Enterprises
are increasingly virtual communities, where employees
rely on anywhere corporate network access to
keep them connected and productive. Adding a virtual private
network (VPN) is becoming a preferred solution for supplying
users with access to the corporate network across the
Internet. With a VPN, remote users can employ an ISP or
other commoditized/flat fee access method, reducing costs
compared to a dedicated line or dial-up. Celestix RAS3000 delivers the best total cost of ownership in the industry.
The VPN capabilities
powered by Windows Server 2003 deliver:
 Robust, scalable security technologies
A standards-based platform
Centralized and often automated management
Low cost of ownership
Remote Access VPN Architecture Overview
Product Highlights
•
No client deployment necessary for remote Windows machines.
• Leverages preexisting Windows authentication
and network services.
• Endpoint compliance and Quarantine control.
• SSL VPN for Exchange Server 2003.
• Flexible design provides support for both remote
access and WLAN security.
• Enhanced security through user-level access
policies, reporting, and alerting.
• No Client Access Licenses (CALs).
Features
and Benefits
• Integrates with existing
IT infrastructure for centrally managing authentication,
user policies, and IP addresses. User
credentials and policies can be managed in Active Directory
and be easily enforced on the Celestix RAS appliance.
This feature enhances enterprise security and reduces
management overhead.
• Supports the native VPN
client found on all Windows OS clients. (Windows 95/98/ME/NT/2000/2003/XP and PocketPC 2002/2003);
i.e. there is no installation of VPN client software
or additional client-based licensing fees.
• SSL VPN for Exchange
Server 2003. This SSL VPN enhancements allow remote corporate users
to connect to their corporate Exchange Server by using
Outlook clients to access emails and folders without
a VPN connection. Any remote users with a notebook computer
can launch Outlook at work, pick up email, take the
notebook home, plug it in, and get new email without
adjusting any settings.
• Endpoint Compliance. This endpoint compliance increase security
protection for the enterprise network by temporarily
quarantining users before they are granted access to
the LAN. Now enterprises can both verify that their
network users are in compliance with IT endpoint security
policies and, if needed, update users' endpoint systems
to bring them into compliance at once.
• Provides comprehensive
real-time functions such as monitoring and alerting. Because the appliance
is event-driven, real-time alerts based on predefined
criteria are possible. You can log alerts, get paged/emailed,
or run an application if certain rules are met.
• Provides granular user-level
historical reports. Visualization of
information is possible through charting. No additional
costs are involved for this function or separate software
running on additional servers is required.
• Allows setting granular
remote access policies. The appliance can accept/reject connections and enforce
restriction on the allowed connections. You can enforce
user-level policies such as allowing specific user/group
access to http resources on specific servers. Also,
the Celestix RAS appliance provides a means to enforce
client policies, such as only accepting connections
from clients that have their OS updated with patches
for security vulnerabilities.
Resources
Virtual
Private Networking:
Frequently Asked Questions
This page addresses frequently asked questions about
virtual private networking in the Windows family of
operating systems.
Microsoft
L2TP/IPSec VPN Clients
The Microsoft L2TP/IPSec VPN Client allows
computers running Windows 98, Windows Me, and Windows
NT Workstation 4.0 to use L2TP connections with IPSec.
This page introduces the client and provides installation
instructions as well as the link to download the client.
L2TP/IPSec
NAT-T Update for Windows XP and Windows 2000
Learn about the L2TP/IPSec NAT-T Update for Windows
XP and Windows 2000, which includes improvements to
IPSec to better support VPN clients behind network address
translation (NAT) devices by implementing IPSec NAT-traversal
(NAT-T).
The
Remote Access and VPN Case Study: Security
Topics for Connectivity/VPN/RAS
General information, troublshooting guides,
configuration white papers, and more. |
