Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
First iPhone worm spreads Rick Astley wallpaper
Four reasons to buy (and one reason to avoid) the Droid
Stimulus for tech and telecom $3B, but jobs still guesswork
Cisco MARS shuts out new third-party security devices
Verizon Droid buzz muted in Boston
Week in Google news: Google Dashboard, Droid fever, focus on e-commerce
Cloud computing, virtualization proponents getting antsy
Data center start-up offers energy saving software
Vendors scrambling to fix bug in Net's security
Judge dismisses lawsuit challenging Gartner's Magic Quadrant
Boston Celtics clamp down on spam
Cloud computing inevitable? Not so fast, educator says
Blue Coat slashes staff, buys S7 services company
Apple seeks new sheriff to lock up iPhones
/

Reviews /

Response to RFP: Internet Dynamics

Today's breaking news
Send to a friendFeedback

Network World Fusion, 05/10/99

Submitted by:
Internet Dynamics, Inc.
3717 East Thousand Oaks Blvd.
Westlake Village, CA 91362
(805) 370-2200
http://www.conclave.com

Overview

Internet Dynamics, Inc. offers an integrated network security product called Conclave. Conclave provides remote access, VPN, firewall, access control, authentication services, virus protection and content filtering technology in one centrally managed product. What this means for Powell Electrical Manufacturing is that not only will Conclave be able to cost effectively assist in the enhancement of the current remote access solution, Conclave will also position Powell Electrical Manufacturing to take advantage of site to site VPN technologies in addition to fine-grained access control, firewall capabilities, virus protection and content filtering. All the capabilities of Conclave are managed from a single, policy-based administrative console.

Solution

Internet Dynamics recommends that Powell Electrical Manufacturing install the Conclave Electronic Passport on each remote user's computer. The Electronic Passport is an IPSec-based remote access client that runs on Windows 95, 98 and Windows NT. It is responsible for establishing an encrypted VPN tunnel to the central site. Each remote user will install an X.509 digital certificate onto their computer to be used with the Electronic Passport. The X.509 digital certificate is used in conjunction with the Electronic Passport to provide strong identity/authentication as well as strong privacy/encryption. To operate the Electronic Passport, each user will connect to the Internet through either a dial-up or dedicated connection. Once the user is connected to the Internet, the Electronic Passport will ensure that all data transmitted to and from the central site is fully authenticated and encrypted. In addition, since all traffic to the central site is encrypted, remote users will have full access to Microsoft file sharing, just as if they were locally attached to the central network.

In conjunction with the Electronic Passport installed on each remote user's computer, a Conclave Access Filter will be installed at the Powell Electrical Manufacturing central site. The Access Filter contains integrated remote access, VPN, firewall and authentication software to ensure that all data access is secured. The Access Filter provides the following benefits:

  • Support for remote access users
  • Support for site to site VPN connections
  • ICSA certified firewall protection
  • Integrated Certificate Authority
  • Strong authentication using digital certificates, RADIUS, Windows IDs and other authentication techniques
  • Virus scanning of all email, ftp and web traffic
  • Fine-grained access control for all web traffic
  • Internal as well as external access control
  • Content filtering of all web traffic to ensure proper use of corporate equipment
  • Single administrative interface for all functions
  • Support for delegation of administrative duties
  • A powerful distributed database that is shared across multiple Access Filters, when the need for more Access Filters occurs.

Reporting

Conclave supports several forms of reporting. Conclave Access Filters provide comprehensive logging of traffic flow and system behavior. These logs are consolidated into a Microsoft Access Database for reporting using Crystal Reports. In addition, Conclave supports a robust alerting subsystem. Many kinds of alerts are supported from access allows, access denies, IP packet spoofing to disk and CPU utilization. These alerts can be delivered in several ways including Windows network messages, emails, pagers and SNMP traps.

IPX

Conclave does not support IPX natively. However if all IPX traffic is tunneled using an IP protocol such as PPTP to a server protected by a Conclave Access Filter, this configuration can be supported. Conclave allows both PPTP and GRE protocols through an Access Filter. This means that remote users desiring to use the IPX protocol will need to configure their machines to support PPTP. Both PPTP and IPSec traffic can coexist on the remote user's machine. As the IP migration progresses the use of PPTP can be replaced by IPSec as desired.

Fault Tolerance

Conclave has been designed as a robust system. Watchdog processes exist within Conclave to guarantee system availability. If a Conclave process fails it will be automatically restarted by the watchdog process. For machine failures non-Conclave remedies are recommended. One such remedy is Microsoft's Wolfpack high-availability cluster solution that allows applications running on a Windows NT server to be restarted on a backup system in case of a failure.

Central Office

Each remote access user will install the Electronic Passport and receive fully authenticated and encrypted access to data. Users at the central office will also benefit from the installation of the Conclave Access Filter in several additional ways. First, since the Access Filter has a built-in ICSA certified firewall they will be protected from Internet users. Second, they will benefit from internal access control. Each Access Filter is capable of providing fine-grained access control. This allows the various departments within Powell Electrical Manufacturing to establish Intranet servers and to decide who will have access to them. Third, virus protection is included with each Access Filter. All email, ftp and web traffic is virus scanned at the Access Filter. All this functionality is included with the Access Filter.

Subsidiaries

Each remote access user at the subsidiary offices that is interested in remote access to the central office will install the Electronic Passport and receive the same fully authenticated and encrypted access to data as the central office users. However, since a Conclave Access Filter is not installed at each subsidiary office, subsidiary users won't benefit from the additional features provided by the Access Filter. If these feature are desired it is possible to install Access Filters at each subsidiary. By doing so the subsidiaries will receive additional Access Filter benefits and will be able to participate in a site-to-site VPN. A site-to-site VPN allows users at all offices to share information safely over the Internet, whether or not they are remote users using the Electronic Passport. A site-to-site VPN provides strong authentication and encryption between two sites.

Pricing

Powell Electrical Manufacturing will require 70 central remote access users in addition to a single central Conclave Access Filter. Pricing for this configuration is as follows:

70 users x $70/user = $4900 - total cost for the Electronic Passport

1 Access Filter with 250+ users = $16,220

Total Cost: $21,120

Conclusion

Internet Dynamics' Conclave provides a strong remote access solution using industry standard technology. In addition, Conclave provides other network security technology without additional cost thus positioning Powell Electrical Manufacturing for future growth. As a whole Conclave provides the broadest network protection with centralized management available on the market today.

RELATED LINKS

Additional responses
Plus the original RFP and a sample RFP from The Gartner Group.

Review: VPNs
We test 15 products. Network World, 5/10/99.

Interactive VPN buyer's guide
Find a VPN that best matches your critieria.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.