Today, with the rise of cloud computing, we have a redefined vision of IT. Organizations are increasingly diversifying their IT infrastructure and moving from physical to a mix of physical, virtual, and cloud environments. This transformation in the datacenter is bringing new challenges in getting secure and consistent connectivity across different IT systems, cloud services, and plethora of devices. In virtualized and cloud computing environments, legacy perimeter security solutions are not fully equipped to provide seamless connectivity, critical for utilizing the benefits from scalable, agile, and cost effective cloud infrastructure.
The tightly integrated features of the Cloud Edge Security Appliance ensures secure and seamless connectivity across datacenter and cloud resources.
Workplace Join works in conjunction with Web Application Proxy by letting users register their personal devices with Active Directory. Organizations can even drive conditional access to applications for these Workplace-Joined devices based on their attributes stored in the directory.
The new re-designed dashboard provides simplified monitoring for Remote Access services and client connections from a single screen in the Comet web user interface. Graphical tools offer easy reference, and statistical data summarizes Direct Access & VPN usage.
Access and manage Celestix E Series Cloud Edge Security appliance through a simple and intuitive web-based user interface, Celestix COMET Management Web Interface. All the components that required to configure and deploy your DirectAccess, VPN, WorkFolders, Web Application Proxy are provided in this management tool.
The new interface is a HTML 5 based web interface that can be administrated securely on any mobile devices.
This is a feature that not available in the standard Windows Server 2012 R2 DirectAccess. When enabled, the kill-switch will instantly disconnect the DirectAccess connection to the corporate networks, in the event the mobile device or notebook computer is compromised or lost.
Now you can configure Web Application Proxy and Microsoft Workfolders for your mobile works in just a few minutes. The wizard is a step-by-step workflow that guides you through the necessary steps to configure the tasks out of the Celestix management interface without running PowerShell scripts.
Access and monitoring the active DirectAccess and VPN tunnels’ statistics in real times. Monitoring DirectAccess and VPN clients can be analyzed on an on-demand basis, to get a feel for how your current remote access performance is impacted by the number of concurrent users and clients.
Access and manage Celestix E Series Cloud Edge Security appliance through a simple and intuitive web-based user interface, Celestix COMET Web Management Interface. With a diverse suite of network connectivity options, the E Series reduces administrative overhead of both set up and management for any type of infrastructure, whether it be on-premises, virtual, or cloud.
Celestix appliances are preconfigured with Windows Server 2012 R2 and are ready to deploy once unpacked. Administrators can forego the time-consuming* tasks of installing the OS and building the server. Instead, they get to focus immediately on configuring features.
The new release is packed with functionality like simplified configuration, enhanced reporting, and remote monitoring. Once configured, administrators can monitor and manage features from a work station; no need for KVM or RDP access to the appliance.
Remote Access functionality includes multiple options, some of which require additional services that can introduce conflicts. Setting up the E Series offers convenient installation for Remote Access roles and doesn’t allow incompatible features to be configured. Each deployment strategy will customize the available options as best suited to organizational needs. Necessary features are enabled or disabled with one click.
Infrastructure maintenance requires evaluation and oversight. The dashboard provides simplified monitoring for Remote Access services and client connections from a single screen in the Comet web user interface. Graphical tools offer easy reference, and statistical data summarizes Direct Access & VPN usage.
Metrics are essential for IT controls, and are useful for evaluating progress towards Remote Access strategy objectives. Four predefined reports include date and output customization for oversight, auditing, and compliance requirements.
Troubleshooting when clients are unable to connect to the corporate network using DirectAccess can be challenging. The E Series includes a tool by Microsoft to collect client-side data which is automatically uploaded as a log file to the appliance. Administrators can review log data online or download it as report. The tool is a simple application end users download and then double-click to run.
If administrators require advanced configuration, the E Series includes a convenient link for quick access to the Windows Server Remote Access management console.
*For more information on the benefits of choosing an appliance, read the whitepaper.
Celestix E Series Cloud Edge Security Appliance, offers dedicated hardware and management software for end to end management of secure access to on-premises and cloud resources. This out of the box solution reduces the cost and complexity of tying together diverse connectivity options. It empowers IT administrators to handle datacenter and cloud workloads smoothly; to support employees wherever they work; and to integrate employees’ personal mobile devices into the enterprise fabric.
The Celestix Cloud Edge Security Appliance (CESA) is a dedicated, purpose-built hardware appliance delivering the Windows Server 2012 R2 Unified Remote Access role including Microsoft DirectAccess. It is a platform that is designed to reduce deployment time, streamline management, and improve performance. The heart of CESA is the Comet appliance management engine, which has been completely rewritten for CESA 2.0.
Yes. Although nearly all aspects of the appliance can be configured and managed exclusively using the Comet 2.0 web-based management interface, there are scenarios where having access to the appliance desktop is required.
Comet 2.0 includes an enhanced diagnostic tool that is designed to streamline and simplify DirectAccess client connectivity troubleshooting. You can provide an end user with the link to the diagnostics page (published using an existing reverse proxy). When a user navigates to the page and clicks on the link to the troubleshooting tool, diagnostics will run on the client and then output will be uploaded to the appliance for review.
Yes. Reports can be exported in either PDF or CSV file formats.
Yes. Historical activity reports can be access by clicking Remote Access Reports under the CESA section in the main dashboard. By default, all historical activity is displayed. Additional details can be found by clicking on an individual entry. Data can be filtered by selecting one of the Filter options, including start time, user name, hostname, connection type, and protocol. An additional search field is included to perform custom queries.
Comet allows you to proactively terminate active remote access sessions. This feature is not available using the native Microsoft management tools. There are three options for disconnecting a session. Reset Connection terminates the active session and forces the client to reconnect. Disable will deactivate the client’s Active Directory (AD) computer account and terminate the active session, temporarily preventing the client from reconnecting until the account is re-enabled. Remove will delete the client’s AD computer account and terminate the active session.
The Remote Access Dashboard provides an instant view of current remote access connectivity on the Celestix E Series appliance, and includes intuitive charts and graphs, broken down by the number and types of connections made. Clicking on the Active Connections icon will show current remote access connections. Additional detailed information about a specific connection can be found by clicking on any entry in the list.
Clicking Features under the CESA section of the main dashboard allows you to install or remove features supported by the appliance.
Comet 2.0 provides support for creating appliance images (snapshots) that can be restored in the event of a configuration error or disaster event. Images can be performed online or offline. Images can be viewed, restored, deleted, and scheduled using Comet 2.0. Current imaging status information is also available.
All networking can be configured using Comet 2.0 by clicking Network under the System section on the main dashboard. You can view current status and manage configuration, including IP address assignments. In addition, you can access global settings such as DNS suffix information and the HOSTS file, the routing table, and view and configure static routes.
Comet 2.0 features a robust online help system that includes detailed, contextual information about Comet 2.0 and the appliance. It can be accessed at any time by clicking Help at the top of the screen.
Both Work Folders and Workplace Join can be enabled easy via Celestix Comet Web Interface.
With Work Folders users can store and access work files on personal computers and devices, often referred to as bring-your-own device (BYOD), in addition to corporate PCs. Users gain a convenient location to store work files, and they can access them from anywhere. Organizations maintain control over corporate data by storing the files on centrally managed file servers, and optionally specifying user device policies such as encryption and lock-screen passwords.
Work Folders can be deployed with existing deployments of Folder Redirection, Offline Files, and home folders. Work Folders stores user files in a folder on the server called a sync share. You can specify a folder that already contains user data, which enables you to adopt Work Folders without migrating servers and data or immediately phasing out your existing solution.
By using Workplace Join, information workers can join their personal devices with their company’s workplace computers to access company resources and services. When you join your personal device to your workplace, it becomes a known device and provides seamless second factor authentication and Single Sign-On to workplace resources and applications. When a device is joined by Workplace Join, attributes of the device can be retrieved from the directory to drive conditional access for the purpose of authorizing issuance of security tokens for applications. With Celestix Cloud Edge, Windows 8.1 and iOS devices can be joined by using Workplace Join.
|Type of Business||Designed for small to mid-sized enterprises||Designed for large and multinational enterprises||Designed for large and multinational enterprises|
|Recommended Users||Below 500 concurrent users||500 to 3,000 concurrent users||Up to 5,000 concurrent users|
|CPU||Intel i5||Intel E3||2 x Intel E5|
|Memory||8GB||16 GB||16 GB|
|Hard Drive||SATA-II Hard Drive||2 x SATA-II hot-swappable hard drive||4 x SATA-II hot swappable hard drive|
|Disk Mirror RAID||-||RAID 1||RAID 6|
|Gigabit Ethernet Ports||6||6||8|
|Power Supply||220W auto-switching universal 110/220V AC power supply||Redundant hot-swappable power supply – 2 x 500W||Redundant hot-swappable power supply – 2 x 500W|
|Dimensions (H x W x L)||1.75″ x 17.3″ x13.0″||1.75″ x 17.3″ x 15.7″||3.5″ x 17.4″ x 26″|
Celestix E Series Quick Start Guide|
This guide is intended to help system administrators install and configure a new appliance with a base level setup as quickly as possible.
Celestix Cloud Edge Security: Why an appliance|
This whitepaper discusses the benefits of deploying an appliance versus a conventional 2012 R2 server for Remote Access. Learn how a purpose built appliance can save installation time, ease configuration tasks, and reduce licensing costs.
Security Considerations for DirectAccess Deployments|
This white paper serves as an overview of security features in DirectAccess. It will explain in detail how the authentication process works, provide insight in to optional security configurations, compare DirectAccess with traditional client-based VPN, explore the differences between split and force tunneling, and outline how to address lost or stolen DirectAccess devices.