New NetScreen Products Aim to Maximize Productivity without Compromising Security


      Bookmark and Share

BEST PRACTICES SERIES

Increasingly, companies embrace the extranet as a better way to communicate with partners faster and more consistently. But once internal content becomes available outside the firewall, security needs increase exponentially. Thus, the prospect of limiting access to information becomes a daunting task that has traditionally required elaborate hardware and software deployments and administration. It is to combat this formidable combination of IT cost and difficulty that NetScreen Technologies, Inc introduced the latest version of its Neoteris Instant Virtual Extranet (IVE) platform in February. NetScreen also announced a new Secure Access Central Manager product line to provide additional operational efficiencies for NetScreen's enterprise customers with globally distributed SSL VPN gateway deployments.

According to Vivian Ganitsky, NetScreen's product line manager, "Every enterprise is setting up extranets for partners as well as finding an increased need to secure internal information, but there's a need for affordable ways to do this. Our technology is applicable for intranet and extranet markets as well as remote access, and the functionality we've added in 4.0 is essential for secure extranets." Ganitsky says that many of the changes in this version were made in response to customer demand. "Some important customer requests," she says, "were role-based delegation, policy management, logs, reports, and the ability to perform administrative tasks in a very detailed way, but specific to a given administrator." The company's Central Manager addresses this latter need by allowing for a master gateway that provides more consistent security and efficient administration. The product's role-based administration allows for remote individuals to be assigned specific administrative tasks suited to their role (or even location) within an organization.

Ganitsky has seen that, "with the advent of the Internet, everyone wants to share information, but to date the solutions to protect that information have been access-management solutions, which are effective but complicated and costly." Unlike traditional distributed software-based extranet/intranet security solutions, NetScreen's Secure Access (SA) Appliances (formerly known as the Neoteris Access Series) provide a less costly, scalable, and secure access management policy-enforcement solution in an appliance form factor. To point out the need for an alternative to existing solutions, Ganitsky cites a Gartner report that says access-management solutions "have only been deployed to 2,500-4,000 customers worldwide," she says, "They are valuable but limited to corporations that can afford million-dollar solutions. What we're proposing to do is to provide the same type of capabilities that these products have on the policy enforcement side, at a much lower cost."

But cost isn't everything. In fact, NetScreen believes that the vast majority of IT decisions made in the coming years will be predicated on security. In this version of its SA appliances, NetScreen has emphasized dealing with the potential variables associated with diverse extranet users. For example, security would not simply be based on username and password, but also on the individual's location at the moment they are accessing the extranet, along with factors like browser type, time, endpoint security, and more. "We combine all of these variables and dynamically calculate what access the user should have at a given time," says Ganitsky.

The NetScreen SA appliance also features customization and delegation functionality for enhanced end-user productivity. It offers support for multiple hostnames, which enables a transparent user experience by providing customized entry points with logical access URLs for differing user groups. Granular role-based delegation helps eliminate IT bottlenecks by distributing the workload among qualified personnel. Administrators can delegate control of diverse internal and external user populations to the appropriate parties, associating real-time control with business, geography, and functional needs.

"The basic need," according to Ganitsky, "is that as more enterprises open their systems to access information, there needs to be more control over what is seen. As they bring more and more users in, they need to make sure that these users only get access to the right resources." With the latest version of its products, she says NetScreen seeks to, "maximize productivity by sharing all this information, but without compromising security."