NetScaler Boasts SSL VPN Capabilities

NetScaler is updating its NetScaler 9000 Series secure applications networking system with Secure Sockets Layer virtual private networking and improved manageability.

NetScaler Inc. next month will release new functionality for its NetScaler 9000 Series secure applications networking system that adds Secure Sockets Layer virtual private networking and improved manageability.

The Santa Clara, Calif., companys offering combines Layer 4 to Layer 7 switching with security and Web applications performance optimization on a single hardware platform. The NetScaler 9000 provides SSL encryption and protection against denial-of-service attacks along with TCP offload and buffering for Web servers, and it offers compression on top of a Layer 4 to Layer 7 switching engine.

The new SSL VPN capabilities obviate the need—as with IPSec VPNs—to install client software on remote laptops or desktops to establish a secure tunnel for remote access to enterprise applications. Unlike other SSL VPN offerings, it supports a variety connection types and applications—not just Web applications, according to Shawn Nunley, director of technology and development at NetScaler, in Santa Clara, Calif.

"Current solutions have lot of problems when users try to reach their applications because they are not built to perform over private links. Were making it so SSL VPN clients successfully reach their applications," he said.

The SSL VPN function supports Web applications, client/server applications and any application that uses TCP. "You can do file sharing, and terminal programs [such as Telnet or TN3270] work too," said Nunley. The function also supports several authentication methods, including RADIUS.

One NetScaler 9000 user, already using IPSec-based VPNs, sees a need for both in his companys network. "One size does not fit all. Were also looking at using SSL VPNs where we dont have control over the PC to be able to install a client-based VPN solution, or in environments where we have users trying to gain access to a file from another location [and workstation]," said Eric Walters, manager of network services for 7-Eleven Inc., in Dallas.

The new upgrade is being delivered in the second phase of NetScalers Model for App Intelligent Networking (MAIN) initiative, which moves beyond the secure delivery of Web applications to deliver secure remote access to any TCP application with greater performance and manageability. "We have a system that solves the infrastructure problem, provides optimization, scale and protection of the infrastructure, and now were extending that to remote access," Nunley said.

The latest enhancements also integrate in-memory caching for both static and dynamic content, new global link load balancing and dynamic route learning functions in its application switching capabilities, and easier administration through an enhanced management dashboard that graphically displays monitoring statistics. The management enhancements also include new XML-based APIs for device configuration, enabling administrators to limit access to applications.

Walters believes the all-in-one approach taken by NetScaler can help reduce costs and simplify network management. "Its one hardware platform and one user interface I have to be familiar with. The less hardware you have, the less expense you have to maintain it," he said.

The upgrade is due next month in new secure remote access user packs.