Start-up NeoAccel says its SSL remote-access gateway will overcome one source of delay that its competitors don't address: making the gear suitable for use on Wi-Fi networks.

The company says because its SSL VPN-Plus gateway uses fewer TCP sessions than other SSL gear to establish client/server connections between remote computers and corporate servers, fewer of those connections will drop.

TCP retransmits data when packets are lost, and this can slow data transmission enough that client/server sessions time-out, says NeoAccel's founder Michel Susai.

As with other SSL remote-access gear, NeoAccel gateways sit between the Internet and corporate networks, which lets remote computers make SSL connections over the Internet to Web applications on business networks. To do so, browsers in remote machines make application-layer SSL links to gateways.

Like gateways from Aventail, Juniper and others, SSL VPN-Plus supports client/server connections by downloading agents that intercept traffic from application client software on remote computers and tunneling it over an SSL connection to a gateway.

Other gateways use separate TCP sessions to control the SSL connections and the client/server connections that tunnel over them. With one TCP session riding over another, the chances increase that long delays will result, making application time-outs more likely, Susai says.

NeoAccel gear, on the other hand, uses a single TCP session to control the SSL link to the gateway and the tunnel connecting the remote client to the target server. With just one TCP connection between the remote machine and the gateway, delays will be reduced, Susai says. Because Wi-Fi networks are known for higher packet loss than wired ones, the TCP-delay problem is more pronounced, he says, and SSL VPN-Plus can help alleviate it.

Mindbrook, in Santa Clara, is about to beta-test SSL VPN-Plus, says Mike Hulme, executive vice president of the company. Mindbrook, and in many cases its clients, use wireless LANs to connect to the Internet, introducing packet loss that could create TCP delay, he says. "We need to set up reliable connections in minutes," he says.

Innova Solutions, a Santa Clara software developer, has beta-tested NeoAccel gear for the past four months with an eye toward using it to distribute its software, says Rich Marino, the company's chief strategy officer. Innova tried IPSec remote-access VPN gear, but it had trouble getting through business partners' firewalls, he says.