SSL VPNs, unlike more traditional IPSec VPNs, let users remotely access corporate networks without having client software installed on their machines. Instead, users log in through Web browsers over a link encrypted with SSL. But because users can access networks in public locations or at home, sensitive data can be put at risk. Cisco says Twingos software will help it provide better endpoint security, officials said.
"This has really been the Achilles heel for SSL VPN technology," said Scott Pope, manager of security platforms for Ciscos VPN and Security Business Unit, in San Jose, Calif.
Twingos software addresses this problem by erasing temporary files, caches, cookies, e-mail file attachments and other downloaded data at the close of an SSL VPN user session.
"Basically it creates a vault with all the session information, and at the end of the session that vault is erased," Pope said. Twingo also helps protect against spyware.
Additionally, Twingo addresses SSL VPN connectivity problems that result from variations in browser security settings or end-system administrative privileges. For example, Pope said, "home users can turn off the ability for browsers to run applets—which SSL VPN depends on."
Cisco plans to incorporate Twingos Virtual Secure Desktop into its existing WebVPN solution, beginning with the Cisco VPN 3000 Concentrator series. New products are expected in the second half of this year, Pope said. Cisco will fold Twingo into its VPN & Security Business Unit. The deal is expected to close this spring.