SlideShare une entreprise Scribd logo

The sonic wall clean vpn approach for the mobile work force

Icomm Technologies
Icomm Technologies

A Clean VPN approach delivers layered defense-in-depth protection for the core elements of business communications.

Business
1  sur  6
Télécharger pour lire hors ligne
The SonicWALL Clean VPN Approach for the Mobile Workforce A Clean VPN approach delivers layered defensein-depth protection for the core elements of business communications. CONTENTS A Network of Personal Devices 2 Endpoints—and Threats—are Everywhere 2 The SonicWALL Clean VPN Approach 3 Conclusion 6
Abstract The consumerization of IT and “bring-your-own-device” policies have made it more challenging for IT to secure network access for mobile laptops, smartphones and tablets. The SonicWALL® Clean VPN™ approach unites SSL VPN secure remote access and Next-Generation Firewall technology to deliver layered defense-in-depth protection for the core elements of business communications: the endpoints and users; the data and application resources; and the traffic connecting them. A Network of Personal Devices Employees now work anywhere at any time. In the US alone, half of all information workers now split their i time between the office, home and other remote locations. Mobile workers need constant access to key corporate information on the network. The notion that employees conduct business only on IT-issued equipment within the traditional network perimeter is passé. To extend their workday and increase efficiency, employees rely upon the same technology—including laptops, smartphones and tablets—they use in their personal lives. In fact, the majority of new technologies adopted by enterprises are based in consumer products. This ii consumerization of IT has empowered end-users to determine what computing platforms they use to do their work, whether in the office, at home or on the road. As a result, IT is losing control over what endpoint devices connect to the network. Increasingly, companies are embracing this concept by establishing “bring your own device” (BYOD) policies that enable employees to select their own personal mobile devices for use at work. Allowing employees to use their own privately purchased mobile devices also adds the budgetary incentive to offsetting upfront hardware inventory costs. There are subtle yet significant distinctions between consumer mobile device platforms. For instance, laptops generally require greater endpoint control than smartphones and tablets, because these latter devices typically can only download applications that have undergone stringent white-list screening. (This does not apply, of course, to devices that have been jailbroken or rooted to allow the downloading of nonwhite-listed apps.) For unmanaged laptops in particular, remote access security demands using reverse proxy portal access or a virtual private network (VPN) tunnel with endpoint control. This enables IT to see if the proper security applications are running on the device, and enforce security policy to allow, quarantine or deny access based on defined security policy. ® ® ™ Mobile platforms based on Apple iOS and Google Android platforms are generally perceived to be safer since most application distribution is done through white-listed stores only. Regardless, it would be a mistake to simply trust either the applications or the data flowing through such devices. Threats do exist, and there are multiple ways to take advantage of devices if security is not implemented specifically for these platforms. Endpoints—and Threats—are Everywhere Threats and vulnerabilities exist and continue to evolve. To protect the corporate network from these threats, IT must recognize that all mobile devices should be untrusted and all access outside the corporate network is beyond IT control. Smartphones and tablets are not immune. Globally, the number of malware attacks on iii Android devices increased 400 percent year-over-year 2010-2011. There is also potential for data loss and leakage, whether by theft, unauthorized transmission or unauthorized access, even on supposedly “unhackable” smartphone platforms. Mobile devices can retain sensitive or proprietary data while connected to the corporate wireless network and then leak it over unsecured cellular to the web via email attachments and FTP uploads. 2
IT must take comprehensive measures to protect corporate resources from existing and evolving threats. Data in flight is vulnerable to man-in-the-middle and eavesdropping attack, and must be encrypted. IT should scan all data-in-flight for malware, and prevent internally launched outbound botnet attacks that can damage corporate reputation and get business-critical email servers blacklisted. At the same time, IT should deploy a solution that is capable of inspecting outbound traffic for data leakage, even if that traffic is encrypted. A “Clean VPN”—combining SSL VPN with Next-Generation Firewall—can deliver these protections, and more. The SonicWALL Clean VPN Approach SonicWALL Clean VPN delivers the critical dual protection of SSL VPN and high-performance NextGeneration Firewall necessary to secure both VPN access and traffic. The multi-layered protection of Clean VPN enables organizations to decrypt and scan for malware on all authorized SSL VPN traffic before it enters the network environment. ® The SSL VPN component of Clean VPN leverages SonicWALL Aventail Advanced End Point Control™ (EPC™) to protect the integrity of VPN access. EPC establishes trust for remote users and their endpoint ® ® ® devices (including Windows , Mac OS and Linux -based laptops, Windows Mobile, iOS and Google Android smartphones, using enforced authentication, data encryption, and granular application-layer access policy. EPC can determine if an iOS device has been jailbroken or an Android device has been rooted so that connections from those systems may be rejected or quarantined. Simultaneously, the Next-Generation Firewall component of Clean VPN secures the integrity of VPN traffic. It authorizes VPN traffic, cleans inbound traffic for malware and vulnerabilities, and verifies all outbound VPN traffic in real time. This ensures that end-user data-in-flight receives the same security scanning whether it is from inside or outside the corporate network. SonicWALL Application Intelligence and Control provides granular control and real-time visualization of applications to guarantee bandwidth prioritization for business-critical apps and ensure maximum network security and productivity. SonicWALL offers administrators the flexibility and scalability of deploying Clean VPN in two ways. Administrators may establish a Clean VPN by using the integrated SSL VPN on SonicWALL E-Class Network Security Appliance (NSA) Series, NSA Series and TZ Series Next-Generation Firewalls. Alternately, they may establish a Clean VPN by combining a SonicWALL Next-Generation Firewall with a SonicWALL Aventail E-Class Secure Remote Access (SRA) Enterprise solution or SonicWALL SRA Series solution for small- to medium-sized businesses (SMB). Integrated Clean VPN deployment In an integrated Clean VPN approach, SonicWALL Next-Generation Firewalls, featuring Reassembly-Free ® Deep Packet Inspection (RFDPI) technology, apply tightly integrated intrusion prevention, malware protection, and application intelligence, control and real-time visualization to SSL VPN traffic from laptops, smartphones and tablets. SonicWALL Next-Generation Firewalls scan all inbound and outbound traffic and scale to meet the needs of the highest-performance networks. Tightly integrated application intelligence, control and visualization helps administrators control and manage both business and non-business related applications to enable network and user productivity. An integrated Clean VPN approach enables administrators to prioritize bandwidth available over the SSL VPN for business-critical applications. For SSL VPN access over SonicWALL Next-Generation Firewalls, SonicWALL NetExtender provides thin-client access for Windows, Windows Mobile, Mac OS, and Linux-based systems. 3
SonicWALL Mobile Connect™ unified client app solutions for iOS and Google Android provide smartphone and tablet users with superior network-level access to corporate, academic and government resources over encrypted SSL VPN. Only SonicWALL offers Clean VPN™ (when deployed with a SonicWALL Next® ® Generation Firewall) to authorize, decrypt and remove threats from iOS (Apple iPad , iPhone , and iPod ® touch ) or Android traffic over SSL VPN outside the network perimeter. Additionally, SonicWALL Application Intelligence and Control allows organizations to define and enforce how application and bandwidth assets are used. Combined Clean VPN deployment A combined Clean VPN approach features all of the security and SSL VPN elements an integrated Clean VPN deployment, plus the additional SonicWALL Aventail E-Class SRA capability to perform device interrogation and enforce policy-based endpoint controls. SonicWALL EPC (available for Windows, Macintosh and Linux-based devices) integrates unmanaged endpoint protection, Secure Virtual Desktop and comprehensive cache control. EPC offers advanced endpoint detection and data protection for enterprises, by interrogating endpoint devices to confirm the presence of all supported anti-virus, personal firewall and anti-spyware solutions from leading vendors such ® ® ® ® ® as McAfee , Symantec , Computer Associates , Sophos , Kaspersky Lab and many more. When used in conjunction with SonicWALL Mobile Connect policy-based identification and enforcement also extends to iOS and Android. This allows IT to enforce a DeviceID, restrict devices from which users can log in, ensure the presence of client certificates, and determine whether an iOS device has been jailbroken or an Android device that has been rooted. When combined with SonicWALL Next-Generation Firewall as a Clean VPN, E-Class SRA delivers centralized access control and malware protection. SonicWALL Aventail E-Class SRA delivers full-featured, easy-to-manage, clientless or thin-client “in-office” connectivity for up to 20,000 concurrent mobile-enterprise users from a single appliance. E-Class SRA enhances productivity and business continuity with policyenforced remote access to network resources from Windows, Windows Mobile, Apple Mac OS, iOS, Linux, and Google Android devices. Built on the powerful, best-of-breed SonicWALL Aventail E-Class SSL VPN platform, E-Class SRA connects only authorized users to only authorized resources. Moreover, SonicWALL Aventail E-Class SRA solutions support Vasco, RSA, Active Directory, LDAP, RADIUS and SAML, as well as integrated One-Time Password (OTP) generation for two-factor authentication. A combined Clean VPN approach incorporating a SonicWALL Aventail E-Class SRA solution is able to:  Detect the integrity of users, endpoints and traffic from beyond the traditional network perimeter  Protect applications and resources against unauthorized access and malware attacks  Connect authorized users with appropriate resources seamlessly and easily in real time 4
An administrator can also establish a combined Clean VPN by connecting a SonicWALL Next-Generation Firewall with a best-selling SonicWALL SRA Series for SMB solution. The SRA Series offers clientless and tunnel access for Windows, Windows Mobile, Mac OS, iOS, Linux and Android, plus optional Web Application Firewall and multi-platform remote support. The SRA for SMB Series offers small- to mediumsized businesses granular unified policy, two-factor authentication, load balancing and high availability. The SRA Series lets authorized mobile workers and contractors connect over SSL VPN using a standard web browser. Easily and flexibly deployed into virtually any network with no pre-installed clients, the SRA Series eliminates costs of deploying and maintaining traditional IPSec VPNs. SonicWALL Virtual Assist permits Windows-based technicians to support Windows, Mac OS or Linux devices remotely. Moreover, the SonicWALL Global Management System (GMS) allows administrators to configure and manage their combined Clean VPN implementation from a single management interface. SonicWALL GMS delivers a flexible, powerful and resilient platform to centrally manage and rapidly deploy SonicWALL appliances and security configurations. In addition, it provides centralized real-time monitoring, and delivers comprehensive policy and compliance reports for even the most stringent auditing and regulatory compliance requirements. In addition, SonicWALL Analyzer delivers an easy to use web-based traffic flow analytics and reporting tool that provides real-time and historical insight into the health, performance and security of the network. Analyzer supports SonicWALL firewalls, backup and recovery appliances, and secure remote access devices while leveraging application traffic flow analytics for security event reports. Organizations of all sizes benefit from enhanced employee productivity, optimized network bandwidth utilization increased security awareness. SonicWALL is the only firewall vendor that provides a complete solution combining off-box application traffic flow analytics combined with granular IPFIX data generated by SonicWALL firewalls. 5
Conclusion SonicWALL has strategically positioned itself as an industry leader in pioneering Clean VPN technology solutions for organizations of all sizes by enabling the managed integration of its award-winning Secure Remote Access, Next-Generation Firewall and Global Management System product lines. The integrated or combined deployment of these solutions offers organizations a single solution for defense-in-depth security. A SonicWALL Clean VPN can detect the identity of users and security state of the endpoint device, protect against malware and unauthorized access based on granular policy before authorizing access, and connect authorized users easily to mission-critical network resources. Only SonicWALL is capable of delivering a truly viable Clean VPN, because only SonicWALL can offer granular endpoint control, a unified policy model allowing dynamic access policies, and the revolutionary ultra-high-performance security of Reassembly-Free Deep Packet Inspection over a multi-core processing platform. ©2011 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions are subject to change without notice. 12/11 i ii “Q2 2011 US Workforce Technology and Engagement Online Survey,” Forrester Research, Inc. “Gartner Says Consumerization Will Be Most Significant Trend Affecting IT During Next 10 Years,” Gartner Inc., October 20, 2005 “Android attacks increase 400 percent: report,” International Business Times, May 14, 2011 iii 6

Recommandé

How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System? How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System?
Forescout Technologies Inc
 
CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...
CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...
CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...
Block Armour
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Forescout Technologies Inc
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
AirTight Networks
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
Sharpe Smith
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
Icomm Technologies
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
SHOLOVE INTERNATIONAL LLC
 
Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...
Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...
Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...
CSCJournals
 

Recommandé

How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System? How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System?
Forescout Technologies Inc
 
CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...
CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...
CASE STUDY: How Block Armour enabled secure remote access to on- premise as ...
Block Armour
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Forescout Technologies Inc
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
AirTight Networks
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
Sharpe Smith
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
Icomm Technologies
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
SHOLOVE INTERNATIONAL LLC
 
Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...
Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...
Determining an Optimal Number of Access Points Using GPS data to Secure a Wir...
CSCJournals
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
John Rhoton
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
Block Armour
 
Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0
Javier Gonzalez
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
Shreya Pohekar
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
TI Safe
 
Wns rogues wp_1011_v3
Wns rogues wp_1011_v3Wns rogues wp_1011_v3
Wns rogues wp_1011_v3
Advantec Distribution
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis MPhil/MRes/BSc
 
IOT privacy and Security
IOT privacy and SecurityIOT privacy and Security
IOT privacy and Security
noornabi16
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
Lindsey Landolfi
 
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0 IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0
Block Armour
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
Editor IJMTER
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
Frank Siepmann
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Security
ijtsrd
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
NetFlow Analyzer
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
Sophos
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
AirTight Networks
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
David Fuchs
 
Sonic Wall Product Line Brochure
Sonic Wall Product Line BrochureSonic Wall Product Line Brochure
Sonic Wall Product Line Brochure
Michelle Guerrero Montalvo
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome Kit
Luca Simonelli
 

Contenu connexe

Tendances

The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
Lindsey Landolfi
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
Editor IJMTER
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Security
ijtsrd
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
NetFlow Analyzer
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
David Fuchs
 

Tendances (20)

BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
 
Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
 
Wns rogues wp_1011_v3
Wns rogues wp_1011_v3Wns rogues wp_1011_v3
Wns rogues wp_1011_v3
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
 
IOT privacy and Security
IOT privacy and SecurityIOT privacy and Security
IOT privacy and Security
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
 
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0 IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Security
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
 

Similaire à The sonic wall clean vpn approach for the mobile work force

4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
Hai Nguyen
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
Divyank Jindal
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
Brian Kesecker
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Show
fmitchell
 
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAWIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
Aharon Aharon
 

Similaire à The sonic wall clean vpn approach for the mobile work force (20)

Sonic Wall Product Line Brochure
Sonic Wall Product Line BrochureSonic Wall Product Line Brochure
Sonic Wall Product Line Brochure
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome Kit
 
Solution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureSolution Guide Secure Access Architecture
Solution Guide Secure Access Architecture
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
 
Product brochure-print-spread
Product brochure-print-spreadProduct brochure-print-spread
Product brochure-print-spread
 
Insecure mag-19
Insecure mag-19Insecure mag-19
Insecure mag-19
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
fortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurfortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeur
 
Enterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISEEnterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISE
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
 
CYRENWebSecurity
CYRENWebSecurityCYRENWebSecurity
CYRENWebSecurity
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Show
 
Protecting the movable Endeavor with Network-Based validation and Virtual Com...
Protecting the movable Endeavor with Network-Based validation and Virtual Com...Protecting the movable Endeavor with Network-Based validation and Virtual Com...
Protecting the movable Endeavor with Network-Based validation and Virtual Com...
 
Building the Anytime, Anywhere Network
Building the Anytime, Anywhere NetworkBuilding the Anytime, Anywhere Network
Building the Anytime, Anywhere Network
 
2020 IEI PUZZLE series network appliance brochure
2020 IEI PUZZLE series network appliance brochure2020 IEI PUZZLE series network appliance brochure
2020 IEI PUZZLE series network appliance brochure
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx
 
Sonicwall wireless & sra
Sonicwall wireless & sraSonicwall wireless & sra
Sonicwall wireless & sra
 
Top firewall companies 2020 converted
Top firewall companies 2020 convertedTop firewall companies 2020 converted
Top firewall companies 2020 converted
 
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAWIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
 

Plus de Icomm Technologies

Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
Icomm Technologies
 
Icomm agentless-architecture
Icomm agentless-architectureIcomm agentless-architecture
Icomm agentless-architecture
Icomm Technologies
 

Plus de Icomm Technologies (20)

The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks
 
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
 
The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.
 
Swivel Secure and Office 365
Swivel Secure and Office 365Swivel Secure and Office 365
Swivel Secure and Office 365
 
Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
Top 10 Trends in Telecommuting
Top 10 Trends in TelecommutingTop 10 Trends in Telecommuting
Top 10 Trends in Telecommuting
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Tackling consumerization of it
Tackling consumerization of it Tackling consumerization of it
Tackling consumerization of it
 
Office 365-technical-overview-deck
Office 365-technical-overview-deckOffice 365-technical-overview-deck
Office 365-technical-overview-deck
 
Icomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paper
 
Icomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm cloud-backup-overview
Icomm cloud-backup-overview
 
Icomm agentless-architecture
Icomm agentless-architectureIcomm agentless-architecture
Icomm agentless-architecture
 
Efficiently protect-virtual-machines
Efficiently protect-virtual-machinesEfficiently protect-virtual-machines
Efficiently protect-virtual-machines
 
Cloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesCloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devices
 
Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.
 

Dernier

Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Abortion pills in Kuwait Cytotec pills in Kuwait
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
lizamodels9
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Renandantas16
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Dipal Arora
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Delhi Call girls
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 

Dernier (20)

KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 

The sonic wall clean vpn approach for the mobile work force

  • 1. The SonicWALL Clean VPN Approach for the Mobile Workforce A Clean VPN approach delivers layered defensein-depth protection for the core elements of business communications. CONTENTS A Network of Personal Devices 2 Endpoints—and Threats—are Everywhere 2 The SonicWALL Clean VPN Approach 3 Conclusion 6
  • 2. Abstract The consumerization of IT and “bring-your-own-device” policies have made it more challenging for IT to secure network access for mobile laptops, smartphones and tablets. The SonicWALL® Clean VPN™ approach unites SSL VPN secure remote access and Next-Generation Firewall technology to deliver layered defense-in-depth protection for the core elements of business communications: the endpoints and users; the data and application resources; and the traffic connecting them. A Network of Personal Devices Employees now work anywhere at any time. In the US alone, half of all information workers now split their i time between the office, home and other remote locations. Mobile workers need constant access to key corporate information on the network. The notion that employees conduct business only on IT-issued equipment within the traditional network perimeter is passé. To extend their workday and increase efficiency, employees rely upon the same technology—including laptops, smartphones and tablets—they use in their personal lives. In fact, the majority of new technologies adopted by enterprises are based in consumer products. This ii consumerization of IT has empowered end-users to determine what computing platforms they use to do their work, whether in the office, at home or on the road. As a result, IT is losing control over what endpoint devices connect to the network. Increasingly, companies are embracing this concept by establishing “bring your own device” (BYOD) policies that enable employees to select their own personal mobile devices for use at work. Allowing employees to use their own privately purchased mobile devices also adds the budgetary incentive to offsetting upfront hardware inventory costs. There are subtle yet significant distinctions between consumer mobile device platforms. For instance, laptops generally require greater endpoint control than smartphones and tablets, because these latter devices typically can only download applications that have undergone stringent white-list screening. (This does not apply, of course, to devices that have been jailbroken or rooted to allow the downloading of nonwhite-listed apps.) For unmanaged laptops in particular, remote access security demands using reverse proxy portal access or a virtual private network (VPN) tunnel with endpoint control. This enables IT to see if the proper security applications are running on the device, and enforce security policy to allow, quarantine or deny access based on defined security policy. ® ® ™ Mobile platforms based on Apple iOS and Google Android platforms are generally perceived to be safer since most application distribution is done through white-listed stores only. Regardless, it would be a mistake to simply trust either the applications or the data flowing through such devices. Threats do exist, and there are multiple ways to take advantage of devices if security is not implemented specifically for these platforms. Endpoints—and Threats—are Everywhere Threats and vulnerabilities exist and continue to evolve. To protect the corporate network from these threats, IT must recognize that all mobile devices should be untrusted and all access outside the corporate network is beyond IT control. Smartphones and tablets are not immune. Globally, the number of malware attacks on iii Android devices increased 400 percent year-over-year 2010-2011. There is also potential for data loss and leakage, whether by theft, unauthorized transmission or unauthorized access, even on supposedly “unhackable” smartphone platforms. Mobile devices can retain sensitive or proprietary data while connected to the corporate wireless network and then leak it over unsecured cellular to the web via email attachments and FTP uploads. 2
  • 3. IT must take comprehensive measures to protect corporate resources from existing and evolving threats. Data in flight is vulnerable to man-in-the-middle and eavesdropping attack, and must be encrypted. IT should scan all data-in-flight for malware, and prevent internally launched outbound botnet attacks that can damage corporate reputation and get business-critical email servers blacklisted. At the same time, IT should deploy a solution that is capable of inspecting outbound traffic for data leakage, even if that traffic is encrypted. A “Clean VPN”—combining SSL VPN with Next-Generation Firewall—can deliver these protections, and more. The SonicWALL Clean VPN Approach SonicWALL Clean VPN delivers the critical dual protection of SSL VPN and high-performance NextGeneration Firewall necessary to secure both VPN access and traffic. The multi-layered protection of Clean VPN enables organizations to decrypt and scan for malware on all authorized SSL VPN traffic before it enters the network environment. ® The SSL VPN component of Clean VPN leverages SonicWALL Aventail Advanced End Point Control™ (EPC™) to protect the integrity of VPN access. EPC establishes trust for remote users and their endpoint ® ® ® devices (including Windows , Mac OS and Linux -based laptops, Windows Mobile, iOS and Google Android smartphones, using enforced authentication, data encryption, and granular application-layer access policy. EPC can determine if an iOS device has been jailbroken or an Android device has been rooted so that connections from those systems may be rejected or quarantined. Simultaneously, the Next-Generation Firewall component of Clean VPN secures the integrity of VPN traffic. It authorizes VPN traffic, cleans inbound traffic for malware and vulnerabilities, and verifies all outbound VPN traffic in real time. This ensures that end-user data-in-flight receives the same security scanning whether it is from inside or outside the corporate network. SonicWALL Application Intelligence and Control provides granular control and real-time visualization of applications to guarantee bandwidth prioritization for business-critical apps and ensure maximum network security and productivity. SonicWALL offers administrators the flexibility and scalability of deploying Clean VPN in two ways. Administrators may establish a Clean VPN by using the integrated SSL VPN on SonicWALL E-Class Network Security Appliance (NSA) Series, NSA Series and TZ Series Next-Generation Firewalls. Alternately, they may establish a Clean VPN by combining a SonicWALL Next-Generation Firewall with a SonicWALL Aventail E-Class Secure Remote Access (SRA) Enterprise solution or SonicWALL SRA Series solution for small- to medium-sized businesses (SMB). Integrated Clean VPN deployment In an integrated Clean VPN approach, SonicWALL Next-Generation Firewalls, featuring Reassembly-Free ® Deep Packet Inspection (RFDPI) technology, apply tightly integrated intrusion prevention, malware protection, and application intelligence, control and real-time visualization to SSL VPN traffic from laptops, smartphones and tablets. SonicWALL Next-Generation Firewalls scan all inbound and outbound traffic and scale to meet the needs of the highest-performance networks. Tightly integrated application intelligence, control and visualization helps administrators control and manage both business and non-business related applications to enable network and user productivity. An integrated Clean VPN approach enables administrators to prioritize bandwidth available over the SSL VPN for business-critical applications. For SSL VPN access over SonicWALL Next-Generation Firewalls, SonicWALL NetExtender provides thin-client access for Windows, Windows Mobile, Mac OS, and Linux-based systems. 3
  • 4. SonicWALL Mobile Connect™ unified client app solutions for iOS and Google Android provide smartphone and tablet users with superior network-level access to corporate, academic and government resources over encrypted SSL VPN. Only SonicWALL offers Clean VPN™ (when deployed with a SonicWALL Next® ® Generation Firewall) to authorize, decrypt and remove threats from iOS (Apple iPad , iPhone , and iPod ® touch ) or Android traffic over SSL VPN outside the network perimeter. Additionally, SonicWALL Application Intelligence and Control allows organizations to define and enforce how application and bandwidth assets are used. Combined Clean VPN deployment A combined Clean VPN approach features all of the security and SSL VPN elements an integrated Clean VPN deployment, plus the additional SonicWALL Aventail E-Class SRA capability to perform device interrogation and enforce policy-based endpoint controls. SonicWALL EPC (available for Windows, Macintosh and Linux-based devices) integrates unmanaged endpoint protection, Secure Virtual Desktop and comprehensive cache control. EPC offers advanced endpoint detection and data protection for enterprises, by interrogating endpoint devices to confirm the presence of all supported anti-virus, personal firewall and anti-spyware solutions from leading vendors such ® ® ® ® ® as McAfee , Symantec , Computer Associates , Sophos , Kaspersky Lab and many more. When used in conjunction with SonicWALL Mobile Connect policy-based identification and enforcement also extends to iOS and Android. This allows IT to enforce a DeviceID, restrict devices from which users can log in, ensure the presence of client certificates, and determine whether an iOS device has been jailbroken or an Android device that has been rooted. When combined with SonicWALL Next-Generation Firewall as a Clean VPN, E-Class SRA delivers centralized access control and malware protection. SonicWALL Aventail E-Class SRA delivers full-featured, easy-to-manage, clientless or thin-client “in-office” connectivity for up to 20,000 concurrent mobile-enterprise users from a single appliance. E-Class SRA enhances productivity and business continuity with policyenforced remote access to network resources from Windows, Windows Mobile, Apple Mac OS, iOS, Linux, and Google Android devices. Built on the powerful, best-of-breed SonicWALL Aventail E-Class SSL VPN platform, E-Class SRA connects only authorized users to only authorized resources. Moreover, SonicWALL Aventail E-Class SRA solutions support Vasco, RSA, Active Directory, LDAP, RADIUS and SAML, as well as integrated One-Time Password (OTP) generation for two-factor authentication. A combined Clean VPN approach incorporating a SonicWALL Aventail E-Class SRA solution is able to:  Detect the integrity of users, endpoints and traffic from beyond the traditional network perimeter  Protect applications and resources against unauthorized access and malware attacks  Connect authorized users with appropriate resources seamlessly and easily in real time 4
  • 5. An administrator can also establish a combined Clean VPN by connecting a SonicWALL Next-Generation Firewall with a best-selling SonicWALL SRA Series for SMB solution. The SRA Series offers clientless and tunnel access for Windows, Windows Mobile, Mac OS, iOS, Linux and Android, plus optional Web Application Firewall and multi-platform remote support. The SRA for SMB Series offers small- to mediumsized businesses granular unified policy, two-factor authentication, load balancing and high availability. The SRA Series lets authorized mobile workers and contractors connect over SSL VPN using a standard web browser. Easily and flexibly deployed into virtually any network with no pre-installed clients, the SRA Series eliminates costs of deploying and maintaining traditional IPSec VPNs. SonicWALL Virtual Assist permits Windows-based technicians to support Windows, Mac OS or Linux devices remotely. Moreover, the SonicWALL Global Management System (GMS) allows administrators to configure and manage their combined Clean VPN implementation from a single management interface. SonicWALL GMS delivers a flexible, powerful and resilient platform to centrally manage and rapidly deploy SonicWALL appliances and security configurations. In addition, it provides centralized real-time monitoring, and delivers comprehensive policy and compliance reports for even the most stringent auditing and regulatory compliance requirements. In addition, SonicWALL Analyzer delivers an easy to use web-based traffic flow analytics and reporting tool that provides real-time and historical insight into the health, performance and security of the network. Analyzer supports SonicWALL firewalls, backup and recovery appliances, and secure remote access devices while leveraging application traffic flow analytics for security event reports. Organizations of all sizes benefit from enhanced employee productivity, optimized network bandwidth utilization increased security awareness. SonicWALL is the only firewall vendor that provides a complete solution combining off-box application traffic flow analytics combined with granular IPFIX data generated by SonicWALL firewalls. 5
  • 6. Conclusion SonicWALL has strategically positioned itself as an industry leader in pioneering Clean VPN technology solutions for organizations of all sizes by enabling the managed integration of its award-winning Secure Remote Access, Next-Generation Firewall and Global Management System product lines. The integrated or combined deployment of these solutions offers organizations a single solution for defense-in-depth security. A SonicWALL Clean VPN can detect the identity of users and security state of the endpoint device, protect against malware and unauthorized access based on granular policy before authorizing access, and connect authorized users easily to mission-critical network resources. Only SonicWALL is capable of delivering a truly viable Clean VPN, because only SonicWALL can offer granular endpoint control, a unified policy model allowing dynamic access policies, and the revolutionary ultra-high-performance security of Reassembly-Free Deep Packet Inspection over a multi-core processing platform. ©2011 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions are subject to change without notice. 12/11 i ii “Q2 2011 US Workforce Technology and Engagement Online Survey,” Forrester Research, Inc. “Gartner Says Consumerization Will Be Most Significant Trend Affecting IT During Next 10 Years,” Gartner Inc., October 20, 2005 “Android attacks increase 400 percent: report,” International Business Times, May 14, 2011 iii 6