NetScaler to Gain SSL VPN

Secure system will be easier to manage.

NetScaler Inc. later this month will introduce new functionality for its NetScaler 9000 Series secure applications networking system that adds SSL virtual private networking and improved manageability.

The Santa Clara, Calif., companys offering combines Layer 4 to Layer 7 switching with security and Web applications performance optimization on a single hardware platform. The NetScaler 9000 provides Secure Sockets Layer encryption and protection against denial-of- service attacks, along with TCP offload and buffering for Web servers. It also offers compression on top of a Layer 4 to Layer 7 switching engine.

Unlike IP Security virtual private networks, the SSL VPN capabilities dont require installation of client software on remote laptops or desktops to establish a secure tunnel for remote access to enterprise applications. And unlike other SSL VPN offerings, NetScaler supports a variety of connection types and applications—not just Web applications, said Shawn Nunley, director of technology and development at NetScaler. "Current solutions have a lot of problems when users try to reach their applications because they are not built to perform over private links. Were making it so SSL VPN clients successfully reach their applications," Nunley said.

The SSL VPN function supports Web applications, client/server applications and any application that uses TCP. "You can do file sharing, and terminal programs [such as Telnet or TN3270] work, too," said Nunley. The function also supports several authentication methods, including Remote Authentication Dial-In User Service.

One NetScaler 9000 user already using IPSec-based VPNs sees a need for both protocols in his companys network. "One size does not fit all. Were also looking at using SSL VPNs where we dont have control over the PC to be able to install a client-based VPN solution or in environments where we have users trying to gain access to a file from another location [and workstation]," said Eric Walters, manager of network services for 7-Eleven Inc., in Dallas.

The upgrade is being delivered in the second phase of NetScalers MAIN, or Model for Application Intelligent Networking, initiative, which moves beyond the secure delivery of Web applications to deliver secure remote access to any TCP application with greater performance and manageability, said Nunley.

The latest enhancements merge in-memory caching for static and dynamic content, new global link load balancing, dynamic route-learning functions, and easier administration via an enhanced management dashboard. The upgrade has new XML-based APIs for device configuration, enabling administrators to limit access to applications.

The upgrade is due next month in new secure remote access user packs.