MCI tightens remote access security

MCI is beefing up its secure remote access products with the availability of a Secure Sockets Layer VPN service that offers enhanced security controls for network managers and better authentication for dial-up customers.

The service will enhance security for remote users accessing their corporate networks via dial-up, DSL, Ethernet or wireless connections. Some of the new services are available immediately, while others will roll out later this year.

“We are focused on strengthening our remote access security, making it simple for end users by building a lot of features in and also making it simple for IT staffs to use and deploy to end users,” says Kelly Rown, senior manager for remote access products at MCI.

“We are one of the largest remote access services providers, one of the largest VPN providers and one of the largest managed VPN providers,” she adds.

MCI announced the immediate availability of an SSL VPN, which will be an alternative to the IPSec VPN MCI already offers. MCI has created its SSL service in conjunction with Aventail, a leading provider of managed VPN services. The SSL offering is geared toward companies that want to open up their networks and applications to customers and suppliers without investing in expensive dedicated network connections.

MCI’s SSL VPN does not require client software, so users can securely connect to corporate data and applications via a Web browser. Network managers can administer passwords, manage access policies and add or delete users for the SSL VPN through MCI’s Access Manager software. The SSL VPN is also integrated with MCI’s Enterprise Services Manager software.

The SSL VPN ranges in price from $2,700 to $19,000 per month depending on the number of users. MCI does not yet have any customers for its SSL VPN offering, company officials said.

In addition to the SSL VPN, MCI has modified its Access Manager software to be aware of desktop applications such as personal firewalls and anti-virus clients. This software allows network managers to push security updates to traveling or remote users. IT managers also can configure end user computers to prevent access if key security applications are not working. The software keeps polling the end user’s computer, and if one of the security applications isn’t working, the software will close the VPN connection.

A complementary offering from MCI is a centrally managed personal firewall. Available this spring, the centrally managed personal firewall allows IT managers to extend corporate security policies to end users’ PCs. Pricing is not yet available for the centrally managed personal firewall offering.

MCI also says it will introduce the Extensible Authentication Protocol (EAP) to its remote access solutions this fall. EAP is an authentication protocol that supports multiple authentication mechanisms. EAP supports one-time passwords that are scrambled before they cross the network.

Finally, MCI announced the availability of anti-fraud protection for its remote access customers. This service is similar to MCI Sheriff, which is available to calling card customers. If MCI suspects illegal activity, it will terminate a calling card. Now MCI will offer the same protection for remote access users whose identities and passwords may have been compromised.

Analysts say secure remote access is an important opportunity for ISPs like MCI.

“Remote access is one of the most basic tools in the IT arsenal,” says Keith Waryas, research manager for wireless business network services at IDC. “If you have any remote workers, they have to be able to connect to your network. It’s really a step above the PC in terms of being a service that a business has to have.”