Blue Coat SSL VPN protects data on remote machines

Blue Coat Networks this week is announcing a single SSL-VPN appliance that helps customers with lots of remote access users protect application traffic as it crosses the Internet.

The Blue Coat RA appliance performs standard SSL VPN functions by creating an SSL tunnel between remote users and corporate networks. It goes a step further: securing the data that is accessed during the SSL sessions to protect it from keyloggers, cache spies and other malware that might attempt to capture confidential information.

The device accomplishes that task via an executable file that can be downloaded to any computer regardless of who - the business that owns the Blue Coat RA gateway or the user - has administrative control of the machine, Blue Coat says. Other vendors' gear requires users to have administrative control to download such agents.

The download, called Blue Coat Connector, intercepts system calls by processes on the computer and can suspend the ones it finds suspicious. So, for instance, if a keylogger tries to access keystrokes being typed for a particular application, the Connector restricts access to that information to just the application, so the keylogger can't get at it.

Blue Coat RA secures data downloaded to remote PCs during SSL VPN sessions

Using policies that are downloaded with the Connector, the remote machine encrypts files sent from the corporate network. So, if a remote user accesses an e-mail with a Word document attached, that document could be encrypted before it is copied to the disk of the remote computer, protecting it from being read if it is captured by malware on the machine.

This capability is unique to Blue Coat, although F5 Networks and Microsoft, via its purchase of Whale Communications and its own software, have the elements to put together similar technology, says Rob Whiteley, an analyst with Forrester Research.

Blue Coat Connector also uses SOCKS to wrap up traffic as it is sent from remote machines and tunneled via SSL to the Blue Coat RA gateway. The SSL session is terminated, and the SOCKS wrapper on the data is used to proxy the traffic to its destination.

Blue Coat RA is available in three models, RA 510A, RA 810A and RA 810B, which cost $7,000 to $54,000, depending on the number of simultaneous users they support.

Learn more about this topic

Blue Coat buys SSL VPN company for $60.8 million


SOCKS overview

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2006 IDG Communications, Inc.