 |
||||||||
     |
||||||||
 |
||||||||
|
Due to the rising corporate mobile workforce Genesys
Technologies provides a variety of product that will help companies to
secure connections between mobile employees working outside of
corporate premises and the enterprise networks.
In addition, the need to identify that only valid users access the enterprise networks and apply policies based on user's corporate roles has enabled for the development of captive-portal technologies that provide these services. Some Notes on Authentication Portals and VPN Technologies A virtual private network (VPN) is a computer network that is layered on top of an underlying computer network. The term VPN can be used to describe many different network configurations and protocols. Secure VPNs explicitly provide mechanisms for authentication of the tunnel endpoints during tunnel setup, and encryption of the traffic in transit. Often secure VPNs are used to protect traffic when using the Internet as the underlying backbone, but equally they may be used in any environment when the security level of the underlying network differs from the traffic within the VPN. Secure VPNs may be implemented by organizations wishing to provide remote access facilities to their employees or by organizations wishing to connect multiple networks together securely using the Internet to carry the traffic. A common use for secure VPNs is in remote access scenarios, where VPN client software on an end user system is used to connect to a remote office network securely. Secure VPN protocols include IPSec, SSL or PPTP. Trusted VPNs are commonly created by carriers and large organizations and are used for traffic segmentation on large core networks. They often provide quality of service guarantees and other carrier-grade features. Trusted VPNs may be implemented by network carriers wishing to multiplex multiple customer connections transparently over an existing core network or by large organizations wishing to segregate traffic flows from each other in the network. Trusted VPN protocols include MPLS, ATM or Frame Relay. Trusted VPNs differ from secure VPNs in that they do not provide security features such as data confidentiality through encryption. Secure VPNs however do not offer the level of control of the data flows that a trusted VPN can provide such as bandwidth guarantees or routing. Mobile VPNs handle the special circumstances when an endpoint of the VPN is not fixed to a single IP address, but instead roams across various networks such as data networks from cellular carriers or between multiple Wi-Fi access points. Mobile VPNs have been widely used in public safety, where they give law enforcement officers access to mission-critical applications, such as computer-assisted dispatch and criminal databases, as they travel between different subnets of a mobile network. They are also used in field service management and by healthcare organizations, among other industries. Instead of logically tying the endpoint of the network tunnel to the physical IP address, each tunnel is bound to a permanently associated IP address at the device. The mobile VPN software handles the necessary network authentication and maintains the network sessions in a manner transparent to the application and the user. The Host Identity Protocol (HIP), under study by the Internet Engineering Task Force, is designed to support mobility of hosts by separating the role of IP addresses for host identification from their locator functionality in an IP network. With HIP a mobile host maintains its logical connections established via the host identity identifier while associating with different IP addresses when roaming between access networks.. Authentication Portals Authentication portals are used to identify and users and apply diferent levels of corporate policies and access based on user's assigned roles. Secure Sockets Layer virtual private network (SSL VPN) is a kind of VPN that runs on Secure Socket Layers technology and is accessible via https over web browsers. It permits users to establish safe and secure remote access sessions from virtually any Internet connected browser, by employing an authentication portal. SSL functions between the Transmission Control Protocol (TCP) layer and Application Layer protocols. Traditional VPN requires the installation of IPsec client software on a client machine before a connection is established whereas SSL VPN has no such requirement. For businesses, SSL VPN offers versatility, ease of use and secure, remote access to road warriors, telecommuters, partners and customers who can access the corporate network from multiple locations including home, client networks, public kiosks, and hotspots over varied devices like laptops, mobile devices and home and public desktops. This makes SSL VPN unique in providing anywhere, any device remote access which is not possible with other VPN solutions.
|
||||||||
