Nokia is making it possible for customers to turn their IP Security VPN gear into Secure Sockets Layer remote-access appliances, offering customers a flexible way to test the SSL technology.
Announced last week, Nokia Secure Access System can be ported to Nokia's IP 350 and IP 380 security hardware appliances starting in July, and it will be available for other IP platforms after that. The appliances support either the SSL remote-access software or Check Point Software Technologies' VPN-1/ Firewall-1 software but not both. Customers specify which one they want when they buy, but both can be managed via Nokia's management platform.
SSL remote access lets Web browsers on remote PCs connect securely with a server at a central site that proxies sessions to servers within corporate networks.
Nokia says the Secure Access System includes security features beyond SSL encryption, such as a client integrity scan that determines how much to trust the PC that is connecting and adjusts access rights accordingly. So if the Secure Access System determines that the remote machine is company-issued and is properly configured, the user gets full access rights. If it determines the machine is in an Internet kiosk, it grants more limited privileges.
Nokia's device also keeps SSL sessions alive longer than they would be otherwise if the remote user doesn't hit the keyboard for a certain length of time. It spoofs the connection so when the user does return, the session picks up where it left off.
This type of feature is better than simply creating SSL sessions, and other vendors have similar features.
Nokia, generally ranked among the top four IPSec VPN vendors along with Cisco Systems, Nortel Networks and Check Point, is the third to support SSL. Cisco doesn't yet, but Charles Kolodgy, an analyst with IDC, expects the company to do so. He also expects other IPSec VPN vendors to jump into SSL remote access.
"You don't need a full-blown VPN if you just want to check e-mails or look at a Web catalog," he says.
The Nokia IP 350 and IP 380 are different models of the same chassis, and the Secure Access system is priced by number of users. The price for the smallest number of licenses, 50, is US$11,000, including the hardware. The largest, 500 users, costs US$55,000.