Nokia strengthens remote device security and
application support in latest SSL VPN offering
Nokia has announced the expanded security and access capabilities of
Nokia Secure Access System (Nokia SAS), the company's virtual private
network (VPN) solution leveraging ubiquitous Secure Socket Layer (SSL)
Nokia's latest SSL VPN solution gives enterprise users the access they
need, while providing IT administrators stringent security controls. In
the past, the balance of access and security was viewed as a trade-off for
one group or the other, but the latest SSL VPN offering benefits both end
users and IT administrators.
Nokia's SSL VPN offering provides virtually anytime, anywhere secure
remote access to email, personal information management (PIM) data,
corporate intranets and applications from public Internet kiosks,
terminal, laptop or wireless device.
Nokia Secure Access System 3.0 offers Network Extension functionality with
a new feature named Secure Connector. Secure Connector provides
network-level access from the user's remote device back to the corporate
IT infrastructure. With network-level access from the remote device, the
user has comprehensive access to business applications and data, as well
as access to network services.
"Nokia is meeting the demands of the mobile workforce in our latest
SSL VPN offering by giving IT managers and mobile workers the security,
flexibility and transparency needed to access to sensitive corporate
data," said Elie Habib, senior vice president, Security and Mobile
Connectivity, Nokia Enterprise Solutions.
"The addition of our Network Extension feature, Secure Connector,
combined with Nokia SAS's performance, reliability, and manageability make
it an easy and effective way for companies to leverage the benefits of
secure mobility to operate and grow their business."
Secure Connector features enhanced application support, real-time
anti-virus monitoring, and split-tunneling control, enabling IT
administrators to extend the network while minimizing risk from malware
that propagates over the network. Secure Connector also includes encrypted
data storage/vault capabilities, a feature well suited for tightly
regulated industries where the demand for security is high.
The Secure Connector client is downloadable from the Nokia SSL VPN gateway
and installed by the user on the remote device the first time the device
is used. Once installed, the IT administrator can manage all client
configurations and updates from the Nokia SSL VPN gateway.
"We chose Nokia's SSL VPN product after a comprehensive evaluation of
other products in the marketplace. We focused on a product that offered
strong features, reliability, support capabilities, and a strong brand
name. Nokia earned top marks for all our requirements," said Mr.
Akira Tochigi, general manager, sales and marketing of strategy, JENS
Corporation, a Japanese value-added Internet service provider.
"In our evaluation, we found that Nokia was the pioneering company
that offered the market-leading security features and product reliability
we need. We are pleased that Nokia's SSL VPN product will provide us with
the superior service our customers require."
Secure Connector is supported on devices running Microsoft Windows NT4,
2000 and XP. Since an actual client is installed on the remote device,
Secure Connector does not require a specific web browser to launch the
feature. Once logged in from the client, all applications including all
supported web browsers can be utilized.
Secure Connector Features
- Enhanced application support with layer 3 functionality
Secure Connector supports virtually all IP-based applications. Traffic
over an SSL connection is encrypted, allowing an end-user to safely
utilize applications and web resources as if they are in the office.
- Real-time AV Monitoring
Secure Connector includes a real-time Anti-Virus monitoring capability.
Using this feature, the IT administrator can require the remote device to
be running a specific Anti-Virus package.
If the Anti-Virus engine is turned off, shutdown, or detects a virus
during an active remote session, Nokia SAS stops all traffic for the
particular session and puts it in a "captive" state. The
automatic quarantine of the remote session minimizes any risk the remote
session may pose to the enterprise network.
- Split Tunneling Control
Secure Connector controls split tunneling. With split tunneling, all
traffic to and from the remote device can be routed through the enterprise
network. With Nokia SAS, the IT administrator has the flexibility to
enable or disable this capability as needed.
- Encrypted Data Storage/Vault
Secure Connector allocates an encrypted storage area on the remote device.
Remote users now have a secure area to store enterprise data without
worrying about the security of important information from device theft
and/or unauthorized user access. The encrypted information is only
accessible while connected to Nokia's SSL VPN gateway.
As with previous versions of Nokia Secure Access System, the new features
in 3.0 are available with the purchase of Nokia Secure Access appliances
without additional license fees. Existing customers with software
subscription or other support offerings can download version 3.0 at no
Nokia Secure Access System 3.0 also includes the following industry
- Secure Workspace, a clientless feature whereby a separate work
environment is created on laptops, home PCs, public kiosk terminals or
other remote access devices to safeguard data created in a secure session.
- High Availability mode, allowing Nokia Secure Access System to be
deployed and configured so that in the unlikely event of an appliance
failure, a second appliance automatically takes over where the first left
off with little interruption to users.
- Configuration Replication, which further simplifies the
management of multiple gateways and high availability pairs by allowing
administrators to define a managed group of gateways and automatically
synchronize any changes to the configuration or user preference setting
made on one gateway to all other gateways in the group.
- Client Integrity Scan, which performs a customizable
vulnerability check on users' devices to establish the level of trust and
the user's identity, and then automatically adjusts access privileges
- Advanced Access Control, which dynamically adjusts access
privileges based on the user's identity, the device being used, and the
security of the device at time of access, enabling IT departments to roll
out cost-effective remote access services based on SSL, while ensuring the
corporate security policy is enforced.
- Session Persistence, which allows users to resume work without
losing data if an SSL session times out, ensuring high end-user
productivity while adhering to enterprise security policies.
- Global functionality, which provides simultaneous support of
multiple languages from a single gateway appliance including support for
most international character sets. Currently supported languages include
English, Japanese, German, French, Spanish, Brazilian Portuguese, Korean
and Simplified and Traditional Chinese.
Nokia Secure Access System combines Nokia software with its purpose-built
appliance hardware, secure operating system (IPSO) and systems management
- complementing an existing portfolio of IP security appliances and
enterprise Mobile Connectivity solutions. Nokia Secure Access System 3.0
is also supported by Nokia's world class, SCP certified "First-call
Final-Resolution" global service and support team.
Nokia Secure Access System 3.0 is available globally as of November 2004.