* Consider aggregators, SSL VPNs for mobile security
Security is tricky for the mobile populace. The user might be accessing the corporate network via any number of public (“untrusted”) connections and devices.
Also, new types of threats are continually cropping up in the forms of malware, hacks, and denial-of-service attacks. And the latest compliance mandates require closer tracking and logging of user access.
One route to explore is the use of network service aggregators that include cellular and Wi-Fi connections, as well as endpoint security, as part of their wireline connectivity packages. You get the benefit of connectivity to multiple types of network services from a single supplier with a single invoice and a single user interface.
Such services typically involve running a special software client on user devices.
For security, the provider runs a gateway in its network operations center (NOC) that checks user access attempts for device compliance with policies you specify for the latest anti-virus and operating system versions. This can be offered as a managed service or the provider might supply you with the gateway to operate in your own NOC. Levels of access can account for access network type, access device type, and so forth in your policy.
However, sometimes enterprises wish to empower members of their mobile work forces to access the corporate network from devices not owned, configured and managed by the IT department or the managed service provider. (Consider users needing access from a public kiosk or a colleague’s PC, for example.) The aggregator’s special client software won’t be running on that device.
An option in these cases is to use an SSL VPN, which is heating up as a popular alternative for meeting the dynamic security and connectivity requirements of the mobile enterprise.
The encryption and authentication capabilities are embedded into browsers, rather than special client software. Combined with an SSL VPN appliance back in the data center, the SSL VPN can work with basically any client device requesting access, whether the device is owned and managed by you or not.
Most SSL VPN products have developed into multi-function security appliances that handle endpoint security in the way that the policy gateway does in the aggregator scenario, along with SSL’s traditional encryption and authentication. Among the companies that make SSL VPNs are Array Networks, Aventail, Check Point, Cisco, Juniper Networks, PortWise and a number of others.




