Nortel Alteon VPN Gateway 3050 |
 |
VPN Gateway 3050
The Nortel VPN Gateway 3050 is a remote access security solution that extends the reach of enterprise applications to remote employees, partners, and customers. By leveraging the native capability of widely deployed web browsers SSL technology and also supporting IPsec VPN access, the VPN Gateway 3050 offers the industries most flexible and cost effective secure remote access solution on the market today.
Key Features:
- Reduced access complexity
The VPN Gateway 3050 removes the ongoing client support and maintenance requirements associated with traditional remote access solutions.
- Deployment flexibility and investment protection
Supports multiple VPN access modes (browser only, java applet or full SSL VPN access via Net Direct) and can also terminate the VPN client.
- High scalability, availability and performance
Supports 2,000 concurrent SSL and IPsec VPN user tunnels and provides hundreds Mbps of aggregate VPN throughput. Gateways provide VPN acceleration, load balancing and can be clustered in groups of up to 255 units to support highly robust VPN designs.
- Strong remote endpoint security
Nortel's VPN Gateways provide a suite of safeguard features to protect against malicious intent and user negligence. The 3050 supports the Nortel VPN Tunnel Guard feature which enforces endpoint security checking for both client and client-less VPN endpoints.
VPN Gateway 3050 Features & Benefits
Features
Integrated Traffic Management
The VPN Gateway 3050 can perform content-based load balancing to support high-availability application architectures with secure session persistence, and plug 'n play scalability.
SSL Accelerator Configuration Option
The VPN Gateway 3050 now incorporates the full suite of Nortel SSL Accelerator features and can be deployed as a cost-effective dedicated SSL offload appliance with the flexibility to activate SSL VPN features as needed.
Integrated SSL Acceleration
The VPN Gateway 3050 can manage up to 1500 public key operations per second to maintain application performance across the gateway. Comprehensive key and certificate management features facilitate PKI administration.
Private-side Encryption
The VPN Gateway 3050 protects user privacy and data confidentiality by supporting authenticated and encrypted sessions on either side of the gateway; one to the client and another to the application, without overloading servers.
Client Security
The VPN Gateway 3050 can dynamically adjust access privileges based on user IP address or authentication strength and automatically terminate suspicious sessions without leaving trace data on the user device.
Authentication
The VPN Gateway 3050 incorporates a local authentication database in addition to LDAP, RADIUS, NTLM, Active Directory and Netegrity services support. Alternatively, users can be authenticated using digital certificates or 2-factor, token based systems where strong authentication is required.
Clientless/Enhanced Clientless Modes
To ensure support the broadest range of applications, the VPN Gateway 3050 adapts the session type to the potential capability of any particular browser. Clientless mode provides on-the-fly content transformation at the gateway and Enhanced Clientless mode runs applets in the browser to build VPN tunnels for client/server applications.
Global VPN Load Balancing
The VPN Gateway 3050 solution can be deployed in a distributed environment to provide multiple redundant access points to the private network. By incorporating the global server load balancing technology of the Nortel Application Switch, users can be transparently re-directed to the closest or best performing access point regardless of their actual location.
Granular Access Control and Auditing
The VPN Gateway 3050 provides access control based on static lists. Once a user is authenticated, a dynamic session cookie maintains the client's true identity for the duration of the session. All user activity is logged using a syslog event manager for detailed auditing support.
Clustering
Multiple VPN Gateways can be clustered using an internal load balancing mechanism or with an Nortel Application Switch. In addition to providing plug 'n play scalability, the Application Switch provides load balancing, health checking and persistent connections to the gateways in the cluster.
Advanced Filtering
The VPN Gateway 3050 provides powerful application-layer filtering capabilities that can be used to block unwanted traffic. Policies can be established to block even authenticated users based on IP address, requested URL, application type, or cookie information. This added security feature complements firewalls and intrusion detection systems that cannot scan encrypted data.
Benefits
Simplicity
The VPN Gateway 3050 integrates seamlessly into any network and uses existing client technology to minimize installation, operational and support headaches. Scalability is a simple plug and play procedure with additional appliances. Accessing secure applications is as simple as reaching a web site using the familiar web browser interface. An intuitive web portal provides the necessary remote access functionality and application access for remote users and the Web UI management interface has been augmented with configuration wizards and detailed help screens.
Breadth of Application Support
The Enhanced Clientless and Transparent modes of operation improve the breadth of applications available to remote users. By combining SSL with application proxies, the VPN Gateway 3050 provides enterprises with secure remote access to legacy client/server and UDP applications.
High Performance, Availability and Scalability
The VPN Gateway 3050 has proven to be one of the fastest SSL VPN gateways available at any price. The integrated intelligent traffic management features improve application performance by sharing requests among back-end servers. And scaling capacity is a simple plug 'n play operation with the native clustering capability, or with the advanced cluster management capabilities of the Nortel Application Switch.
Unrestricted Mobility
The VPN Gateway 3050 provides more opportunities for mobile workers to stay in touch with their business; resulting in improved frequency of communications with employees and customers. Similarly, partner access is not restricted to a particular PC for simplified B2B process integration.
Lower Total Cost of Ownership
The VPN Gateway 3050 uses existing web browsers and Internet connectivity for a simple remote access solution without the operational overhead of installing, supporting and maintaining client software. Additionally, the VPN Gateway 3050 can be configured to support IPsec remote users without any incremental hardware investments.
Nortel Alteon Whitepapers
|
