Start-up NeoAccel says its SSL remote-access gateway will overcome one source of delay that its competitors don't address: making the gear suitable for use on Wi-Fi networks.
The company says because its SSL VPN-Plus gateway uses fewer TCP sessions than other SSL gear to establish client/server connections between remote computers and corporate servers, fewer of those connections will drop.
TCP retransmits data when packets are lost, and this can slow data transmission enough that client/server sessions time-out, says NeoAccel's founder Michel Susai.
As with other SSL remote-access gear, NeoAccel gateways sit between the Internet and corporate networks, which lets remote computers make SSL connections over the Internet to Web applications on business networks. To do so, browsers in remote machines make application-layer SSL links to gateways.
Like gateways from Aventail, Juniper and others, SSL VPN-Plus supports client/server connections by downloading agents that intercept traffic from application client software on remote computers and tunneling it over an SSL connection to a gateway.
Other gateways use separate TCP sessions to control the SSL connections and the client/server connections that tunnel over them. With one TCP session riding over another, the chances increase that long delays will result, making application time-outs more likely, Susai says.
NeoAccel gear, on the other hand, uses a single TCP session to control the SSL link to the gateway and the tunnel connecting the remote client to the target server. With just one TCP connection between the remote machine and the gateway, delays will be reduced, Susai says. Because Wi-Fi networks are known for higher packet loss than wired ones, the TCP-delay problem is more pronounced, he says, and SSL VPN-Plus can help alleviate it.
Mindbrook, in Santa Clara, is about to beta-test SSL VPN-Plus, says Mike Hulme, executive vice president of the company. Mindbrook, and in many cases its clients, use wireless LANs to connect to the Internet, introducing packet loss that could create TCP delay, he says. "We need to set up reliable connections in minutes," he says.
Innova Solutions, a Santa Clara software developer, has beta-tested NeoAccel gear for the past four months with an eye toward using it to distribute its software, says Rich Marino, the company's chief strategy officer. Innova tried IPSec remote-access VPN gear, but it had trouble getting through business partners' firewalls, he says.
The company tried Neoteris' SSL remote-access equipment, but it supported only Web-based applications at the time, Marino says. SSL VPN-Plus promises to support all the applications IPSec does but without the firewall problems or the time it takes to re-establish a connection if it is dropped.
Susai has a background in this technology from his work as a founder of SSL acceleration company NetScaler, which specialized in multiplexing SSL sessions to reduce the load on application servers.
SSL VPN-Plus will be demonstrated at the RSA conference in San Francisco Feb. 14-18. It is scheduled to be available Feb. 17. Pricing is not available.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment