• United States
Executive Editor

Neoteris rolls out SSL gear

Nov 11, 20023 mins
NetworkingRemote AccessSecurity

Neoteris is making it possible to cluster its Secure Sockets Layer remote-access machines so customers don’t lose their connections to business networks if one box should fail.

MOUNTAIN VIEW, CALIF. – Neoteris is making it possible to cluster its Secure Sockets Layer remote-access machines so customers don’t lose their connections to business networks if one box should fail.

The company this week is demonstrating three new hardware platforms that boost capacity of its products so they will be more attractive to customers with a lot of remote users. Neoteris uses SSL technology in Web browsers rather than remote-access clients that would have to be installed on remote PCs. This differs from IP-Security-based VPNs that require dedicated client software on remote machines and is simpler to deploy.

The new equipment, called Access Series, can support up to 7,000 SSL sessions at a time by clustering the boxes. The company’s old hardware, Instant Virtual Extranet (IVE), maxed out at 1,000.

The Access Series replaces IVE hardware and sports a new version of software, IVE 3.0, that lets users cluster the devices and compress traffic. It can tap external directories to create groups of users that are allowed access to the gear.

The devices sit in a separate network segment behind the firewall and establish SSL connections to remote machines after the remote users authenticate themselves. The devices proxy traffic between the remote machines and corporate servers that host Web-based and other applications.

The option to cluster gear is key to Palo Alto law firm Wilson Sonsini, Goodrich & Rosati, says the firm’s CIO Phillip Hoare. The firm now has redundant IVE boxes, so if one fails, users have a second one to which they can reconnect. If one device fails, another box picks up the sessions without user intervention. “Remote access is essential to us after-hours, and we have an unforgiving population, being lawyers,” Hoare says.

Neoteris competes against vendors such as Aspelle, Aventail, Netilla and SafeWeb, as well as V-One, which has an alternative clientless technology.

“I believe [Neoteris is] the only one of the start-up, SSL remote-access vendors doing failover,” says Zeus Kerravala, a vice president with The Yankee Group.

Customers can link up to eight Access 5000 boxes in load-balancing, failover mode. Each box is active all the time, processing SSL sessions, and if one fails, the others take over. Together, eight Access 5000s can support 7,000 simultaneous users. Access 5000 supports compression that can cut the size of transmission time in half, saving download time for users. It also has a separate processor to handle SSL encryption.

The other two Access boxes have smaller capacity and support fewer features. Access 3000 lacks compression and an SSL processor, and supports failover between only two boxes. Access 1000 boxes can be paired, but when one box fails over to the other, sessions must be re-established. There are three models of Access 1000 that cost $10,000 to support 50 simultaneous users, $15,000 to support 100 and $25,000 to support 250. Access 3000 comes in four models that support between 100 and 1,000 users for $30,000 to $70,000. Access 5000 has five models from $40,000 to $115,000 to support 100 to 2,500 simultaneous users.

The original IVE appliance ranged in price from $10,000 for support of 50 simultaneous users to $100,000 for support of 1,000.

The new appliances will be available Dec. 15.