A SEA Change in Security Appliances
eWEEK Labs believes the SafeWeb SEA might not replace VPNs as every organizations primarily choice for secure remote access to internal resources, but it has the potential to complement existing VPNs and ably address security needs.
The SafeWeb SEA appliance sits behind the corporate firewall and protects network communications between remote clients on the public network and the application servers within the private network or intranet. It applies high-level encryption to all connections and acts as an application-level reverse proxy so remote clients can access corporate applications and data using a standard Web browser.
Using traditional VPN and extranet systems, remote users must install either hardware or software in order to access resources. With the SafeWeb SEA, in contrast, clients can access internal resources using a standard Web browser. This eases the task of training remote users and eliminates compatibility issues when installing software on remote systems.
The SafeWeb SafeWeb SEAs application-level reverse proxy with a modular architecture generates requests to local resources on behalf of remote clients and submits the results back to the clients Web browser. Acting as the intermediary between the servers and the clients, the SafeWeb SEA can securely proxy standard network resources including Web pages, applications and e-mail.
At $15,000, SafeWeb SEAs simplicity wont come cheap compared with VPN solutions, although its price is comparable to some secure extranet offerings. However, because the SafeWeb SEA examines and rewrites data at the application level, it is inherently more secure than VPNs that operate at the networking (TCP/IP) level. It greatly lowers the risk that users can introduce viruses to the internal network through operating system vulnerabilities.
The SafeWeb SEA can be a good alternative to traditional VPNs and extranet products, but it cannot address certain legacy applications. It also doesnt have the muscle to push out the performance that Gigabit VPNs can offer in terms of throughput and scalability, which could limits its implementation at larger sites.
Technical Analyst Francis Chu can be reached at firstname.lastname@example.org.