NetSilica Redirectors all traffic for extra security

NetSilica has added more security features to its Secure Sockets Layer Enterprise Private Network remote access gear, including a server that lets all remote access traffic pass through the same firewall port.

This arrangement enables organizations to keep more ports closed altogether, reducing the chance that an attacker could break through.

Called EPN Redirector, the software sits on a server that is on the same side as the firewall of the servers being accessed. Often NetSilica’s EPN and other vendors’ SSL gear is deployed between a pair of firewalls, with the SSL remote access server punching holes in an internal firewall to proxy traffic between remote PCs and corporate servers.

With EPN Redirector, all the traffic through the internal firewall is sent to the Redirector through a single port and then to the target server.

This feature also presents the possibility of site-to-site communications with SSL gear. Rather than a session being initiated from a remote machine with its own Internet connection, a device on a LAN could access another corporate site through EPN Redirectors and EPN servers at each site.

Such site-to-site arrangements are common with IPSec VPNs, enabling companies to use the Internet to connect offices rather than frame relay networks or dedicated circuits. Most SSL remote access vendors concede that IPSec is better suited to this purpose, but NetSilica says its gear could fit the bill.

NetSilica is also upgrading its software to better support Citrix and Windows Terminal Services. EPN supports downloading Java applets to remote PCs to act as clients to the server side of these applications. Before, separate clients had to be loaded on the remote computers.

The redirector module is $5,000 and is optional as part of an EPN deployment.