|
Rainbow launches new iGate for SMEs
Rainbow Technologies has released two Secure Sockets Layer
remote-access devices for the SME segment. Gaurav Patra reports
It seems the war between IPSec and SSL VPNs is hotting
up. Vendors in both product segments have been making big claims about market
penetration. Now, sensing the demand for secure remote access at a reasonable
price by customers in the small business segment, Rainbow Technologies has taken
the first step towards tapping this market in India. Targeting small and medium
enterprises (SMEs), the company recently announced the launch of iGate Pro.
This is similar to the company’s soon to be phased out appliance, iGate.
New customers will be directed towards iGate Pro, which is aimed at midsize
companies, while iGate Team is targeted at smaller businesses.
Since its inception, iGate has done well across the
world, including India. Initially, the iGate came with a host of features: it
had SSL acceleration and Web server protection, including authentication and
authorisation mechanisms. The recently-launched iGate Pro comes with VPN functionality.
“This enables the user to access virtually any application through the
iGate appliance. Earlier, the iGate solution was restricted to Web pages only,”
says Deepak Prasad, director, operations, Rainbow. He says that any client-server
application can be routed through iGate in a secure manner, exactly the way
it works for any Web page.
In terms of the effort it takes to set up the iGate
appliance, iGate Pro really works out-of-the-box as compared to any other deployment.
Prasad says that for VPN deployment one needs to set up things both at the client-
and server-ends. But, “for appliances, IT managers need not worry what
Web servers they are running. It is completely platform-agnostic, while with
VPN you have a certain degree of restriction. There are few hassles reported
in deploying iGate Pro because the deployment happens on just one access control
terminal, and one can configure thousands of users a day.” Prasad also
feels that manageability is a non-issue as far as this solution is concerned.
This appliance, with a host of features, is aimed at
the SME segment. “SMEs need something like this. They want to leverage
the power of the Internet to provide connectivity to their supply chain, partners
or even to their employees who work in the field. This was the reason Rainbow
thought of launching such a product,” explains Prasad.
The company has segmented the market for this product
into two areas. On the lower side, an organisation with 40-100 users who do
not need strong acceleration can go in for iGate Team. Companies with 1,000
users should go in for iGate Pro. “In terms of size we have two different
products catering to two different segments, but in terms of needs they are
almost the same,” says Prasad. The company is still in the process of formalising
the pricing strategy of these products for the Indian market. However, Prasad
estimates that the iGate appliance will cost around Rs 12 lakh. The pricing
will depend on the number of concurrent-user licences and the number of iKey
authentication tokens.
Rainbow also makes a line of authentication-token hardware
that plugs into USB ports on PCs, and it has integrated the software necessary
to support tokens in its SSL appliances. This offers customers the option of
two-factor authentication using a token. The Pro model includes an SSL acceleration
card to handle encryption, as well as a new feature, compression of HTTP traffic.
The Team model encrypts using a general processor and software, but does not
include http compression. Both devices have a high-availability port to connect
to a second back-up box, which can take over if the primary one fails. Rainbow
is adding support for client-server applications over SSL connections, something
some of its competitors have offered for more than a year. It does not support
full network layer access to corporate resources, which many of its competitors
offer.
iGate Pro is targeted at all those enterprises which
have a lot to do with data and information, whether from the supply chain or
their partner network or their own employees who are geographically spread.
Prasad feels that the need to securely access information from remote locations
is going to drive the growth of iGate Pro in India and hopes to generate good
business. The company claims to be the pioneer in introducing such an appliance-based
SL-VPN, but others like Nortel Networks are also seriously working towards it.
| A major vendor who is seriously focusing on this
space is Nortel. The company, which makes both IP Security VPN and Secure
Sockets Layer remote access gear, has added features to its SSL software
that make it possible to ensure the security of remote PCs trying to access
corporate networks. The company’s SSL VPN software release 4.1 now
inspects the remote machine to determine whether it has appropriate security
measures—such as a firewall—in place before allowing it access
to the network. According to experts, this type of protection is becoming
more common among SSL remote access vendors because improper security at
the remote machine can jeopardise the security of the corporate network.
By rejecting admission to the network altogether or approving restricted
access, network security staff can better protect the network. |
- Hardware-based SSL encryption for Web and non-Web applications.
- Granular Web access control to the file level.
- Central administration of users by group, role and application.
- Integrated two-factor token authentication or password access.
- Application proxy significantly reduces Web server exploitation risks.
- Auto log-off of users when using iKey tokens.
- Reduces remote access management costs from costly VPN installations.
- Meets audit, regulatory and security compliance standards.
- Reduces password management costs.
- Eliminates Web vulnerabilities.
|
| The recent news that IPSec VPN vendor NetScreen
is buying Secure Sockets Layer remote access vendor Neoteris has two key
implications. First, it’s a pretty strong signal that SSL VPNs are
here to stay, and that the market is starting to take significant steps
towards maturity. Second, it is apparent that not all the current SSL remote
access companies, particularly the start-ups, will be around in a couple
of years.
A few years ago, when IPSec VPNs were just
coming in, there were a number of VPN vendors. Today, major networking
vendors dominate the field, and there are a few, NetScreen among them,
that focus on VPNs. But even these relative specialists are adding other
areas of expertise such as SSL remote access.
About the second point—that many of
these start-ups will not survive—it seems probable that the SSL VPN
shakeout will be faster than it was with IPSec VPNs. This is because money
is tighter now than it was in 1996.
What does this mean for customers looking
to buy some of this equipment? They should not be worried. Rather, the
emphasis should be on whether they need it badly enough. If the equipment
solves the problem at a significantly lower cost, go for it. If the company
dies, someone will still be selling SSL remote access gear that will be
a fine replacement. The key is to buy a product that is technologically
solid.
Customers of this equipment say that vendors,
eager for business, have deals that let potential buyers lease the equipment
for months to see whether it works; also, the lease money can be put towards
a purchase if customers decide they want to keep the gear. Users should
therefore look for such opportunities, evaluate them, then go ahead and
buy if their equipment fits in with their requirements.
|
| TManage is introducing a managed SSL remote
access service based on equipment made by Neoteris for customers who do
not want the hassle of setting up the equipment and maintaining it. Managed
clientless VPN Service calls for placing a Neoteris Instant Virtual Extranet
appliance at each customer site, where it acts as a go-between that terminates
SSL sessions from remote computers connecting over the Internet, and splices
the connection to servers on a LAN.
But an SSL remote-access appliance requires
little management once it is set up, so the service makes sense only if
a customer is buying several of these services from the provider. That
way, customers can offload a number of administrative and management chores
at once. However, TManage contends that setting up an appliance is not
necessarily easy. With the SSL service in place, customers can make changes
to policies and access lists by placing requests with TManage via a Web
portal. TManage also agrees to make the changes within a certain period,
guaranteed by a service-level agreement. From a cost standpoint, TManage
recommends the service for customers who have more than 1,000 remote users.
If the number of users is less than this, IPSec VPN remote access makes
more sense. The other prominent player who offers a managed SSL remote
access service is AT&T. It offers this service based on Aventail SSL
equipment; meanwhile, Aventail offers a managed service of its own.
|
gaurav@expresscomputeronline.com
|
