Remote-access service lightens IT's load

SEATTLE - Aventail has added management features to its secure remote-access service so corporate customers can make routine changes, such as adding and dropping authorized users.

The Aventail.Net 2.0 service offers a secure Web interface in which network managers can designate new users and define their access rights. It also lets preauthorized users enroll in the service, download necessary software and create their own passwords.

Aventail.Net service authenticates remote users, encrypts traffic and lets it pass through the corporate firewall. The service also acts as a protective proxy sitting between remote users and servers on the LAN. The service relies on the Internet as the public backbone to carry users' data.

The service differs from IP Security VPN services in that it does not need client software on remote PCs for clients to gain access to corporate resources.

As another addition to the Aventail.Net service, corporate users can delegate management rights to business units within the corporation or to business partners, so they can manage their own end users. Both options lighten the management load on central IT staff.

"If we merged with another hospital - and we could - that might come into play," says Dan Paton, IT adviser for Oakwood Healthcare in Dearborn, Mich., a collection of four hospitals and more than 30 clinics. Oakwood uses Aventail's service to support remote e-mail access and access to Oakwood's intranet.

Aventail.Net 2.0 lets its authentication directory share authentication directories of specific LAN applications so data does not have to be transferred manually. Also, Aventail is introducing a metadirectory service based in its network that syncs with corporate directories, reducing the time it takes to replicate changes users make to their Lightweight Directory Access Protocol directories.

"This was a required addition. Users don't want to recreate directories," says Corey Ferengul, an analyst with Meta Group. He also says a Web page to let customers manage their own users is key because waiting for service providers to make these changes, such as revoking rights of employees, can be a security risk.

Aventail.Net 2.0 is supported by a rack of servers - placed on the LAN side of firewalls at customer sites - that proxy Secure Sockets Layer (SSL) sessions between users on the Internet and resources on the corporate LAN. Users can issue SSL software clients to each remote user or they can use SSL that is embedded in their Web browsers.

Users authenticate through the Aventail servers, to pre-existing corporate directories or to an Aventail directory.

Aventail recently announced it landed another $55 million in venture financing.

The service costs $10 to $50 per person, per month, depending on selected features. Aventail guarantees it will have the service running within 10 weeks of ordering.

Contact Senior Editor Tim Greene

Other recent articles by Greene

Aventail