|
Powerful SSL VPN Protection
Netilla’s breadth of security
features means that you gain the efficiency and financial
rewards brought by simple, timely remote access, while your
business-critical resources remain safe from potential risks.
Protection of internal network
resources with the Netilla Service Platform (NSP) begins with
the browser-embedded SSL (secure sockets layer) protocol for
encryption, site authentication, and session integrity. Once a
secure connection is established, the NSP offers increased
protection to the network by dynamic enforcement of external
authentication and rule-based policies that define user
privileges. The NSP integrates seamlessly with existing security
solutions already in place, such as leading 2-factor
authentication systems and the prevailing policy engines that
protect today’s enterprise environment. To keep the platform
itself protected from intrusion, the NSP incorporates an
internal stateful-inspection firewall and an automated security
update capability to maintain a hardened position. To further
guard private network resources, sophisticated endpoint client
integrity scans, built-in application layer proxy technology and
a dynamic session-based firewall reduce the risk of malicious
intrusion from client machines during access sessions.
ICSA Labs® Security
Certification
As security becomes an even
higher priority for the global business community, IT decision
makers need independent guidance from third-party organizations
they can trust. Netilla proudly meets this requirement need
through ICSA Labs’ Certified SSL VPN program. This coveted stamp
of approval from ICSA Labs, an independent division of TruSecure
® Corporation, indicates that our Netilla Security Platform has
successfully passed a rigorous set of functional and security
requirements, and is in full compliance with ICSA's rigorous
security standards.
To achieve certification, the
Netilla Security Platform also met the requirements outlined in
ICSA Labs’ Cryptography Product Certification Program. Meeting
these requirements ensures that the Netilla Security Platform
has implemented the cryptographic mechanisms correctly and that
it has passed ICSA Labs' rigorous cryptographic tests.
The ICSA Labs SSL VPN
Certification program is an independent and comprehensive
process that tests, assesses, and validates SSL VPNs in a
simulated, real-world, internet-worked environment on a
continuous basis. Unlike other testing organizations, ICSA Labs
testing criteria are publicly posted for review by target
industry groups such as vendors and industry experts. More
information can be found at
http://www.icsalabs.com. |
Netilla
dynaTRUST™
The Netilla dynaTRUST O/S lets enterprises provision dynamic
trust-based access to applications and data on the basis of four
key variables: a user’s identity, entitlements, environment and
client integrity. Unlike other SSL VPN products that merely
allow remote users to connect to their enterprise networks, the
Netilla dynaTRUST O/S offers a policy-based approach that
governs access to applications by all authorized users – remote
and internal, trusted partner or employee. By simultaneously
authenticating users, enforcing policy and ensuring client
integrity, Netilla dynaTRUST speeds the evolution from today’s
static access control to the dynamic provisioning of trust-based
access to network resources.
Netilla dynaTRUST enforces 100% policy compliance, making the
remote endpoint a safer place to do business by enforcing policy
compliance. For more about the Netilla dynaTRUST O/S, please
refer to our white paper: The Future of Secure Application
Access Management (SAAM) in our Case Study download page.
Netilla SecureRealm
Framework™
The Netilla SecureRealm
Framework, a policy management system, provides an easy means of
granular identity and policy access management through the
creation of authentication and authorization user realms. The
Netilla SecureRealm Framework uses existing security
infrastructures to leverage the power and security of external
servers containing sensitive password or policy information.
The Netilla SecureRealm
Framework provides a system that combines authorization schemes
(RSA SecurID, Vasco DigiPass, Kerberos, RADIUS, Windows SMB, for
example) with policy mechanisms (Windows Group, Local Policy),
arranged into logical groups, or realms. Each realm can then be
used to control access on an individual or group-by-group basis.
The unique capability to
logically stack multiple protocols into an authentication and
authorization scheme for different users – inside or outside the
organization – delivers a highly manageable security system for
different user groups with different levels of trust. Bolstering
this functionality is the NSP’s exclusive ability to pull policy
information at each authentication challenge, further refining
the user’s capabilities. The result is powerful, granular
control over access to resources within a flexible,
easy-to-mange architecture.
Netilla Software Upgrade
GeNIE™
All Netilla Security Platforms come with the Netilla Upgrade
GeNIE (General Netilla Installation Engine), which automates the
process of software and security upgrades and updates, saving
time and money for both resellers and end-users. The Netilla
GeNIE can quickly analyze your customer’s current platform, so
that only the minimum required new modules are installed. The
system also preserves user profiles and system configurations
when performing upgrades.
Dynamic Firewall
The NSP incorporates a dynamic session-based firewall for
additional protection when supporting SSL tunneling between a
local desktop/laptop and central servers. The dynamic firewall
opens and closes ports between the NSP and application servers,
as defined by policy tools for particular users. In this way,
the NSP effectively “locks-down” application access on a
per-user basis, providing powerful control over a user’s ability
to launch local client/server applications.
Application Layer Proxy
The NSP is able to deliver its rich set of application access
modes by functioning as an “Application Layer Proxy”.
Application-layer proxies protect internal data from direct
exposure to the Internet in two important ways. First, web and
application servers are never directly “touched” by remote
users. Access is only through a “proxy” – the NSP itself – that
terminates and translates application protocols before they are
allowed to reach the internal network.
Second, an application-layer
proxy boosts security by applying authentication and policy
before allowing connections to application servers. Because
termination occurs at the NSP, security can be applied before
data requests are transmitted to private network application
servers.
This powerful story means that
an organization can extend applications to remote users over the
Internet without having to place application servers in a
publicly accessible area. Placing application servers in such a
“Demilitarized Zone” (DMZ) would require much hardening to lock
down and protect. Instead, with the NSP, application servers can
remain safe on the private network behind the firewall, and are
never exposed to the public network.
By providing secure, simple,
Web-based access to remote applications and data, the NSP gives
organizations of all sizes the productivity edge they require to
excel. For more technical information about the Netilla Security
Platform, visit Netilla’s white paper download page. |
