4. Poslovne posledice 95% vašega mrežnega prometa bo prihajalo izven zasebne mreže, katero poskušate zaščititi 1997: Mrežno območje 2008: Območje virov Interni uporabniki Potujoči managerji Podaljšan delovnik Zaposleni na javnem terminalu Stranke ali dobavitelji za požarnim zidom VOIP uporabniki Zaposleni z brezžično točko PDA uporabniki Poslovni podatkovni centri Stranke ali dobavitelji Oddaljen dostop Zunanji uporabniki Poslovni podatkovni centri
7. Odgovor je nadzor oddaljenega dostopa Naprave nadzora dostopa z SSL-om so ključ doseganja nove arhitekture Connect users securely and easily to applications on any device Connect Zaščita Zaščita a plikacij z postopnim nadzorom dostopa, temelječim na identiteti uporabnika in integriteti naprave Detect what is running on the end point device Detect Kontroler oddaljenega dostopa Povezava u porabnikov varno in preprosto, do aplikacij iz katerekoli naprave Povezava Zaznava , kaj teče na končni točki naprave, iz katere dostopamo Zaznava Spletne aplikacije Klient/server aplikacije Dokumenti v skupni uporabi Baze podatkov VoIP Aplikacije Direktoriji Podatkovni centri LDAP LDAP AD RADIUS Poslovni partner iz kateregakoli brskalnika Stranka ali dobavitelj za požarno pregrado Potujo či zaposleni Podaljšan delovnik Uporabniki na kiosku Uporabniki na brezžični točki PDA uporabniki VOIP uporabniki Interni uporabniki Kontroler oddaljenega dostopa
9. Aventail platforma nadzora oddaljenega dostopa Zaznava Poveže Zaščiti Aventail Smart Access & Smart Tunneling je transportni mehanizem v NAC, ki omogoča preprost in varen dostop uporabnikov do mrežnih virov Aventail End Point Control zazna identiteto in varnostno stanje končne točke oziroma naprave Aventail Unified Policy je uveljavljen pogon, ki zagotavlja, da je dostop naprave nadzorovan in da uporabniki dostopajo le do dodeljenih virov Preprosto za uporabo . Preprosto za nadzor . SSL VPN lahko...
10.
11.
12.
13.
14.
15.
16.
17. WorkPlace Access : Enoten prehod za identično uporabniško izkušnjo ob dostopu do klientno-strežniških ali spletnih aplikacij s centraliziranim upravljanjem in varnostjo https://myhomepage.mycompany.com Povezava Pameten dostop za neupravljane naprave
18. Connect Access: Agent, enostaven za upravljanje in distribucijo, za popoln dostop za Windows, Macintosh, Linux in Windows Mobile naprave ter “pisarniško” izkušnjo za uporabnika Povezava Pameten dostop za upravljane naprave Strežniške aplikacije za tanke kliente Tradicionalne strežniške aplikacije Web aplikacije File Shares
19.
20.
21.
22. Aventail SSL VPN naprave EX-2500 EX-1600 EX-750 Za velike organizacije z več tisoč oddaljenimi uporabniki ; podpora za do 2.000 sočasnih uporabnikov Za srednja in večja podjetja; podpora za do 250 sočasnih uporabnikov Manjše organizacije ali oddelke; podpora za do 50 sočasnih uporabnikov Vgrajena visoka razpoložljivost za do 2 enoti (nods) z integriranim load-balancingom; možnost uporabe zunanjega load-balancing sistema za do 8 enot Podpora visoki razpoložljivosti (do 2 enoti) z integriranim load-balancing sistemom Stroškovno učinkovita rešitev za samostojno uporabo, ki vsebuje vse prednosti Avetail SSL VPN tehnologije
26. Izbrane Aventail stranke Storitve Več kot 2,5 milijona svetovnih uporabnikov se zanaša na Aventail rešitve Tehnologija Ostale branže Zdravstvo Javni sektor Proizvodnja Finance in storitve zavarovanja
Key Points: - More people are accessing from more, increasingly public places than ever before. “ I’ve got executives that want access to Citrix from home.” “ My business partners need access to more systems every day.” - And they are using devices that weren’t even on your radar two years ago. - Users are harder and more expensive to manage because they don’t all use corporate-issued laptops or desktop computers
Object of this slide: Show how the corporate network is evolving drastically, requiring a new way to look at secure communications Key Points : An increasing number of connections using corporate resources are coming from public networks, not from inside the private LAN. And its not just employees, but connections between customers, partners, teleworkers, as well as mobile employees. Today maybe 45 percent come from outside the LAN. In the not so distant future, that number will increase to 80 or 90 percent. So, the “internal” corporate LAN as we know it today will not exist. Already, the LAN can not be protected, as laptops move in and out of the perimeter, and the most dangerous attacks on our network actually come from inside the LAN rather than outside the LAN. Rather than trying to build an ever more secure perimeter, enterprises should maintain a secure perimeter around the application data center and secure communications between the user and the network resources and applications they need to access. While the perimeter for course-grained network protection doesn’t disappear completely, a new perimeter is formed further inward around the back office systems.
Optional slide
Optional slide
Object of slide : Details how EPC detects device type, identity, and integrity. Key Messages: Only Aventail® End Point Control™ (EPC) lets you enforce granular access control rules for Windows, Windows Mobile, Macintosh, and Linux end-point environments—before user authentication. EPC identifies the device as IT-managed or unmanaged. EPC checks for key criteria such as mapped directories, domains membership, device certificates, or resident files, EPC combines pre-authentication interrogation to protect from keystroke loggers and other malware, as well as confirming end-point criteria like antivirus updates.
Object of slide : Reviews additional Detect features Key Messages: Should an end-point device be lost or stolen, Device Watermarks allow rapid and simple access revocation, based upon detection of client certificates on the end point. Aventail offers advanced data protection through Aventail® Cache Control™ and Aventail® Secure Desktop™, which creates a virtual encrypted environment that prevents sensitive information from being left behind on unmanaged devices such as kiosks. Only Aventail provides End Point Control device interrogation and Policy Zones for Windows, Macintosh, Linux, and Windows Mobile devices
Object of slide : Unified Policy streamlines policy management to easily protect resources Key Messages: Remote access control management is simplified with Aventail® Unified Policy™. This extensible object-based policy model consolidates control of all Web resources, file shares, and client-server resources in a single location. This lets you quickly set policy with a single rule across all objects, so that policy management can take only minutes instead of the hours it takes with other VPNs. The Aventail® Management Console™ provides a rich, centralized set of reporting and monitoring capabilities for auditing, compliance, management, and resource planning. Visual tools provide real-time information on system state, and give you direct, intuitive options for managing all system objects.
Object of slide : Key Messages: Smart Tunneling allows granular bidirectional access control policy for back-connect applications like VoIP and remote help desk Groups can be populated dynamically, based on RADIUS, LDAP, or Active Directory authentication repositories. Dual/stacked authentication allows administrators to combine two different authentication methods together, for added authentication security or capturing credentials for SSO to downstream applications. Offers robust authentication support and Single Sign-On (SSO) support for most applications.
Object of slide : Key Messages: Smart Tunneling allows granular bidirectional access control policy for back-connect applications like VoIP and remote help desk Groups can be populated dynamically, based on RADIUS, LDAP, or Active Directory authentication repositories. Dual/stacked authentication allows administrators to combine two different authentication methods together, for added authentication security or capturing credentials for SSO to downstream applications. Offers robust authentication support and Single Sign-On (SSO) support for most applications.
Object of slide : Key Messages: Smart Tunneling allows granular bidirectional access control policy for back-connect applications like VoIP and remote help desk Groups can be populated dynamically, based on RADIUS, LDAP, or Active Directory authentication repositories. Dual/stacked authentication allows administrators to combine two different authentication methods together, for added authentication security or capturing credentials for SSO to downstream applications. Offers robust authentication support and Single Sign-On (SSO) support for most applications.
Object of slide : WorkPlace Access features and benefits Key Messages: Aventail® WorkPlace™ provides out-of-the-box clientless browser access to Web and client/server applications and file shares from Windows, Windows Mobile, Macintosh, and Linux unmanaged devices, including home computers, public machines, smartphones, and PDAs. Aventail Smart Access is faster and easier because it automatically and transparently delivers the right access method Allows customers to customize their own personal bookmarks to frequently-used resources. The Aventail Secure Mobile Access Solution is the market’s first SSL VPN to provide one gateway for all access Aventail extends its everywhere access to Smart Phones and PDAs with the most complete SSL VPN for mobile devices. .
Object of slide : Connect Access features and benefits Key Messages: Aventail® Connect™ adds a Web-delivered thin client on the same broad range of platforms for managed devices for a complete “in-office” experience. Aventail® Connect Mobile™ provides “in-office” access for Windows Mobile PDA users.
Object of slide : Introduce Connect Tunnel Service Edition Key Messages: Connect Tunnel Service Edition allows scheduling of application-to-application access for Windows Servers, Windows XP desktops, and branch office applications.
Object of slide : Additional Connect features and benefits (see earlier Connect slides) Key Messages: Smart Tunneling allows granular bidirectional access control policy for back-connect applications like VoIP and remote help desk NAMs: Supports Citrix applications and Windows Terminal Services sessions over SSL VPN Access to server-based sessions without any additional configuration Easy seamless user experience to all Citrix applications from a single portal link Support for load-balanced Citrix farms HAMs: Integrates AttachmateWRQ Reflection for the Web terminal emulation Users can directly access host-based applications via a simple applet download Supports a wide range of host-based application platforms, including IBM® mainframe (zSeries) via TN3270; IBM AS/400® (iSeries) via TN5250; and UNIX®, OpenVMS, and Linux via Telnet or SSH
Object of this slide: Show how the corporate network is evolving drastically, requiring a new way to look at secure communications Key Points : An increasing number of connections using corporate resources are coming from public networks, not from inside the private LAN. And its not just employees, but connections between customers, partners, teleworkers, as well as mobile employees. Today maybe 45 percent come from outside the LAN. In the not so distant future, that number will increase to 80 or 90 percent. So, the “internal” corporate LAN as we know it today will not exist. Already, the LAN can not be protected, as laptops move in and out of the perimeter, and the most dangerous attacks on our network actually come from inside the LAN rather than outside the LAN. Rather than trying to build an ever more secure perimeter, enterprises should maintain a secure perimeter around the application data center and secure communications between the user and the network resources and applications they need to access. While the perimeter for course-grained network protection doesn’t disappear completely, a new perimeter is formed further inward around the back office systems.
Object of this slide: Highlight the key differences between the EX-2500, EX-1600 and the EX-750 and use information to target audiences Key messages: Aventail’s appliances are priced competitively for companies of every size, whether you have 25 users or thousands. Unlike competitors, only Aventail includes with all of its appliances the capabilities required to enable complete application access via the Web EX-2500 For enterprises with hundreds or thousands of remote access users. You need high availability to ensure anytime access to critical applications. The EX-2500 offers: Clustering and high availability (HA) support, with up to 8 nodes of externally sourced HA 2 nodes for internal HA with integrated load balancing Supports up to 2,000 concurrent users EX-1600 For growing midsize companies, an enterprise department, or a remote facility; supports 25 to 250 concurrent remote access users who need anytime access. The EX-1600 offers: Clustering and high availability (HA) support for 2 nodes, with integrated load balancing Supports up to 250 concurrent users. EX-750 For small to mid-size companies, an enterprise department, or a remote facility; supports up to 25 concurrent remote access users. The EX-750 offers: The advantages of Aventail’s proven, secure, and easy-to-manage SSL VPN platform at a lower cost. A cost-effective unit intended for standalone use. An ideal solution if your user base will not grow beyond 25 concurrent users.
Optional slide
Object of this slide: Show how the corporate network is evolving drastically, requiring a new way to look at secure communications Key Points : An increasing number of connections using corporate resources are coming from public networks, not from inside the private LAN. And its not just employees, but connections between customers, partners, teleworkers, as well as mobile employees. Today maybe 45 percent come from outside the LAN. In the not so distant future, that number will increase to 80 or 90 percent. So, the “internal” corporate LAN as we know it today will not exist. Already, the LAN can not be protected, as laptops move in and out of the perimeter, and the most dangerous attacks on our network actually come from inside the LAN rather than outside the LAN. Rather than trying to build an ever more secure perimeter, enterprises should maintain a secure perimeter around the application data center and secure communications between the user and the network resources and applications they need to access. While the perimeter for course-grained network protection doesn’t disappear completely, a new perimeter is formed further inward around the back office systems.
Object of this slide: Show how the corporate network is evolving drastically, requiring a new way to look at secure communications Key Points : An increasing number of connections using corporate resources are coming from public networks, not from inside the private LAN. And its not just employees, but connections between customers, partners, teleworkers, as well as mobile employees. Today maybe 45 percent come from outside the LAN. In the not so distant future, that number will increase to 80 or 90 percent. So, the “internal” corporate LAN as we know it today will not exist. Already, the LAN can not be protected, as laptops move in and out of the perimeter, and the most dangerous attacks on our network actually come from inside the LAN rather than outside the LAN. Rather than trying to build an ever more secure perimeter, enterprises should maintain a secure perimeter around the application data center and secure communications between the user and the network resources and applications they need to access. While the perimeter for course-grained network protection doesn’t disappear completely, a new perimeter is formed further inward around the back office systems.
Object of this slide: Demonstrate credibility, market leadership position and experience in prospect’s industry Key messages: Aventail customers include many top global companies, in a wide range of industries.
Object of this slide: Give credibility to Aventail’s leadership positioning and reinforce key company differentiators Key messages: Focused on SSL VPNs Aventail concentrates only on SSL VPN solutions Aventail was the pioneer of the SSL VPN, shipping the first product in 1997 Years of analyst recognition as a leading SSL VPN product company Named in the Leader Quadrant in Gartner’s Magic Quadrant report for the fifth time No other SSL VPN vendors can claim the experience at scale we’ve acquired supporting many thousands of users for every major service provider Market validation: leading service providers, customers, technology partners, and channel partners rely on Aventail The only SSL VPN widely adopted by major service providers including MCI, AT&T, IBM, and Sprint Over two million users globally rely on Aventail’s appliances Sales and service operations in 75 countries