EX-1500{tm}
Transcription
EX-1500{tm}
product Family data s heet A V E N T A I L ® ™ ™ EX-1500 & EX-750 Aventail’s award-winning SSL VPN appliances provide clientless anywhere access to employees and business partners, and increased control over security and cost. The Aventail EX family of SSL VPN appliances The technologically advanced Aventail family of SSL VPN appliances includes the Aventail® EX-1500™ and the Aventail® EX-750™. The Aventail EX-1500 is our scalable, enterprise-class solution. It offers integrated high availability that ensures end users round-the-clock access to critical information. The EX-750 brings the advantages of Aventail’s secure and easy-to-manage VPN solutions to small to mid-size companies. • Transparent access with Aventail® OnDemand™, a small Java agent, for client/server applications. • Aventail® Connect™, a Web-delivered Windows client, for convenient, complete application access with additional network and desktop protection. • Access method—as well as security level— is automatically determined and deployed for ultimate security and ease-of-use. By offering the broadest range of access options in the market and making them available through Aventail® ASAP™ WorkPlace, a personalized, policy-driven, secure remote access portal, Aventail increases user productivity without sacrificing security. For administrators, Aventail’s intuitive, Web based Aventail® ASAP™ Management Console (AMC) and object-oriented policy model offer the most powerful control with the least amount of work. Unique in the Aventail EX-750 industry, Aventail® Unified Policy™ You are a small to mid-size provides centralized administration company, an enterprise and a single setup covering all department, or you have a remote facility. You need to resources and access methods. Now, regardless of whether you’re supporting thousands of users or fewer than 50, you can realize the security, productivity, and cost-savings of an Aventail SSL VPN. Aventail EX-1500 You are a large enterprise with thousands of remote access users. You need high availability to ensure anytime access to critical applications. The EX-1500 offers: • A scalable, enterprise-class clientless remote access solution based on Aventail’s proven SSL VPN platform. • Clustering and high availability (HA) support with integrated load balancing. • An ideal solution if you plan to grow to more than 50 concurrent users in the next 12-18 months. support up to 50 concurrent remote access users. The EX-750 offers: • The advantages of Aventail’s proven, secure, and easy-tomanage SSL VPN platform at a lower cost. • A cost-effective unit intended for standalone use. • An ideal solution if your user base will not grow beyond 50 concurrent users. Aventail® Smart Access™ options deliver today’s most complete SSL VPN solution Aventail SSL VPN appliances deliver everything you need to provide secure access to any application from any device. Our secure application access platform is designed to provide practical, easy-to-use anywhere access for the user, and simple manageability, usability, and risk mitigation for the administrator. For end users, Aventail® Smart Access™ offers a seamless access experience: • Clientless Web browser access for Web applications and file shares Aventail End Point Control While the productivity benefit of providing anywhere remote access is clear, so is the risk: You now deliver access from places and devices IT cannot possibly control. Aventail® End Point Control™ (EPC) addresses these inherent security threats through Device Interrogation—eliminating risks before authentication, Policy Zones—associating access with level of trust, and data protection— preventing users from leaving confidential information behind in unmanaged environments such as at a kiosk. Aventail handles each of these areas with more depth, ease of use, and security than other vendors do. For example, Aventail provides data protection features such as Aventail® Cache Control™ for advanced cache cleaning and Aventail® Secure Desktop™, which encrypts user’s local data and destroys it at the end of the session. For additional protection against the full range of remote access threats, Aventail integrates with our technology partners’ firewalls, intrusion detection, virus protection, and other client-side security offerings. At a glance: Clientless Simple access to Web, client/server, and legacy applications, as well as to file shares from any device, anywhere, over any network. Secure Granular access control, aliased URLs, full authentication support, and hardened appliances reduce risk. End Point Control ensures security from untrusted, semi-trusted, and trusted environments. Leading policy management Aventail® Unified Policy™ delivers sophisticated object-based policy management that simplifies and streamlines complex access rules into one rule set that can be intuitively managed from a single page. Broad application and platform support Microsoft Outlook, Lotus Notes, SAP, PeopleSoft, Oracle, and Citrix, to name a few. Get browser-based access from Windows, Pocket PC, Linux, or Macintosh platforms. High availability Integrated load balancing and active/active stateful failover on the EX-1500 for a highly reliable SSL VPN solution without the added cost of a third-party load balancer. Scalable Innovative technology grows to meet your organization’s remote access needs. Immediate ROI Unified Policy and no IPSec clients to manage mean lower administration costs. Transparent end-user experience reduces support costs. Broader access increases productivity. Aventail: the leading SSL VPN product company Aventail is the leading SSL VPN product company and the authority on clientless anywhere secure access. Aventail’s appliances and managed services deliver secure, seamless access from anywhere, to any application, on any device. Positioned in the Leader quadrant in Gartner’s 2004 SSL VPN Magic Quadrant and ranked as a Leader in the 2004 METAspectrum report on SSL VPNs, Aventail also was recently awarded “Best VPN” by SC Magazine. Major service providers such as AT&T, MCI, Sprint, and Bell Canada have built their SSL VPN managed service businesses on Aventail’s SSL VPN technology. To find out what Aventail customers like Aetna, DuPont, Office Depot, TNT, and Sanyo already know about Aventail’s SSL VPN, go to www.aventail.com. ® ™ Standard Web Browser Aventail OnDemand Secure clientless access to Web applications and file shares from a standard SSL-capable browser. Downloadable Java agent for secure access to client/server applications. Optimal for: • Teleworkers and other personal PC users • Windows (including Pocket PC), Linux, and Macintosh • Business partners • Desktops not managed by IT • Pocket PC users Optimal for: • Casual remote access • Web-only users • Business partners ® Aventail Connect Corporate Headquarters: 808 Howell Street Seattle, WA 98101 • Tel 206.215.1111 1.877.AVENTAIL (U.S.) • Fax 206.215.1120 www.aventail.com Aventail EMEA: Tel +44 (0) 870 240 4499 emea@aventail.com Aventail Asia-Pacific: Tel +65 6832 5947 asiapac@aventail.com Aventail® Smart Access™ transparently determines the best access method without user intervention. Users can securely and easily access a broad range applications from anywhere. ™ Web-delivered Microsoft Windows client for complete, self-updating, secure application access with additional network and desktop protection. Optimal for: • Remote access power users • Wireless LAN users • Desktops managed by IT Technical Specifications | Feature Specifications SECURITY • File system access controls Windows domain Network & Device Protection • Split Tunneling Control (Connect) • • Windows Server UNC • Hides internal DNS namespace and IP addressing scheme • Full-path UNC • URLs can be aliased • Hardened against attack • Prevents direct connections to internal network • TCP/UDP port restrictions Authentication Methods • Server-side digital certificates, independent of end-user authentication method • Username/Password • Client-side digital certificates • RSA SecurID and other onetime password tokens Directories • Microsoft Active Directory (native mode) • LDAP (Active Directory, Sun iPlanet, etc.) • RADIUS (Windows NT, ACE, etc.) Single Sign-on Adapters • Forms-based single sign-on for Web authentication products like Netegrity SiteMinder and RSA ClearTrust • HTTP basic authentication (IETF RFC 2617) forwarding • Windows Domain SSO (Connect only) • NTLM for Microsoft Web servers Access Control Options • User and group (handles users in multiple groups) • Source IP and network • Destination network • Destination URL • Service/Port, such as FTP, HTTP (OnDemand and Connect only) • Day, date, time and range • Browser encryption key length multi-port, dynamic port, including standard Internet e-mail protocols, native e-mail protocols, terminal emulation protocols, and terminal services) Encryption • Configurable session length • • Ciphers: DES, 3DES, RC4 • • Hashes: MD5, SHA End Point Control • Aventail Host Interrogator • Aventail Cache Control (data protection) • Aventail Secure Desktop (advanced data protection) • Sygate On-Demand (data protection and host integrity) Passive- and activemode FTP Windows Networking Support (Windows GINA support, drive mapping, password change notification, login scripts) MANAGEMENT & ADMINISTRATION • ASAP Management Console: Web-based management • Secure Shell (SSH) support • Leverage Aventail-prepared report templates to create standard auditing and management reports AVAILABILITY (EX-1500) • Support for high-availability 2-node clusters with built-in load-balancing and stateful authentication failover • EX-1500 Dimensions: 16.9” W x 1.7” H x 23.9” D (43cm W x 4.3cm H x 60.9cm D) • EX-750 Dimensions: 17" W x 1.71" H x 15" D (43.18cm W x 4.34cm H X 38.1cm D) • WholeSecurity Confidence Online Enterprise Edition (malware and Trojan scanning) Auditing • User/Group MARKET LEADERSHIP • Source IP address and port Awards and Reviews • Zone Labs Integrity Clientless Security (malware and Trojan scanning) • Destination IP address and port APPLICATION SUPPORT • Browser-based access: • Date/time Web File Access: SMB/CIFS, DFS • OnDemand (Java applet access): Any TCP-based application (single port, multi-port, dynamic port, including standard Internet e-mail protocols, native email protocols, terminal emulation protocols, and terminal services) • • Passive-mode FTP Integration with Java applets and ActiveX controls • • Connect (Windows client) Any TCP- or UDP-based application (single port, • • EX-1500: Output power 350W • EX-750: Input voltage 100 (5A)/240 (2.5A) VAC PFC auto-switching MONITORING & REPORTING • • EX-750: Non-operating shock 50g,11msec CHASSIS • 1U rack-mount form factor • Norton and McAfee antivirus detection Web-based: HTTP/HTTPS, DHTML/HTML, JavaScript, VBScript POWER • EX-1500: Input voltage 120 (5.5A) / 240 (2.76A) VAC auto-switching • Support for load-balanced arrays using standard external load balancers • Directory browsing and connection testing • • EX-750: Operating temperature 0º - 50º C • EX-1500: Power supply MTBF100,000 hours at 35°C (95°F) • Integrated personal firewall detection from Zone Labs, Sygate, and Microsoft XP SP2 firewall • Serial console access • EX-750: Two 10/100 Base-T Ethernet NETWORK • EX-1500: Two 10/100/ 1000 Base-T Ethernet • Bytes processed • EX-750: Output power 200W • EX-750: Power supply MTBF 100,000 hours at 40° C ENVIRONMENTAL • EX-1500: Operating temperature 5ºC to 35ºC (41ºF to 95ºF) • EX-1500: Non-operating shock 50g,11msec • Leader status in industry evaluation REGULATORY APPROVALS Emissions • EX-1500: FCC Class A, CISPR 22, EN 50 022, EN 55 024,VCCI Class A (ITE), ICES-003, AS/NZS 3548 • EX-750: FCC pt 15, EN55022 and EN50024 • EX-750: VCCI Safety • EX-1500: UL 1950 - CSA 950-95, EN 60 950, IEC 950, EMKO-TSE (74SEC) 207/94 • EX-750: CAN/CSA C22.2 No. 60950-95, UL 60950-1Third Edition, CB Scheme • Strongest Pure Play • Best Secure Remote Access Gateway • URLs accessed • Authentication method Certifications Logging • Support for central SYSLOG server • W3C Common Log Format • SOCKS5 Log Format (OnDemand and Connect only) Monitoring • View logs and performance information via the AMC WHO RELIES ON AVENTAIL? Customers • User connection monitoring • Event alarms • SNMP integration including Aventail-specific SNMP MIB Reporting • Support for Crystal Reports and other leading reporting formats Service Providers ©2004 Aventail Corporation. All rights reserved. Aventail, Aventail ASAP, Aventail Cache Control, Aventail Connect, Aventail End Point Control, Aventail EX-750, Aventail EX-1500, Aventail OnDemand, Aventail Secure Desktop, Aventail Smart Access, Aventail Unified Policy, and their respective logos are trademarks, registered trademarks, or service marks of Aventail Corporation. Other product and company names mentioned are the trademarks of their respective owners. DS-4059-0904/7