New collaboration capabilities are moving Net6's proprietary VPN gear beyond the security realm and into conferencing.
Hybrid-VPN 5.0 software for the company's HVPN Gateway supports a feature Net6 calls remote control, which also can be used to share files and work on them simultaneously with other users logged on to the same gateway. Users click on a desktop-sharing icon to view the names of others logged on to the HVPN box, and by clicking on the names can establish remote control sessions, says Net6 CEO Murli Thirumale.
The South Carolina Department of Probation, Parole and Pardon Services uses HVPN gear primarily for remote access to its offender-management database, but the new remote access feature has come in handy to troubleshoot and correct laptop problems, says David O'Berry, director of information systems for the department. "All the [probation] agent has to do is click on 'Share my Desktop' and I'm right there," he says, controlling the machine to fix configuration problems.
HVPN is primarily a remote access platform consisting of a gateway and a client that is downloaded to remote machines for each session. The gateway sits between the Internet and network servers, proxying secure sessions between the servers and the remote machines. All traffic is encrypted using Secure Sockets Layer.
The remote client intercepts traffic at Layer 3 of the IP stack in the remote machines, much the same way IPSec does. Rather than using IPSec to transport the traffic, which requires reconfiguring any intervening firewalls, HVPN employs SSL, which uses a firewall port that generally is left open, eliminating the need to reconfigure firewalls.
Juniper Networks also sells an SSL-based collaboration appliance called Secure Meeting that is separate from its Secure Access SSL remote access appliances. O'Berry says he considered Juniper equipment for its remote access capabilities, but it would have cost five to 10 times what he paid for the Net6 equipment.
Avoiding firewall reconfiguration is key, O'Berry says, because many of his department's agents work out of courthouses, and he has no control over their firewalls. While court IT executives cooperate, setting up their firewalls to support O'Berry's Nortel IPSec VPN clients, they sometimes inadvertently disrupt IPSec traffic by altering firewall policies, he says. With 46 courts, the firewall issue created an administrative hassle.
"We've pretty much gone away from IPSec," O'Berry says. "When you're rolling out remote access in 20 different locations at one time and you have to check that everything's working from a firewall point of view, then you get stuck in troubleshooting mode."
Net6 also is adding Endpoint Assurance, which is a feature of its client and appliance software that checks whether the remote computer has updated anti-virus software and a properly configured firewall in place. The machine is denied access if they are not, and Endpoint Assurance displays where to get updates. The software supports anti-virus products from McAfee, Trend Micro, Symantec and Microsoft's Service Pack 2. It supports personal firewalls from Check Point Software Technologied and Internet Security Systems.
The company also is introducing a new HVPN appliance for small businesses called HVPN 20, which supports a maximum of 20 simultaneous users. Net6's other device, HVPN 2000, supports 2,000 users.
HVPN 5.0 software is available now for HVPN 20 and HVPN 2000 appliances, whose prices start at US$1,500 and US$5,000, respectively.