object-based policy administration Leverages ActiveX and Java to offer cross platform using one rule set for all users, groups, resources, and support for native accessend-point access methods, including mobile PDAs and smartphones IPSec replacement using secure Layer 3 network connectivity over SSLRole-based administration, allowing easy delegation of tasks and controls Ability to control split tunneling
System monitoring and detailed preconfigured reports High availability through two-node active/active clustering with integrated load balancing for up to Customization of personalized, policy-driven remote eight nodes, without the added cost of a third-party access portal load balancerSECURITY
Granular user access control rules based upon IT- systems (Windows, Macintosh, or Linux), Windows defined trust level of end-point devices, including Registry settings, and Domain membership prior to mobile PDAs and smartphones authentication
Dynamic access control to a specific application or Username/Password authentication and self-service resource based on access rules and the security of the password management featuresend-point device Support for client-side digital certificate authenticationBi-directional access control that enables multiple Aliased access to hide internal network information secure communication paths for key applications such (IP and DNS) in Web applicationsas remote help desk and VoIP T TFully encrypted sessions to any Windows device SSO Integration and authentication with CA eTrust , T Twith automatic removal of residual Web pages, temp Siteminder , and RSA Security Cleartrustfiles, attachments, history, cookies, passwords, and Available in a FIPS-compliant configuration downloaded files providing security and features required to meet U.S. Automatic end-point detection of firewalls, anti-virus government security standardssignatures, mandatory files or directories, operating
VENDOR TECHNOLOGY LEADERSHIP
Mature technology and... [download for more]
|
