When Borland Software Corp. found that managing virtual private networks for its mobile and remote workers required too many man-hours, the company found a much cheaper, simpler alternative.
The Scotts Valley, Calif., software development company turned to a product that allows a user to securely connect...
to his home office over the Internet simply by visiting a Web address and entering a username and password.
Ron Sha, chief information officer with Borland, purchased the product from Neoteris Inc., a Mountain View, Calif., remote access solutions provider. Its Instant Virtual Extranet offering provides a secure socket layer (SSL) connection to the home network over the Internet without using a client. The Neoteris product works at the application layer and allows users to securely access all Web-based applications, said Jason Matlof, vice president of marketing for Neoteris.
Sha said that his users enjoy the simplicity of the solution, and his IT department was able to ward off the expense and headaches of managing the virtual private network (VPN) client for the company's 1,600 employees.
This approach is gaining momentum because it fills a lot of important business needs, said Jason Wright, an analyst with the San Jose, Calif., research firm Frost & Sullivan.
"Virtual private networks were the shining star for a while, but browser-based remote access makes VPNs look like the most complicated things in the world," Wright said.
Because of the low cost and simplicity of this new approach, Wright said that SSL remote access will begin to catch on for businesses, particularly as more applications become Web-enabled.
Neoteris was one of the first companies to bring this technology to market for business. Many other vendors, such as SafeWeb Inc., Aventail Corp., and security solutions vendor Check Point Software Technologies Ltd., also offer SSL products.
With the Neoteris product, the user installs a gateway on his network through which the traffic from remote users travels. The product ties into existing authentication systems, such as Lightweight Directory Access Protocol (LDAP) and Remote Authentication Dial-In User Service (RADIUS) servers, so network administrators don't need to duplicate authentication information.
Sha was amazed at the simplicity of deployment. It was done in less than an hour, he said.
Despite its rapid deployment, the product doesn't sacrifice security. With its triple data encryption standard (DES) encryption, the level of security is at least comparable to a VPN, Wright said.
Sha said that another important benefit is the product's flexibility. Users don't need to be at their company computers to check e-mail or look at server-based documents or applications, because they can establish connections from any device that will support a browser.
However, this approach does come with a possible vulnerability. After installation, there is a single point of failure for remote access, and if the Neoteris gateway goes down, then all remote access is lost. Because of this, Sha purchased two boxes from Neoteris and load balances between them. He feels that there is little chance that both will go down at the same time.
Sha still uses VPNs for those employees who work with complex applications that have not been Web-enabled. However, Neoteris recently launched a product that allows remote users to access applications over the Internet in their native environments, even if they have not been Web-enabled, Matlof said.
FOR MORE INFORMATION:
Browse our best networking Web links on virtual private networks
Get help from VPN expert Ted Studwell