Check Point Makes Clientless VPN Connections

Feature lets customers connect to corporate networks from any Net-connected computer.

Check Point Software Technologies Ltd. this week will unveil a new set of features and capabilities for its line of virtual private network products.

The most noticeable enhancement is the addition of support for "clientless" VPN connections via Secure Sockets Layer. Customers can now connect to their corporate networks using any Web browser on any Internet-connected computer.

Check Point officials say they expect most customers to use the new functionality as a secure way to bring customers, partners and others outside the corporation into the network.

"The problem you run into is you have all of these outside people like partners and customers, and you cant exactly force them to install your VPN software on their networks," said Leslie Stern, senior product marketing manager at Check Point, with U.S. headquarters in Redwood City, Calif. "This is a simple way to get around that."

SSL-based VPNs have gained momentum of late. Customers, attracted by the anywhere, anytime access capabilities, have begun to switch over from traditional IPSec deployments. For years, the SSL protocol—also known as Transport Layer Security—was considered too slow for use in serious, enterprise-class VPN deployments. But advances in hardware as well as refinements to the protocol itself have changed that perception.

Check Point also is adding a feature known as VPN routing, which will enable customers to design and deploy more complex VPNs. The new functionality is meant to make it easy for customers to deploy "hub and spoke" style VPN configurations, in which the hub does the decryption, inspection and encryption of each message. Customers can also string together multiple hubs and spokes.

There is also a new SmartView Monitor that gives administrators a view of how many VPN tunnels are active at any one time, a gauge of current throughput and a packet counter. And a new set of Client Security Assurances checks the security settings of machines attempting to establish inbound VPN connections to ensure that they meet the customers standards.

The new features will be available in September.