Aventail tunnels for more business

n e w s

Cisco unveils integrated security appliance family Brian McKenna

isco has launched a family of multi-function security appliances that integrates VPN, firewalling, and intrusion prevention technologies. The supplier’s ASA 5500 series controls network and application traffic, delivers VPN connectivity, and reduces, it says, the overall deployment, operations costs and complexity that would otherwise be associated with this level of comprehensive security. The family is being badged as part of the company’s ‘Adaptive Threat Defense’ phase of the Cisco ‘SelfDefending Network’ (SDN) security strategy. Andy Oldfield, manager of

C

technical marketing, Cisco, EMEA said:“we’ve focused on real world networks where most services are turned on. We can all do tests with only one service running and then claim big figures. It’s also an extensible platform.This is not the end.We’ll be enhancing a lot of the capability around deep network inspection and the adaptive day zero self-defence.That is where we are looking”. The appliance family is designed to extend from small and medium sized businesses to large enterprises, and is built for concurrent services, scalability, and unified management.

The application security services available on the series provide application inspection and control of bandwidth-intensive peer-to-peer services (P2P) such as Kazaa and Instant Messaging (IM), Web URL access controls, protection and integrity validation of core business applications like database services, and application-specific protections for Voice over IP (VoIP) and multimedia services. The series also provides VPN IPSec and SSL services that help ensure the VPN connection does not become a conduit for threats such as worms, viruses and hackers.

The company says convergence of IPSec and SSL-VPN within the series makes it adaptable to any VPN deployment scenario including siteto-site, managed desktop, full or limited corporate network access, and partner or extranet access. "No other organization out there that can match the breadth of solution we have”, said Oldfield.

Pricing: ASA 5510: starting at $3495. ASA 5520: starting at $7995. ASA 5540: starting at $16,995.

Aventail tunnels for more business William Knight

SL VPN supplier Aventail has announced the launch of its new VPN product. It includes patented ‘Smart Tunnelling’ technology aimed at converting mobile users of IPSec VPNs, and providing application support previously unattainable by SSL VPNs. ‘Smart tunnelling’, enables bi-directional applications such as Voice over IP by acting as a layer

S

3 (network layer) tunnel. SSL VPN is often called ‘clientless’, but the supplier says it combines traditional access with an ondemand downloadable client to provide layer 3 transparency while still maintaining application layer control.Additional management features allow unified management, removing the need for separate IP layer and

application layer policies. Aventail believes the product offers greater flexibility for mobile access and finally enables on-site workers to be treated in the same way as their mobile colleagues. The product removes the last objections of IPSec users by offering seamless access to network applications and no gateway overhead, while retaining the

benefits of clientless VPNs, for device independence and access from anywhere, unhindered by IP mapping clashes that are "the bane of IPSEC," said Tony Caine, VP EMEA. The release is the latest phase in Aventail's goal of ‘more access from everywhere’, where all users are treated the same regardless of location, explained Caine.

Hampshire police smart with cards Sarah Hilley

olice officers at the UK Hampshire Constabulary have been carrying smartcards to log on to their computers and gain entry to their office buildings since early this year. The Force has opted for two-factor employee authentication from ActivCard, combining smartcard and PIN, to ensure security of criminal records and protection of investigations. Paul Harding, Information Security Officer at Hampshire Constabulary said

P

Infosecurity Today May/June 2005

the smartcard implementation helps increase officer productivity and compliance with security standards. The introduction of cards for 6,000 officers and staff means the Force can comply with national police guidelines, such as the Unified Police Security Architecture. The system, which went live in January, took six months to deploy, said Marc Hudavert, vice president and general Manager of ActivCard Europe. It allows officers to access

the network without having to remember and enter passwords.They don't escape entirely, though, as they do have to remember a PIN number. The card stores their name and employee number. It also contains credential information including digital certificates and static passwords. It does not hold biometric data, however. Officers will use the card to authenticate themselves in many situations.These include remote access, secure logon to Windows, Single-

Sign-On to the network, physical access and permitted application use. To help administer the process, Hampshire Constabulary also bought a management system from ActivCard, which enables the enrolment and issuance of cards.This links into the existing in-house directory — the central repository of all employee details. "The cost per user including software and hardware is about
90 per user," said Hudavert.

4